What if Apple was forced to allow app sales outside of the iOS store? – Engadget

The obvious worry is that losing Apple as gatekeeper would erode the protections that iOS is famous for. People buy iPhones because Apple promises to keep your data private, a promise that Google cannot match given the nature of its business and its operating system. Would breaking the App Store render iOS as insecure and prone to malware as Android?

Not according to Yair Ivnitsky, a mobile developer at cybersecurity company GK8. He said that App Store review, where the company vets apps before they’re added to the store, is only one of a number of ways that Apple secures the iPhone. And that, broadly speaking, in the highly unlikely event that the iOS was opened up, users wouldn’t be at too great a risk. 

Ivnitsky explained how iOS is secure by design, starting with the secure enclave on iPhones and iPads. The enclave contains a hardware-based key manager which is isolated from the rest of the system. 

There are then several layers of system security on top of that, including a secure boot process that prevents malicious code being injected into the OS when it starts up. Each app’s data is encrypted in AES (Advanced Encryption Standard), locking the data with a key that’s only available from within the secure enclave.

When apps run, they do so inside a sandbox, giving them “limited access to the phone’s resources,” said Ivnitsky. Part of this process is the fact that it constantly requires apps to ask for permission before it can access specific hardware and software features. And, as we’ve seen with iOS 14, these permissions can reveal how apps are monitoring its users. That may be enough, again, to reassure users. 

iOS then includes more proactive threat management, like a built-in firewall and antivirus that can, for instance, stop you from visiting a malicious URL. But the final layer, on top of all of this, is App Store review, since iOS will only run apps with code that Apple has signed off on. Apple admits that this process is “not a silver bullet,” but says that “the scope of potential damage is severely limited when an app is restricted to the minimum set of privileges it needs to get its job done.”

Essentially, Ivnitsky explained that the point of this isn’t to make your iOS device unhackable — that would be impossible — but to make it as difficult as possible to do so. “Many hackers don’t like iOS because it costs a lot of money, and time, to find a weakness,” he said. The example he used was corporate espionage, saying that it’d be worth the cash to gain access to a CEO’s phone. If that’s the level of effort needed to breach an iPhone, hopefully it’ll deter drive-by hackers trying to access your checking account details. 

Another security professional who echoed that sentiment was Jakub Kobeldys, lead developer at VAIOT, a company offering secure digital services for the legal industry. “It’s not that iOS is full of holes,” he said, but that “the App Store is a natural second layer that [Apple] can filter through and decide if something would be harmful.” He agreed it wasn’t foolproof, but that it can help screen out “undesirable” apps. 

Relaxing Apple’s system would largely benefit companies who want access to Apple’s customers but can’t or won’t play by Apple’s rules. Spotify could sell you Premium without the current contortions it has to make to avoid paying Apple a 30 percent cut. Plus, you’d be able to access game streaming services that Apple currently disallows, like Stadia, xCloud and Facebook Gaming. Microsoft and Facebook have publicly grumbled about Apple’s need for individual review, forcing them to axe, or severely curtail, gaming services on iOS.

One of the reasons that people buy iPhones is the built-in security. Opening up the App Store may not wreck iOS, but it’d certainly force users to be more cautious about downloading apps that may not be as secure. And it’ll be up to each person, and the regulators, to decide if that’s a price worth paying.