Excuse me, your conclusion doesn't seem to follow from your premises. I mean, "Please OS vendor I want something simple. That hidden `sideload` option is complicated, please lock down my machine."
Like, seriously? No one's that stupid. Sure most people want a decent, clear default option, but no one want that to be the only option. At least not for themselves. Because for some reason I see many people arguing that other folks are too stupid for options and should be locked down instead. For their own… safety? convenience? And that just reeks of authoritarianism.
They barely even know the difference between Windows and Google.
People who got online when smartphones entered the scene have a difficult time when I try to explain what "folders" and "files" are.
I do a lot of tech support for family and friends.
They NEVER enter settings or preferences for their OS or their browser.
They're afraid they'll "break something".
The disconnect between tech literate people like you, and what they think most users want - or even care about - is mind blowing.
Does anyone here remember the headache you'd get, when helping a family member, and you saw how many toolbars and viruses they'd managed to install, since you last checked their PC two months ago???
The lockdown is a feature - not a bug - in most user's minds.
And I has made my life so much easier.
I use Linux and side load apps.
But I'm so, so, happy that none of my family members are even able to do the same.
Right? I feel like my non technical social connections have an even greater learned helplessness from interacting with any sort of open to customization technology because they've learned that everytime they touch something the tool stops working in a way they don't understand. Most people are not going to spend days to weeks, and definitely not months to years learning how to tinker with and expertly maintain their technology.
I feel like technologists in this forum are acting like blacksmiths who would scoff at any of us for having purchased a hammer, rather than smelting the ore, forging the head, and carving the handle so we could have one that fit our needs perfectly.
I dunno... the way it feels on the other side is that y'all think people are too dumb to not hurt themselves with hammers--which is true!!--and so, rather than trust that people who are afraid of hammers will simply avoid using a hammer they should be actively prevented from even owning a hammer, or even letting their friend or a hired carpenter use a hammer to help them, which is kind of overkill.
Well, it's a fact that all that technology is incredibly brittle. Systems lack resilience, error recovery, and accessible debuggability, and when something breaks, there's a high chance it'll have disastrous effects. It's objectively safer to stay within the "works for me" happy paths that authors are likely to be actually testing/using themselves. Even this sometimes fails, sometimes seemingly without reason, only to later (maybe) start working again. It's a nightmare, a constant source of stress and another thing that people feel they have no control of at all. It's not strange users flock to authoritarian-style environments, managed by someone who do have the capability to control that chaos to some extent - even if they sell users' PII data to Sunday and back.
There are complex reasons for this, but the end result is simply that IT is not ready for mass adoption. Software is still in its infancy - I suspect that the broader the possible implications of technology, the longer it will take it to be ready to be mass adopted. We gave up all hopes of ever proving program correctness in the 80s, then in the last decade we've given up all pretenses that we know what we're doing... and nobody saw a difference. By all rights, software should be confined to research labs and garages of nerds for quite a few more decades.
The problem is that this technology is too useful. It has too far-reaching applications in almost all spheres of human activity. When the software (and all layers below it) actually works, it brings small miracles to its users, enough that they're willing to pay a lot for a product obviously unfinished, rushed, that'll probably get killed after few years. They think that, yeah, it breaks all the time and I'm afraid to breathe in its direction, but it's ok, I'm strong, I can deal with it if I'm able to do X or Y.
Tl;DR? I dunno. Maybe developers should put more effort into professionalizing the field, but this kind of thing is impossible to rush. Or maybe the users should get a grip and accept that it's not developers who force them to use their products. The massive amounts of money involved, along with the life-changing potential of IT products, skew incentives so much that, currently, both developers and users pretend that it's all fine, even though it obviously isn't, and then both complain. Users are stupid, developers are lazy, but neither can live without the other any longer...
I wholeheartedly agree; locking down systems is a feature, not a bug.
I would go even further and say it's not just so in the users minds, it is also so in the admins mind, whether that's a business setting where we have to make sure thousands of workers don't accidentially brick their PC (or worse: cause an infosec issue), or a family setting.
