Only Facebook makes the Facebook app, and I find it extremely easy to imagine a Facebook app that can only be sideloaded, so that Facebook can bypass the restrictions put in place by the App Store.
For instance, Apps are currently not allowed to degrade functionality if the user says no to a permissions request (e.g. location tracking).
Facebook has actually done this before with their Onavo VPN that intercepted all your web traffic in exchange for something like a $5 gift card every month. Distributed publicly using their internal enterprise certificate and got their cert revoked.
Perhaps, but what I was emphasizing was that on iPhone such apps will likely not come pre-installed; neither by Apple (vs e.g. Samsung) nor by a carrier because I seriously doubt Apple would allow that.
Instead, what Apple is doing is finding a new balance that appease those who are attacking the legitimacy of the App Store (and its toll booth) while in practice the vast majority of iPhone users will retain their privacy.
> Perhaps, but what I was emphasizing was that on iPhone such apps will likely not come pre-installed; neither by Apple (vs e.g. Samsung) nor by a carrier because I seriously doubt Apple would allow that.
If Facebook is willing to pay to have their app preinstalled, unremovable, and granted root permissions on Android, why in the world wouldn't they be willing to force users to sideload their app on iOS?
Why in the world does it matter? If Facebook wants to use the iOS sideloading scene to promote organ harvesting or whatever, we use that to sue them. From the outside-looking-in, it seems like another one of those hissy-fit scenarios where Apple's petty disagreement with other companies actively reduces the capability of their devices.
Sue them for what? Gathering user data that users gave an explicit permission to gather?
Previously, the app devs wouldn't be able to, for example, lock out the entire app from being used, just because you didn't give them permissions for something that isn't vital for the app to function (e.g., location tracking or photo gallery). App Store rules prohibit that behavior, and those apps get rejected.
Sideloading would allow FB and others to do that and more, since they won't need to follow App Store rules anymore. And I don't think there is anything illegal about them doing it.
I don't use the Facebook app. I hardly ever use FB, anyway (I am an admin on a user group for an OSS project I authored), but their app is a well-known nightmare.
I use their Web interface, which, I suspect, they deliberately cripple, in order to try forcing me to use their app.
I wanted to check fb messenger on my phone for a marketplace thing so I logged into the website: wouldn’t let you look/ pushed you to the app and I couldn’t flip it into desktop mode
They don't speak of the security model. But the compliance model, ie. "you can't block the entire app until the user enables precise 'always' location tracking".
But in terms of security, every jailbreak since ~iOS 8 besides checkm8 has been via a third-party app breaking out of the sandbox. The ramifications for shipping an exploit chain like this via the built-in app store is going to be extreme (possibly being blacklisted from iOS), but a sideloaded app can run such an exploit chain in the background (to install spyware if the user isn't on the most up-to-date version of iOS) with no consequence.
Facebook could pull Instagram and tell users to visit Instagram.com.
They can now block some/all of the app based on whether or not you've enabled location tracking.
And malware on macOS works different because macOS doesn't have the same security model as iOS. macOS apps can access large parts of the system after one or two security prompts, and Apple has gone on record that this is not the security level they want for iOS[0].
I guess you could mean that Apple would do notarization, but I can assure you that enough third parties would still fight Apple in court/via lobbying to remove all of Apple's oversight over app approval.
For instance, Apps are currently not allowed to degrade functionality if the user says no to a permissions request (e.g. location tracking).