Security Architecture, Application security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Apple warns of sideloading risk as lawmakers consider third-party app stores

Share

Apple released an information booklet Wednesday morning warning about the dangers of unvetted iPhone app downloads hours before lawmakers were slated to discuss tearing down walled gardens like Apple's App Store.

The House Judiciary Committee will today markup legislation from Rep. Pramila Jaypal, D-Wash., to restrict digital platforms from keeping a stranglehold over the businesses that feed into them. This would include a company like Apple that runs the only approved app store for iOS.

Apple has long argued that strict control over apps benefits users security. A strict regime of testing for an app to be included on the app store, it claims, keeps malicious apps out of its ecosystem. But lawmakers and rival companies have said that Apple's control of the App Store allows the company to charge excessive fees to list apps or limit competitors to Apple services.

The colorfully illustrated packet titled "Building a Trusted Ecosystem for Millions of Apps" discusses the various risks created by downloading apps from third-party app sites - including the risk of inadvertently downloading pirated content, malware, and scams - and the protections that Apple builds into its own App Store.

The risks include the enterprise concerns, like a business hosting its own app outside the Apple vetted environment for employee use. Apple believes that top down control over apps, including the ability to centrally revoke a certificate for a corporate app gone rogue, benefit all consumers.

Speaking to reporters, a company representative said that users already have a choice to use third-party app stores by buying Android phones. Android allows the third-party stores which, Apple claims in the Trusted Ecosystem booklet, can have as much as 15 times as many malicious app installations.

The representative noted to reporters that the Department of Homeland Security currently recommends to avoid unauthorized app stores.

The Jaypal bill is part of a package of House bills aimed at curtailing big tech from heavy-handed control over what often seem like de facto monopolies.

An In-Depth Guide to Application Security

Get essential knowledge and practical strategies to fortify your applications.
Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.