Though I have to say, that lockdown-feature comes with a rather heavy price tag attached, because, well, the systems in question do a whole lot more than just make the locking down easy, do they?
It would be great if commonly used Linux Desktop Environments allowed for a switchable (with root-privileges) "Lockdown". I'm aware that this is possible already, but requires too many steps and is too error-prone. What I want is a simple on/off-cmd offered directly by the Desktop-Suite for me to issue as root.
That would allow people like you and me to setup computers for non technical people to use easily, whith the benefits of both an open system, and the stability a locked down system provides.
The important thing to notice is that the median user's mind is neutral about features like lockdown, security, side-loading, and everything else, because they don't think about features. They think about concrete interactions, like "playing candy crush", or "talking to grandma/grandkid", or "buying stocks", or "trying that app that my coworker showed me".
And when they can't do it ... "it didn't work for me" ... they, ironically wisely, don't even speculate why it did not work. The folks you see on forums who recommend "doing factory reset and it'll work" or "clean the cache", etc... are obviously the "Dunning-Kruger poster kids".
Median users are monkey see monkey do, that's why if they see "it works on Ted's iPhone" then their thought is "I guess I'll get an iPhone". And ... it works. The US is iPhone-land.
...
And interestingly this hyper-pragmatic (arguably too narrow-minded) approach to technology is also what leads to the interesting cases when enough teenagers want Fortnite on their iThing. And that's when the generalizer machine of society can pick up this thing and sometimes it spits out useful principles. (Mostly we get just one more bad statute on the books.)
Apple is only about half the US mobile market, and the rest of the world the trend is clearly Android. So calling the US market the trend setter seems odd because if that were the case then the rest of the world would be trending strongly iOS but this pattern has been stable for years.
>"Please OS vendor I want something simple. That hidden `sideload` option is complicated, please lock down my machine."
I could easily turn that characterization around. "Please OS vendor, I want something that just works, please don't add customization options that I will never use but if I accidentally select will effectively brick my machine for the technical skill level I have." I might be dating myself here but do you not remember all the complaints about something as simple as resetting a VCR's clock and parents just living with it blinking after a power outage until their technically inclined children took it upon themselves to fix it?
>No one's that stupid.
They don't have to be stupid, but that doesn't mean the time invested in learning the skills to modify and customize software and hardware is something they want to do. My original point was that people in this thread and others across this site keep talking like they cannot _fathom_ why someone would choose a locked down version of a product over an open one, and I pointed out why many people would.
>And that just reeks of authoritarianism.
Moralize elsewhere here. No one forced people to buy an iPhone and yet its massively popular. More open products exist for cheaper. Tbh the only who seems to be implying that people are dumb and pushing authoritarianism are the group who keeps pushing to break up these machines that just "work" that the market is showing a high level of preference for
You have chosen one property of the iPhone and elevated it to the primary reason why people buy that device, which is entirely disingenuous as clearly people are forced to make tradeoffs in their purchases and nearly 100% of people might despise having locked down devices and yet still buy an iPhone if other things are more important to them... and there are definitely a ton of things the iPhone gets right--both in its hardware and its software--despite* this one glaring thing it gets wrong.
Almost everyone I know owns an iPhone... and yet, almost all of them wanted a more open device and bought an iPhone anyway because it has a longer serviceable lifetime (due to software updates for a longer period of time), has a pervasive brick and mortar storefront that sells accessories, lets them use AirPods, has one of the best cameras on a mobile phone (and here it is maybe-interesting to note that Samsung devices are also pretty damned well locked down: you sideload a browser, sure, but you can't get filesystem access or modify any of its stock behaviors)... I could keep going, as Apple is actually an extremely competent company that has built a great product!
And yet, those people, when given the chance, were all very excited to jailbreak their phones to get more features. The people who are not technical has their technical friends do it for them. The people who did not have technical friends who wanted to deal with that much effort bring their phones to the little shops which do it for you. At its peak, despite being pretty hard to do, difficult to maintain, and complicated to take advantage of, we had more than 10% of people with an iPhone jailbreaking! That is an insane number of people to just write off :/.
