Shulou(Shulou.com)11/24 Report--

Some time ago, in order not to let my parents suffer from the harm of "junk App", I replaced their mobile phones with iPhone. I can't help it. It's too expensive for parents to use Android phones.

As parents are not so proficient in the operation of mobile phones, they often install all kinds of junk software inexplicably, resulting in continuous mobile phone pop-up windows and advertisements everywhere. Some software rely on parents do not understand the meaning of access, all kinds of theft of personal information, to tell you the truth, I am really afraid.

Although iPhone is not as fluent and functional as Android in some cases, I have to admit that it is precisely because of the closeness of the iOS system that it has a safer environment, and many consumers buy iPhone devices for this purpose. In addition, iPhone is also more friendly to middle-aged and elderly users.

In addition to me, many of my friends share the same idea and bought iPhone for their parents.

I thought the matter would be settled in this way, but now, with the addition of a bill, the iOS will face unprecedented changes.

IOS is no longer insured.

IOS, which allows the use of third-party app stores, in March last year, the European Union formulated a "digital market law" aimed at regulating the operation of large Internet companies, which came into effect on November 1. The main purpose of this bill is to prohibit some gatekeepers who are "both judges and contestants" from making use of their advantages in data sharing, software installation, platform selection, advertising and promotion to obtain high monopoly profits or restrict market competition. Its operating system is required to open the permission to install multiple application stores. If the company violates the rules, it will be fined 4% to 20% of the global turnover in a fiscal year.

The emergence of the "digital market law" has forced Apple to consider the impact in this regard.

Some time ago, the latest report from Bloomberg Mark Gurman said that Apple has begun to get engineers to prepare a new project to make major changes to App Store policy on iPhone, allowing third-party app stores to be used on iPhone and iPad before officially opening the side load, in order to allow devices to bypass App Store to install certain programs.

Photo Source: this change from the Internet is likely to appear on iOS 17 next year, and will be accompanied by more open initiatives, such as changes in functions such as open NFC and payment methods.

The operation of allowing iOS to install third-party applications is called side loading, which allows users to install unaudited applications through their own channels (such as web pages, installation packages, etc.). This is also the software installation mode that Windows and Android have been using. If Apple opens the side load completely, in other words, Apple will not be far away from becoming Android.

Cook has previously been very determined on the issue of side loading, saying at the New York Times DealBook Summit: "if you want to side-load the App, you can buy an Android phone." And at the meeting, comparing side loads to a carmaker, selling cars without airbags or seat belts, said it was too risky, hoping users would choose between a safe and protected platform or an ecosystem that allows side loads.

In addition, Apple also said that sidebar is "the best friend of cyber criminals" and makes consumers vulnerable to malware, fraud, data tracking and other attacks.

From the perspective of the EU bill, the main restriction is to prevent Apple from taking advantage of App Store to take a high percentage of the recharge in the application. Since game developers do not have distribution channels themselves, they need to cooperate with the distribution platform, that is, the App Store, when the app is launched. Apple has been charging developers a 30% "Apple tax" and there are no other app store platforms. it's a dominant situation.

The security of the iOS system has been compromised, which belongs to "the city gate fire, which affects the fish in the pond".

What would a side-mounted iOS look like? For consumers, side loading is still a relatively unfamiliar word, if open side loading, many friends can not imagine how much will change.

Apple is not without the installation of third-party applications, but these methods are more cumbersome, raising the operating costs of ordinary users and raising the threshold for consumers to misoperate.

As far as I know, there are many ways to install applications that can't be put on the market.

TestFlight first installs the beta software. If the iOS application needs to be tested before it is put on the App Store, it will put up a test version of the official software called TestFlight for developers to test. You only need to enter the invitation code or web link to experience it.

Image source: Apple's official website, but it's worth mentioning that TestFlight apps can be put on the shelves without Apple's approval, which means Apple provides a channel to install third-party apps. There are a lot of porn, gambling, fraud, malicious promotion of software in order to avoid censorship, will be downloaded by users in this way.

Self-signed installation is followed by self-signed installation. Because developers need to install some local applications for testing, and iOS cannot install applications like Android, Apple provides a way to verify developers and install local files.

