Loading iOS apps outside the app store

[Ipheuria]

I was listening to MBW and this topic got me intrigued. We can ignore the stupid remarks about the high prices of apps due to them only being available in the app store. My real concern is the idea that users could get apps outside Apple's app store. It sounds weird becasue a long time ago I used to Jailbreak my phone. However I have so many concerns about this whole thing and how it would impact "mainstream" users. My first issue is that whatever is decided no one will come out and let consumers know. The government wont put out an ad saying "you can now get apps for iOS devices outside the app store. However if you do then Apple is not responsible for the damage done by the apps". I can see it now because I know people will take the phone to the Genius Bar and scream that it wont boot, their data has been stolen, etc. When the genius tells them that Apple is not responsible for 3rd party apps bought outside the app store what kind of hell will break loose? Who are customers going to sue when their data is mined or they get malware on their iPhone? Good luck finding some developer half way around the world.
I used to think that Apple should put an expert switch in iOS or collaborate with the Jailbreak community like Saurik etc. Except that is also a disaster waiting to happen. Adding an expert switch means that Apple provided the function and would have to support it. They will be accountable for any damage as a result whether there is a disclaimer or not. The PR damage which will result is just not worth it. In the same way that the JB community does not have the resources or want to vet the apps that can be loaded through a JBen iOS device. I can't say how many people I've connected with back in the day on iMore because they were having issues JBing their device. Whether they couldn't get it into DFU mode, it was throwing up errors, they didn't have a Mac and needed custom ipsw files. It is just not for the everyday consumer. Personally I keep coming back to the fact that for me the negatives far outweigh anything else. I could link to a site that sells tools to forensic experts and penetration testers. It would make you put a tinfoil hat on knowing what can be done especially to JBen iOS devices.
Wondering where everyone else falls on the subject?

U.S. appeals court revives antitrust lawsuit against Apple | Reuters

 

[Rene Ritchie]

Apple has Gatekeeper on macOS, so you can choose between App Store only, trusted dev, or anything goes. Mac's a traditional computing environment, though.

On iOS, Apple only offers App Store and web apps, with web apps standing in for "anything goes".

Since pretty much the only time we hear about proper hacks on iOS is when it involves jailbroken iPhones and cracked app repositories, there's an argument to be made that Apple is putting security above flexibility.

For me, it comes down to this:

The biggest apps of the last few years all work great on iPhone: Facebook, Instagram, Uber, Pokemon Go, so mainstream customers are fine the way it is. Niche customers who want system level utilities and deeper options are left out, but that's a small part of the market and not the one Apple aimed iPhone at. At least not so far.

 

[cuttheredwire]

I think it must be mentioned that HummingBad/Shedun, an Android malware, will simple ask you permission for root access if no exploit is found in its scan. (I did a mitigation paper on it as a part of my masters.) If the user can just turn a switch, then an app will just ask you to. Be it in a link that they control or part of the UI that slipped though. Apple has even conditioned users to expect this (3rd party keyboards, ad blockers).

iOS keeps the lid on that Pandora's box shut by locking down the system.

However, if you have Xcode and the source code, you can put third party apps on an iOS device… at your own risk. https://www.macstories.net/stories/one-year-of-ipad-pro/4/#console-gaming

 

[Ledsteplin]

Many custom enterprise apps are ok. They go on as a profile. They're ok as long as they are installed by Mobile Device Management (MDM). They are automatically trusted. If you're not installing from your organization this way, you're taking a risk. Even if it's an enterprise app. Might be OK, might not.

 

[Ipheuria]

Apple has Gatekeeper on macOS, so you can choose between App Store only, trusted dev, or anything goes. Mac's a traditional computing environment, though.

On iOS, Apple only offers App Store and web apps, with web apps standing in for "anything goes".

Since pretty much the only time we hear about proper hacks on iOS is when it involves jailbroken iPhones and cracked app repositories, there's an argument to be made that Apple is putting security above flexibility.

For me, it comes down to this:

The biggest apps of the last few years all work great on iPhone: Facebook, Instagram, Uber, Pokemon Go, so mainstream customers are fine the way it is. Niche customers who want system level utilities and deeper options are left out, but that's a small part of the market and not the one Apple aimed iPhone at. At least not so far.

I think it must be mentioned that HummingBad/Shedun, an Android malware, will simple ask you permission for root access if no exploit is found in its scan. (I did a mitigation paper on it as a part of my masters.) If the user can just turn a switch, then an app will just ask you to. Be it in a link that they control or part of the UI that slipped though. Apple has even conditioned users to expect this (3rd party keyboards, ad blockers).

iOS keeps the lid on that Pandora's box shut by locking down the system.

However, if you have Xcode and the source code, you can put third party apps on an iOS device… at your own risk. https://www.macstories.net/stories/one-year-of-ipad-pro/4/#console-gaming

Many custom enterprise apps are ok. They go on as a profile. They're ok as long as they are installed by Mobile Device Management (MDM). They are automatically trusted. If you're not installing from your organization this way, you're taking a risk. Even if it's an enterprise app. Might be OK, might not.

All good points. I just don't understand what this lawsuit is really trying to gain other than money. If there is any change I know I will be fine. I will just continue to use only the Apple app store. My main concern is for mainstream users out there. It's an interesting topic though and luckily I don't feel like this lawsuit is going anywhere this time.

 

[Greek Geek]

I think it must be mentioned that HummingBad/Shedun, an Android malware, will simple ask you permission for root access if no exploit is found in its scan. (I did a mitigation paper on it as a part of my masters.) If the user can just turn a switch, then an app will just ask you to. Be it in a link that they control or part of the UI that slipped though. Apple has even conditioned users to expect this (3rd party keyboards, ad blockers).

iOS keeps the lid on that Pandora's box shut by locking down the system.

However, if you have Xcode and the source code, you can put third party apps on an iOS device… at your own risk. https://www.macstories.net/stories/one-year-of-ipad-pro/4/#console-gaming

Yeah, being as I use my iPhone way more than my PC these days for anything internet, I do kinda miss not being able to write my own apps for personal use the way I used to do on my PC. Of course, I've gotta start learning XCode from the ground up to do this, but I'm certainly glad it can be done. In the past I thought there was no way to do this without having to write a commercial app that everyone has access to (but that's not really what I want, as , what I need things to do isn't; necessarily going to be useful for everyone else). But since discovering that you can actually write your own apps for upto 5 devices (as though you would if you were writing it for testing, pre-release) this should prove to be quite a good workaround that will serve the purpose. So your great idea of doing it that way from source code of other people's apps takes that logic a step further, as this would be another great way of being able to customize pre-existing stuff. So thanks for sharing that!

 

[cuttheredwire]

There are open source apps out there too. You can modify them or use them as references.

Here's an example:
Edhita

 

[Greek Geek]

There are open source apps out there too. You can modify them or use them as references.

Here's an example:
Edhita

Cool. Thanks for the link. Do you do much Swift and XCode programming yourself? If so, what would you recommend to a hobbyist programmer like myself as the best ways to get started?

I've taught myself many other programming languages in the past, as there were many good books and online references available for most of them. But for XCode programming, I've not currently found it so easy to find good tutorials. So would be great to be pointed in the right direction from someone who has done it.

 

[cuttheredwire]

I have some C++ experience and have read a little about Swift and taken one of the iTunes U courses a while back. I'm working on a masters in Information Systems right now, but want to dive into Swift after I finish this summer.

I have a variety of links saved in Instapaper for when I dive in and start writing apps. Here is the first one on my list:

This Start-to-Finish Tutorial Helps You Build Your First iPhone App