People, especially when looked at them in general, it turns out, don't care about general principles. (And sort of rightfully so, because in the last thousands of years almost literally all questions of importance were not questions of principle. Which noblehouse should give the new king? None!? Yeah, that's not a good option. And so on.)
Software and these hyperglobal platforms are where principles actually start to matter. (It did not matter even in politics. In principle free speech, sure, but also no generated kiddie porn, because ew. And it did not matter, but suddenly with the capability to force CSAM-detection on the world, we would think it now starts to matter, but no, people in general never heard about this, have no idea about this, and so on.)
So with that long intro, it turns out that if enough people want Fortnite on their iThing, or want to repair their tractor or car ... that can force some principles, and that's when people will suddenly care about "my device my blablabla".
> do you not remember all the complaints about something as simple as resetting a VCR's clock and parents just living with it blinking after a power outage
Why fix it? What's the drawback in leaving it blinking?
They could fix it, they just didn't bother. Kids just have more free time.
Unless you're very lucky, it's going to be showing the wrong time. I don't think I ever had a power outage precisely on 00:00. Blinking is actually a nice reminder that you should not look at that clock to check the time. In any case: yeah, you have a single source of time info disabled, but there's a wall clock above the tv, so really, why bother setting the time right?
Unless you want to record that show that plays at a time when you have to be out. That's when you call out to the kids to do whatever it takes (setting the clock is one of the things to do, but why bother with the details).
The restriction is against programs that can download and execute code from random places on the internet, and you only need to look at a family of Android malware that Google has been unable to keep out of the Play Store to see why.
>Known as Joker, this family of malicious apps has been attacking Android users since late 2016 and more recently has become one of the most common Android threats.
One of the keys to Joker’s success is its roundabout way of attack. The apps are knockoffs of legitimate apps and, when downloaded from Play or a different market, contain no malicious code other than a “dropper.” After a delay of hours or even days, the dropper, which is heavily obfuscated and contains just a few lines of code, downloads a malicious component and drops it into the app.
Apple requires all executable code to go through the App Store's vetting process. Apps that download code to be executed have never been allowed, which is why you have the Webkit restriction.
Webkit can download and execute code. Your app cannot.
The article's conclusion that users need to be wary of apps downloaded from inside Google's walled garden should be all the warning you need about the danger of allowing random apps to download and execute code.
>With malicious apps infiltrating Play on a regular, often weekly, basis, there’s currently little indication the malicious Android app scourge will be abated. That means it’s up to individual end users to steer clear of apps like Joker. The best advice is to be extremely conservative in the apps that get installed in the first place. A good guiding principle is to choose apps that serve a true purpose and, when possible, choose developers who are known entities. Installed apps that haven’t been used in the past month should be removed unless there’s a good reason to keep them around.
Nothing stops you executing arbitrary code on iOS, you just have to use an interpreter to do so, and Joker is in fact running interpreted code (a dex file).
Bear in mind one reason you may hear less about malware on iOS is simply that security researchers aren't allowed to sell products for it and they are blocked by the infrastructure from examining apps like anyone else is anyway, so they have no incentive or ability to figure out what apps are actually doing. On Android you can get APKs from the Play Store more easily, and APKs from third party stores very easily, and you're allowed to sell security apps into that market, so they have both means and an incentive to go find malware for it. Apple just point blank refuses to allow their commercial existence unless it's by selling vulns to Apple itself.
> Nothing stops you executing arbitrary code on iOS
Nothing except the App Store review process?
We already have tech sites warning Android users to beware of apps inside the Play Store, because Google has been unable to block Android apps from downloading malicious code and executing it on a regular basis.
If you're happy with that state of affairs, by all means, buy an Android device.
The point being made by the cited article is that a tiny interpreter that activates days or weeks after an app goes live can't be detected by any app store review process. You have no idea how many such droppers are active in the iOS App Store because only Apple can look for them, and nobody knows if they do or to what extent they do.
