It's not anti-freedom. It's just pro-ease-of-use and it's easier to guarantee a quality experience when there are less unknowns and less variables to account for. When everyone is using the same device with the same software, it's much easier to guarantee a great experience.

I see your point, but: That's not an excuse, that's an explanation. It is anti freedom whether that's their end game or not. I don't really care about Apples motives, I care about the product.

Really, Apple is anti Nothing and pro only one thing: money. Everything else is a corollary. Including ease of use, freedom, and privacy. It's just that those things do matter to me (and GP).

What's an example of a common use case in which Apple is anti-freedom in your opinion?

Not being able to unlock your phone or sideload programs. I don't accept the "we know what's best for you" argument. They could have allowed jailbreaking and added huge warnings.

Apple allows you to 'sideload' apps as long as you get a (free) developer account.

Can you with jailbreaks?

Yes, but Apple doesn't points for those, they actively oppose them.

Presumably they're talking about the App Store walled garden.

Web browser engines. Default apps.

It is anti-freedom, in the sense that all apps are censored under Apple's own rules. They specifically said that apps do not constitude free speech.

That is objectively untrue. Every system that has allowed sideloading of apps has been compromised by that very feature.

"Every society that has been allowed to drive cars has had car accidents."

I know the risks, I want to do it anyway. I don't want a nanny over my head.

That may be a better analogy than you intend. The problem with cars is that everyone suffers the consequences of your driving. In fact, you may have the least exposure to the carbon monoxide, pollution, or even accident risk. Pedestrians, cyclists, property owners, and other drivers are all at risk of your driving.

For that reason, societies tightly regulate car ownership and driving. More so than phones: I don’t need a license to use a phone, nor do I have to register my ownership or have it regularly inspected.

But technology these days has this same characteristic: Others bear the costs of your decision. Every device connected to the internet is a DDOS vector.

I don’t want you deciding whether to keep your device up to date with the latest security patches, because if you (and a few million others) don’t, GitHub is down for me.

So, are you doing the responsible thing and not using a laptop, or any device that's vulnerable, like a router?

Bear in mind that the vast vast majority of apple's customers have 0 interest in sideloading apps- if you're apple it makes a great deal of sense to trade off security for the masses against a few power users who can't sideload apps occasionally here and there

A compromise doesn't affect you, it affects Apple and the app developers. iOS has the best apps because it has people buying them instead of everyone and his brother pirating.

Anyway, if you don't want to deal with how an iPhone works, how about buying a different phone.

But can ruin your privacy guarantees.

How? Sideloaded apps would still be sandboxed.

It's more than just sandboxing: Apps going through the App Store have to meet a stringent set of requirements, chiefly being no private API usage, no circumvention of features intended to give the user control/privacy, and no third party web engines (and all the performance and security implications that come with those). Apple regularly rejects apps that violate the first two, and while I'm sure some get through they tend to get buried by scores of more legitimate alternatives. Sideloaded apps get to bypass all of this.

If they ever do offer sideloading/gatekeeper, it should be turned off by default and turning it on should make the risks crystal clear with a scary alert and passcode prompt. Average folks should be heavily discouraged against using it. Gatekeeper works on the Mac, but iOS devices are both far more numerous and far more personal, so the stakes are much higher.

Apple's checks are not very deep. They suffice to keep honest people honest but do little against an actual adversary.

The number of safeguards they have in place make that a moot point. If it's not discovered in testing, it's sandboxed. If it gets past the sandbox, they have a killswitch that's registered to the app's specific ID. There's very little damage that an app can do if it's gone through the App Store proper.

That could be done for sideloaded apps too.

Sideloaded apps, by definition, are not tracked individually by Apple. You can't make a killswitch for an app if you don't know what the app is.

And yet the Mac has a malware killswitch. Clearly it can be done.

Source? The Mac only has the ability to prevent unsigned apps from being installed which is easily disabled. There's no killswitch for unsigned apps.

Sideloaded apps make attacks on non-sideloaded stuff a lot easier.

Not to sound like a broken record, but, how?

