In today’s article, I’d like to talk about the pros and cons of sideloading, playing devil’s advocate, offering a counter-argument and finally a possible solution to allow it in a secure fashion.

Craig Federighi, Apple’s current Senior Vice President of Software Engineering said in the Web Summit 2021: “Sideloading is a cybercriminal’s best friend”.

The shocker

When I first read this, out of context, I got very dystopian vibes. I thought to myself, “Is this what Apple thinks? That I’m a criminal if I sideload?”, if they thought that, this would be terrible, it would be the dystopian way to think that many technical people, including myself, fear. Remember how the music industry said: “MP3 is a crime”? Yes, MP3 music files. It’s absurd!

The clarification

But then I watched the talk, and was relieved that what he actually meant was that, cybercriminals often abuse side-loading to trick users to install malware.

Now, while what he said is not wrong, there’s a lot to unpack here since the whole thing is more nuanced, and I will have to play devil’s advocate for a moment, before proceeding to some counterarguments, and even providing a possible solution on how to allow sideloading but with security in mind.

Playing devil’s advocate

If you’re technical like me, you probably use side-loading yourself, be it on your phone, your tablet, or computer.

And if you’re technical like me, you’re probably the one that your friends and family call for help when “something isn’t working”.

I’ve seen the following scenario multiple times with Windows users:

They saw some advertisement on some website, that lied to them by saying something similar to:

  • “You got 839 viruses, click here to download antivirus!”
  • “Download FREE PC cleaner for speed!”
  • “Download faster with this!”

You get the idea, making up a problem, promising some solution or benefit, to try to trick them into installing (sideloading) malware.

Now, not all of them admit to having clicked on something like that, it’s usually “I did nothing, I swear!”, either because they genuinely don’t see the connection and don’t know better, or because they are ashamed to admit it. But some do reveal, “I clicked this thing on a website”.

As a technical person, talking solely from my perspective, I’d welcome sideloading on iPhone, however, it would be foolish to decide this for others based on my own needs and skill set. Just because I can’t get tricked, doesn’t mean others won’t.

So, you can see how the argument against sideloading is not pulled out of thin air, there’s definitely some truth to this, but that’s not the full story.

The counterargument

But, of course, there’s more to this than the security aspect. There’s actually a conflict of interest for Apple.

You see, currently, Apple controls all aspects of App distribution on iPhone and iPad. Apple has essentially a monopoly: Apple dictates what App can make it into the store or not, Apple dictates how much of a cut they get from each sale, Apple dictates the payment platforms that may be used (hint: It’s solely Apple Pay / in-app purchases, increasing how much they make), Apple dictates that outside payment methods are not allowed, Apple dictates many things.

If you are a developer or publisher and don’t play by Apple’s rules, your App gets kicked out of the store, meaning you lose in sales or reach, but you don’t want that, so you play along and follow the rules. Apple essentially owns the platform and has full control, too much control.

In short, this means three things:

  1. Apple controls a big chunk of the market and money flow, and gets a nice cut.
  2. Developers and publishers are heavily limited in what they can do, a lot of freedom is lost.
  3. You don’t own your device anymore, at least not truly.

But then again, about the second point, Apple did also use their power for good, remember how Facebook got really upset with Apple about enhanced privacy on the platform? If Facebook got upset, it must have been a good thing, right? :D

The points

But as you can see, there are multiple perspectives here, each with their pros and cons.

  1. That side-loading can be used to install Malware is definitely true, but
  2. Apple has too much control over the platform,
  3. yet sometimes that control can be used for good, but
  4. overall, it takes a lot of freedom away, too.

So, I’m not here to tell you what “side” to take, I think all these points are valid, and it’s up to the people to weigh them.

Thinking for myself, I’d want sideloading, thinking of the general population I’m not so sure anymore, but then when thinking about how Apple has too much control… You get the idea.

A possible solution

Now, what if we can enable side-loading, but in a secure way that would reduce the chances of someone less experienced to accidentally install malware?

When I earlier made the example with friends and family, I specifically said it’s Windows users that get infected. Now, some of you might say that’s because there’s more malware for Windows, and that’s certainly true, Windows has a far greater market share on consumer and enterprise desktops, and thus is a more lucrative target.

But there’s more to it. You see, there is malware for Macs, but it’s harder to get it installed. Let me explain:

On Windows, if you download something from the internet, you just double-click it and run it, no prompt or user interaction is required, unless it wants admin rights, in which case it’s a mere “Yes” or “No” question from Windows.

On a Mac, contrary to popular belief, you can actually install anything you want, including side-loading Apps you downloaded from anywhere.

Then, how does the installation process work on Mac? To understand the installation process on Mac, we first need to know what “trust levels” of sideloaded Apps there are:

  1. Trusted: Apps that have a valid signature from an identified developer, and that is notarized by Apple.
  2. Trusted: Apps that have a valid signature from an identified developer.
  3. Not trusted: Apps that have no signature at all.

In the first two cases, the developer is registered with Apple, and got a valid certificate to sign their Apps. If you try to open such an application for the first time, say by double-clicking it, it will display an information pop-up, saying this App was downloaded from the internet, it will list the website’s domain and give you three options,

  1. Open
  2. Show Web Page
  3. Cancel

Once you choose open, the system will remember this and won’t ask next time.

As you can see, even with a signed and trusted App, it still wants to inform the user first before opening it for the first time, whereas Windows does not ask at all.

Now what happens if we try to open an unsigned App? At first, to the inexperienced user, it may seem like you can’t. It will show you a warning that the App is from an unidentified developer, and also warn the user that macOS cannot verify it’s free from malware.

It will give you just two options:

  1. Move to Trash
  2. Cancel

But wait, didn’t I say you can install anything? Yes, you can! There’s a trick the average user does not know, and as silly as it may sound, it’s enough to stop the casual malware install: You have to right-click on the App instead of double-clicking it, choose open from the context menu, and all of a sudden, the warning does allow you to open it anyway. And it will remember, so it won’t ask next time.

So, I hope you can see the idea here, since malware is usually unsigned (it can happen, but it’s rare to get signed malware), the average user cannot accidentally install it, but the experienced user who knows what they are doing and intends to open unsigned software (which is common for small open-source projects, for example), still can.

As for admin rights, on a Mac, you are prompted to confirm with an administrator account and password. You can think of it like sudo on Linux. I find this better than a simple “Yes/No” on Windows.

In short, secure by default to protect the inexperienced, but permissive if needed, and you know what you’re doing. I think this is actually reasonable.

So, why not try to port the Mac’s model to iPhone?

Conclusion

There are multiple perspectives on the side-loading issue: Apple’s monopoly, developer/publisher freedom, user freedom, and security.

I think all points are valid, and I think a compromise could be reached that allows for more freedom, but with security in mind.

Author’s notes

I tried to keep this balanced, let me know what you think in the comments. (:

Sidenote: Why is Windows not catching up? Even on Linux, *the* open system, you can’t just execute something you downloaded without setting the executable bit (chmod +x) first. I believe in a user’s freedom over their device, but damn, Windows, that doesn’t mean leaving the door wide open for everyone to walk in! :D

It takes quite some time to compose an article like this, if you enjoyed it and would like more, please consider [donating] to keep my blog up!