Thursday, May 20, 2021 [Tweets] [Favorites]

Epic v. Apple, Day 13

Nick Statt (tweet):

Epic and its lawyers have throughout the trial pointed to the freedom consumers have on macOS to download applications outside the Mac App Store and to largely do what they please on the macOS operating system. Epic has held up the openness of the Mac as an example of what the iPhone, as a general computing device in Epic’s eyes, should be transitioned into if it were to win its case.

But Federighi on Wednesday argued against this proposition by saying it would destroy the level of security enjoyed by iOS users, in effect tarnishing the Mac in order to save the iPhone. “It would become commonplace for users to be directed to download misrepresented software from untrusted sources where they’d be subject to malware,” Federighi argued, referring to the notion of alternative app stores as a “pretty devastating setback for iOS security.”

Adi Robertson (tweet):

Federighi basically says iOS users need to be more protected because the Mac is a specialist tool for people who know how to navigate the complexities of a powerful system, while the iPhone and iPad are — literally — for babies.

[…]

Federighi took a far broader view of security than Epic’s own expert witness James Mickens. Mickens testified earlier that iOS wasn’t meaningfully more secure than Android, but he analyzed mostly technical threats to the platforms. Federighi focused on scams, phishing, and other apps that target human psychology instead of computer code — many of which pose serious dangers.

Sometimes, though, the protectiveness felt patronizing. When Federighi explained Apple’s restrictions on cloud gaming, he focused partly on tangible security issues, like how to grant device permissions for different titles on a single gaming app. But he slipped seamlessly into discussing how the concept would be simply too confusing — that iPhone and iPad owners would be befuddled by the notion of launching a separate game catalog. Apple wants iOS devices to feel trustworthy, but at times like that, it seems more like Apple just doesn’t trust its own users.

Chris Welch (Hacker News):

Federighi’s mission was pretty clear from the outset: to extol the security benefits that come with iOS’s walled-off ecosystem and warn of the dangers that would come with breaking the App Store model.

But in building that argument, Federighi also made some surprisingly blunt concessions about security on macOS.

“If you took Mac security techniques and applied them to the iOS ecosystem, with all those devices, all that value, it would get run over to a degree dramatically worse than is already happening on the Mac,” Federighi said in the testimony. “And as I say, today, we have a level of malware on the Mac that we don’t find acceptable and is much worse than iOS.”

[…]

Federighi also cast the difference between the two platforms in unusual terms, describing the desktop platform as something akin to a car. “If operated correctly, much like that car, if you know how to operate a car and obey the rules of the road and are very cautious, yes,” he said when asked directly whether macOS is safe. “If not, I’ve had a couple of family members who have gotten some malware on their Macs.”

What happened to iOS devices being cars and Macs being trucks?

Joe Wituschek:

It’s kind of insane to know that Apple’s strategy to protect the App Store on the iPhone requires it to throw the Mac under the bus. Federighi’s reasoning is that the iPhone, being that it contains more private information and is carried around with you, requires a higher bar of security.

Kosta Eleftheriou:

There it is. If Apple has their way, we might even have to say goodbye to macOS “sideloading”.

A true dystopian future of centralized software distribution, in which Apple only sees upside, no downside.

Francisco Tolmasky:

And of course it goes without saying that they’re playing word games here, where an app that just tricks you into paying monthly isn’t classified as “malware” in the traditional sense, but I assure you, users don’t care about technicalities when they are scammed.

Logan Collins:

It’s hard not to read into this as Federighi saying “we see the Mac as a malware-ridden mess and will change that by locking out everyone who doesn’t agree with us.”

Zuk:

For those that think that iOS is safe because of the “walled garden” take a look at the leaked Pegasus/NSO documents here. NSO couldn’t care less about the “walled garden” because they infect devices without it: silently (0-click) or click on a link (aka 1-click).

Russell Brandom and Adi Robertson (MacRumors):

In a filing Tuesday night, Apple asked the court to dismiss one of the 10 counts alleged in the initial complaint, arguing Epic had failed to establish any evidence for the charge that Apple had violated the essential facilities doctrine by failing to provide access to software distribution tools on iOS.

Ian Sherr:

Schmid said there were “over 80 times” Epic asked for expedited review for Fortnite, and it was reviewed over 200 times. There were times that App Review apparently pushed back on Schmid’s team, asking if these expedited reviews were necessary

Paul Haddad:

“We treat all developers the same.”

Pretty sure I’ve gotten told no on my second expedited request within a year.

See also: Leah Nylen.

Previously:

Update (2021-05-24): Jeff Johnson (see his screenshots of the Mac App Store):

I agree that the level of Mac malware is unacceptable.

3 Comments

Apple's PR and Lawyers are exceptionally good at spinning things. Do App Store permit all Apps that pass all security test and are not phishing? No.

Macs have so much malware that I've never had a Mac be infected with anything, and my first Mac was an LCII and I've owned 10 Macs since then. Additionally, I've been downloading and installing software online since at least 1995. There are so many BS arguments floating around in this litigation -- just yesterday I saw a CNet editor claim that the only place people bought software before 2008 was at retail and most often at the same time they bought their PC. That's ridiculous.

BTW I thought Macs were the bicycle?

"just yesterday I saw a CNet editor claim that the only place people bought software before 2008 was at retail and most often at the same time they bought their PC."

Do we have any stats on this? Because I saw that, too, and while I initially thought it was preposterous, after I tossed it around a bit, it may not have been too far off. There's the behavior of people who visit websites like this (i.e. purchasing downloadable software since 199x when the web was in its infancy) and then there's the behavior of the vast majority of the population, many of whom do not progress far beyond understanding that the CD-ROM drive's tray is not a cupholder.

It's an honest question. Despite being alive for it and participating in it as a tech-savvy consumer, I have little idea what the actual market was like back then for "regular people". As an anecdote, I remember my Dad buying CD-ROM versions of Office well into the early 2010s. He's someone who I would consider to be slightly above-average intelligence in terms of technology.

When did, for example, Microsoft Office become majority download sales? I remember way back in the day them using a convoluted process with Digital River, where you even had to pay extra to be able to redownload it in the future.

Is it really such a stretch to believe that back then, or even now, normal people wouldn't use much more than what's preinstalled and the copy of Office they bought with (or was bundled with) their computer?

You also have to remember that in terms of mobile phones (not PDAs, which again most "normal" people did not use, but the "feature" or dumb phones that were the vast majority of sales prior to the iPhone's release), software purchasing was a godawful mess. And I'd be shocked if there was anything approaching even a 1-to-1 attach rate, let alone anything higher, for software purchases on those phones.

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment