As part of its ongoing legal spat with Epic Games, Apple recently published a whitepaper entitled, "Building a Trusted Ecosystem for Millions of Apps: A threat analysis of sideloading." The document outlines Apple's case for retaining tight control over the iPhone's highly lucrative app ecosystem in the face of pressure from major developers and U.S. lawmakers. "Sideloading" is used by the firm as a catch-all term for allowing apps to be installed from the web or local storage in addition to third-party app stores — effectively, any source that isn't vetted in the same way as the iOS App Store.
As you might expect, the report paints the bleakest possible picture of security on Android, which as a platform has allowed apps from outside the default app store to be installed since its earliest days. Figures and case studies are cherry-picked to present Apple's major rival as a kind of Wild-West platform where anything goes, and the boogeyman of malware lurks around every corner.
We've already spilled plenty of ink on why most of the scaremongering around Android security is, to put it bluntly, bullshit. A significant part of Android's built-in security comes from Google Play Services, which is kept up to date automatically in the background:
"Google Play Protect is part of Play Services. This lets Google check the apps on your phone for malware, whether or not they're downloaded from the Play Store. Because Play Services is a system app, Play Protect can nuke malicious apps before they have a chance to do any harm. And because Play Services is constantly updated, these defenses can be kept up to date in the background many years after your device receives its last proper firmware update. So it's a way for older devices to be protected against malicious apps, even if those apps use software vulnerabilities that are still technically present in the underlying OS."
The central flaw in Apple's argument is that it faces a binary choice between sideloading and security — that there's no way to allow sideloading without opening the floodgates to the kind of malware it claims is endemic on Android. But the approach Google has taken with Android proves there's a way to manage both. Google Play Protect effectively nips any app-based security threats in the bud, wherever they might have been downloaded from. Malware definitions are always kept up to date thanks to Google Play Services, meaning even old devices that haven't received a firmware update recently are covered against new threats.
Apple's argument against sideloading ignores a crucial piece of the Android security puzzle.
Apple's whitepaper completely glosses over the contribution of built-in Android security mechanisms like this. The only mitigations mentioned are the warning messages displayed when installing an app from somewhere besides a preloaded app store — the "Unknown Sources" toggle in older versions of Android. Apple also briefly mentions third-party mobile security software for Android, while ignoring that Google-certified Android software has robust anti-malware capabilities built in.
Are the protections offered by Google Play Service and Play Protect better than not allowing third-party apps at all? Not necessarily. Slamming the door on any and all sideloading options does pretty effectively prevent app-based malware, though at the cost of user choice. The best Android phones can install apps from anywhere and everywhere, while the iPhone cannot.
But it's far from the false dichotomy presented by Apple in its whitepaper. There are ways to allow users to install software from third-party stores, the web, an SD card, or anywhere else while retaining a decent level of security. Apple surely knows this because it'll quite happily sell you a laptop that does just that. In terms of digital security, the MacBook you use to make online purchases, interact with financial institutions, and do your taxes is just as much of a treasure trove of personal data as your smartphone. The iPhone isn't just locked down to protect your personal data, it's locked down because doing so furthers Apple's ecosystem goals and, ultimately, helps its bottom line.
On the Android side, most users will never install an app from outside of the Google Play Store. And if they choose to do otherwise, on the device they own, the platform lets them make an informed decision while offering a competent level of security to zap any malicious apps that might make it through.
Safe sideloading of third-party apps is far from impossible.
But the fact that Android can safely allow third-party app stores to function stems from the fact that it's been built for the past decade to do just that. Google's security model is designed to stop bad apps once they get onto your phone because the ability to install apps from third-party sources means you can never rule out that possibility.
iOS, on the other hand, has been built to assume Apple will always have the final say over the apps that run on your device, and as such, there's nothing like Google Play Services or Play Protect to protect against malicious apps. If Apple were forced to allow third-party app stores on the iPhone, it too would be forced to build something similar to Google's on-device security suite. But doing so would be time-consuming, costly, and ultimately only enable a feature that would loosen its grip on the iOS ecosystem.
In that sense, Apple is right that suddenly foisting third-party app stores on the iPhone would be a bad idea. But it's disingenuous to pretend that there's no way to safely allow sideloading to exist alongside a safe, secure first-party app store. Android is a shining example of how to do both. Apple's reason for not wanting to open up is just as much about money and control as it is security.
