Last month, it was announced that Apple senior vice president Craig Federighi would attend and speak at Web Summit 2021, which takes place in Lisbon, Portugal. In a keynote delivered today, Federighi vehemently spoke out against legislation that could force Apple to open the iPhone up to sideloading…
The Digital Markets Act legislation was first unveiled last December in the EU, and it could lead to major changes for the App Store and pre-installed first-party applications on the iPhone. The DMA in Europe would force Apple to allow sideloading on the iPhone, among other changes.
As you might expect, Federighi repeatedly noted that iOS is far less prone to malware and other attacks than Android. He even put up a slide directly saying that there are “5 million Android attacks per month,” according to one security study. Meanwhile, Apple employs human app review and a single point of distribution approach to limit malware.
Federighi repeatedly referred back to a house analogy during the event. He likened buying an iPhone to buying a “great home with a really great security system,” but then a new law gets passed that forces you to weaken the security of your home.
“The safe house that you chose now has a fatal flaw in its security system, and burglars are really good at exploiting it,” Federighi said.
The Apple executive also warned that the legislation comes as there have “never been more cybercriminals” determined to access the private information on your iPhone. “Sideloading is a cybercriminal’s best friend,” Federighi said. “And requiring that on iPhone would be a gold rush for the malware industry.”
Federighi went on to say that this legislation would open a “Pandora’s box of unreviewed, malware-ridden software and deny everyone the option of iPhone’s secure approach.”
“As an engineer who wants iPhone to stay as secure as possible for our users, there is one part I worry about and that’s the provision that would require iPhone to allow sideloading. In the name of giving users more choice, that one provision would take away consumers’ choice of a more secure platform. All of this comes at a time where people are keeping more personal and sensitive information than ever on their iPhones. And I can tell you there have never been cybercriminals more determined to get your hands on it.”
He also spoke out against the counterargument of simply letting people “choose” to sideload, warning that people could be coerced or tricked.
You can watch Federighi’s speech below.
“Clearly, I’m no fan of sideloading, but I want to address an argument I hear a lot: ‘Let people choose whether or not to sideload. Let them judge the risks, and they can decide themselves.’ And it’s easy to see the attraction of this argument, but history shows us that it doesn’t play out the way we’d hope because even if you have no intention of sideloading, people are routinely coerced or tricked into doing it. And that’s true across the board, even on platforms like Android that sideloading somewhat difficult to do.”