That's why both platforms also use a sandbox. The dropper still needs to work within whatever permissions the app has been granted. App Review doesn't involve a full blown security audit of your app's source code and then a deterministic build process on top.
> The point being made by the cited article is that a tiny interpreter that activates days or weeks after an app goes live can't be detected by any app store review process. You have no idea how many such droppers are active in the iOS App Store because only Apple can look for them, and nobody knows if they do or to what extent they do.
The point being that Apple doesn't allow information downloaded from random places to be executed as code in third party apps at all. This is literally the reason for the Webkit only policy.
Google does allow it, and they (very predictably) have no way to know if that code will be malicious or not.
Which is why Ars had to warn Android users that they had to be wary of apps downloaded from the Play Store.
I think we're talking at cross-purposes here. The issue is not what Apple allows, it's what they can detect and block. They can't detect arbitrary interpreters and therefore you have no idea if this is happening on the app store. You just have to take Apple's word for it that it's not. We're talking about malware, by definition it doesn't care what the rules are. Android is more open and so third parties can go investigate and find malware that uses interpreters to execute remote code, but Apple simply doesn't allow such explorations so we don't know what's out there.
My parents are not technical, I don't want to have to worry about their phones or computers, so they use iphones and ipads, and I have a pi-hole connected to their router that clears away most ads.
They like going to the app store and knowing there is at least some level of curation on the apps. If they suddenly have to start dealing with competing app stores and sideloading and menus and all that stuff their experience will undoubtedly be worse for it.
I think they'll visit sites and instead of being recommended to install an app, they'll be recommended to install an app with a redirection to a different app store.
Apple takes a huge cut of the money spent on the app store, and everyone will have a huge incentive to move users to different stores if they can. This isn't difficult to understand if you thought about it for more than a minute.
That would be apple's problem then for making their store so unattractive to developers. What you're saying here is that if developers had a choice they'd tell apple go fuck themselves and you're probably right. "We'll engage in anti-competitive practices so our customers can't escape our shitty offering" is not the flex you think it is.
I just want to ask you something. I'm a software developer, able to build out of parts and configure a headless Linux box, unlock the bootloader on, flash and root an Android phone and use both successfully, and "Please OS vendor I want something simple, ... , please lock down my machine" is literally THE reason why I got an expensive iPhone as my last phone instead of a cheaper Android.
If you have two otherwise-equal choices, but one has great default settings, but allows you to change things if you really really want, and the other has the same great defaults, but is locked down and doesn't allow you any choice, then if you pick the locked-down choice, I think you're frankly quite stupid.
What I think is really stupid is how many people seem to think that having the ability to change things means that they absolutely MUST go through all the settings menus and change things. What really galls me is how many so-called technologists even believe this. It comes up all the time in Gnome vs. KDE arguments, and I'm seeing the same mentality here. If you don't want to change things, then don't.
> think that having the ability to change things means that they absolutely MUST go through all the settings menus and change things.
That sure does sound like a straw man argument to me. Are you sure you've really heard "pls don't make me change all the things, I don't like changing things" instead of the much more plausible "pls don't make me use a system where someone had to implement (and has to support) functionality that I personally don't need, and as a (possibly) developer myself I understand that this adds complexity to the system and places burden on BOTH the user and the developer"?
It's not a straw man. People really do say these things. They complain that the existence of lots of configuration menus and options means that they MUST go through all these menus and configure everything themselves. Believe it or not. I've seen it time and time again, for over a decade, every time there's an argument of Gnome vs. KDE.
Not really, the choice will then becomes use chrome and deal with their JIT draining your phone/privacy invasive ads or you cant use this feature from google docs/slides/youtube being slow… etc
Bringing up the device performance and hinting at planned obsolescence of devices is probably not the best tactic here when debating android vs iOS.
Apple has a worse track record when it comes to that (while still allowing Google/android plenty of room for the same).
Like, seriously? No one's that stupid. Sure most people want a decent, clear default option, but no one want that to be the only option. At least not for themselves. Because for some reason I see many people arguing that other folks are too stupid for options and should be locked down instead. For their own… safety? convenience? And that just reeks of authoritarianism.