Apple cited privacy and security concerns as one of the reasons for not allowing app sideloading and the use of third-party app stores on iOS, pointing out that there is 15 to 47 times more malware on Android.
This report comes as Apple Inc. is under investigation for anti-competitive practices in the EU for forcing app developers to use its own App Store to install and pay for their apps.
The company is also facing problems in the U.S., with two senators introducing a bill in August that would require the company to open its devices to sideloading and third-party payment systems.
Apple says that iOS devices are locked into the App Store as the only way to install applications for security reasons.
This is because it allows the security team to scan the application for malicious content before it reaches the user.
Apple cited statements from multiple sources (DHS, ENISA, Europol, Interpol, NIST, Kaspersky, Wandera, Norton), all of which warned users not to install apps from sources other than the official app store. All of these sources warned users not to install apps from sources other than the official app stores.
Apple’s report describes several malware attacks targeting Android devices. These attacks involved users being asked to sideload malicious apps hosted on Internet sites or third-party app stores.
This list includes “Goontact”, “HiddenAds”, “FakeSpy”, “SpyNote”, “BlackRock”, “Banker.BR”, “TeaBot”, “Fusob”, “Anubis”, “FluBot”, “HelloSpy”, “. MalLocker.B”, “CopyCat”, “Android.Click.312.origin”, “FakeAdsBlock” and other malware campaigns.
The list includes a number of threats, including mundane adware, dangerous ransomware, money-grabbing banking Trojans, commercial spyware, and even state-sponsored malware. According to Apple, attackers are exploiting a loophole in Android’s app installation process that allows anyone to install apps from anywhere on the Internet.
Forcing sideloading into the iOS ecosystem will make the iPhone less secure and reliable for users. This is true regardless of whether the sideloading is done via direct download or via a third party app store.
Comments