Actually you don't even need to pay for it these days. Free Apple Developer accounts can side load apps through Xcode

You don't even need Xcode. You can do it fine on windows or linux using cydia impactor[1]

1: http://www.cydiaimpactor.com/

Only for seven days at a time though, no? Either way, that affectively means anybody can sideload if they have a Mac.

You need to pay for the Mac to use Xcode though...

Correct. You need to own a computer to run computer software.

An Apple computer. To run Mac software. That's what you probably meant.

You don't have to own an Apple computer to run Mac software, so your statement is factually false and his isn't.

Legally.

No, you need to own an Apple computer to install things on your phone. I don't need a computer to install APKs on Android.

No, you don't need an Apple computer to install an IPA anymore than you need a computer to install an APK. Let's stop comparing Apples and Oranges shall we? You need a computer to compile and sign an IPA, the same thing you need to compile and sign an APK.

> You need a computer to compile and sign an IPA, the same thing you need to compile and sign an APK.

You can compile and sign (and, AFAIK, upload to the Google Play Store) an APK on an Android device, using AIDE and perhaps other dev toolkits. No computer needed.

Unfortunately in the device world you have to pick one over the other. The more open a device is the less it can protect your privacy. We haven't yet seen a device that can do both.

I believe you got it backwards. When the device is open, it can protect one's privacy. The problem is, we don't have open devices.

I mean, tha hardware is not open, so developers can't generally implement any proper secure boot schemes (starting from a trusted bootloader), and can't generally control what goes on in the radio modules. Because there are no devices that have those parts open (or I'm unaware of something I want to buy?), there's no security/privacy possible.

Apple can provide privacy there because they're damn huge and they can purchase or design any hardware they want, fully documented to the last every single logic gate. An average free software developer can't.

As for the userland - I believe there are AOSP derivatives + 3rd party apps that result in a reasonably good privacy and security experience.

You can compile and run your own software on the device. You can jailbreak it to get the same results. You also have access to the entire internet which should allow you to do nearly any kind of development you want to do and use the browser in your phone as a UI the same as any other computer.

The only part of their ecosystem that has major restrictions is the App store. Which kind of makes sense as that's one of the few ways in which someone other than Apple could completely trash their platform and make alot of Apple's customers unhappy.

I'm not saying your "anti-freedom" point is completely invalid, but it's really not a major concern for most tech-savvy people, IMO.

You can't run a mass maket open platform without security or privacy issues as Users will install things that cause problems.

...and IMHO those "security or privacy issues" are an acceptable cost of freedom, the same way that I see crime in general: no one wants to be a victim, but you can see that, as long as crime still exists, so does freedom. If no one can do "bad things", then everyone has already had the essence of life taken out of them. I wrote this comment a few months ago when (almost) everyone was wondering what could be done, in the wake of a massive malware attack:

https://news.ycombinator.com/item?id=14339031

More timely, the WTC attacks 16 years ago marked another notable event whereafter great freedom was lost in the name of safety.

As that old saying goes, "Those who sacrifice freedom for security deserve neither."

As I mentioned in a sibling comment, and it's almost ironic thinking about it, this "freedom for security" tradeoff we're making here is not what it seems.

I see your point in the context of e.g. WannaCry and WTC attacks emboldening authoritarians, however this privacy move we're discussing is actually an anti-authoritarian move. It gives the user more privacy and more freedom.

Advocating more lax privacy/security in this case is siding with authoritarian tendencies.

Apple is only shifting the authority to itself. They still have the signing keys and control what you can or cannot do with the device you "purchased".

In that vein, it would be awesome to see some base open sourced ala Darwin. Even if all it did was drop your iPhone into a command prompt after boot it would be enough.

That argument is more reasonable if users had no platform choice. A cellphone can track your location and listen in on your conversations so you may reasonably want more security than say a PC.

otoh the pro-privacy approach they're taking also increases freedom, such as in the use-case this article is about. Which imo is probably a more tangible freedom to many than the ability to hack around iOS devices or the idea that the app store isn't free.