The key to self-signed installation is the certificate, which is divided into personal certificate and enterprise certificate, which grants permissions to the local application (.ipa) through the certificate and through the trust of the system.

Image source: there are many ways to self-sign from the network, such as Sideloadly, Love Assistant, AltStore, etc., which require a personal AppleID account to operate, but this disadvantage is also obvious, that is, the validity period of this signature is only 7 days, and you need to re-sign and install it after 7 days.

Due to the high operating cost of the self-signed method, and the operators' awareness of prevention is also sufficient, there are no large-scale security problems at present.

The description file then installs the application through the description file. This operation is similar to the self-signed installation we just talked about, but it is relatively simple and only needs the installation description file to install third-party applications.

But it is worth mentioning that this is also the most dangerous installation.

Description files are generally divided into two categories, one is the official description file (iOS Beta update, etc.), and the other is the enterprise App, which prompts the signer and the installation URL during installation, and enters the device password, which means that once you identify the signer, you will hand over the device permissions to the application at your own risk.

Image source: in addition to bypassing App Store, the iPhone description document also contains authorization information about many devices, such as network configuration, access rights, security policies, and so on. If you install a description file from an unknown source, it means that your device may be subject to hijacked communications, rogue promotion, restricting the normal function of the device, falsifying websites, and so on.

In other words, if the application installed by this description file is malicious, then your device privacy will basically be exposed. Because of the simple operation, at present, many pornographic and gambling applications are promoted through this way, which does great harm.

The last way to "jailbreak" is to install Cydia and obtain third-party software or patches through jailbreak. This operation is expensive to learn, and it also requires the support of the hardware and system version of the device. The operator should also have a certain degree of security awareness, which is a troublesome method.

Until now, iOS devices are not absolutely safe.

Personally, I strongly do not recommend that you install third-party apps. If the apps are well-behaved, why avoid official testing?

In fact, even under Apple's strict supervision, iOS devices carry certain risks.

In September, HUMAN's Satori Threat Intelligence team reported that there were as many as 10 apps containing "advertising software" in mobile stores. These apps generate revenue by posing as legitimate apps and displaying ads only to iPhone users.

Some time ago, Apple officially confirmed that iOS devices have a zero-day vulnerability in WebKit, and all devices above iPhone 8 have been affected. although they have been updated and fixed, there is evidence that hackers exploited this vulnerability and launched an attack before October 2021.

So far, there are also many illegal applications with serious shells, on the shelf in the AppStore.

Apple compromises, but do consumers really like it? I can even imagine the chaos of iOS if Apple allows third-party app stores to be installed.

Take Android as an example, side loading will allow app stores to list apps with different version numbers. This leads to the request to update the application due to the inconsistency of various version numbers after entering App, and will be prompted every time you enter, thus realizing the initial confusion.

And according to the current Android App Store play, it is likely to launch a variety of limited edition software, and different permissions to achieve differential treatment.

For example, if you want to experience the full version (more permissions), sorry, you can only download it from the designated app store, and if it is a game, it will distinguish between different store version servers.

Image source: in addition to the network, there is a serious problem with iOS supporting third-party app stores, which is divided into different app stores. For example, Apple charges 30%, other app stores charge 20%, and even exclusive apps charge 50%. As the cost increases, the recharge price will naturally increase, and the major app stores will take iPhone as a battlefield and keep fighting with AppStore, and only consumers will suffer.

On this basis, user security will also have a great impact.

As we just talked about, App Store still has some illegal software on the shelves. App Store has always been known for its rigour, but even for Apple, I don't believe a third party will do any better. If app stores are deregulated, today's Android is the future of iOS.

For example, if we download apps from third-party app stores, there are pop-up windows and ads everywhere, and we will steal your address book and text messages, such a system environment is no longer suitable for the middle-aged and elderly.

Image source: originated from the network or some software, asking for permission to provide a variety of inexplicable functions for iOS, as a result, the mobile phone crashed due to the conflict of a certain function, this common phenomenon of Android will also be extended to iOS.

Will consumers scold the software or fire at Apple?

There's a good chance it's apple.

If Apple compromises the EU's demands, then other countries will naturally put heavy pressure on Apple to open up. So, if iOS does offer a third-party app store, I personally recommend using AppStore and rejecting all apps from unknown sources.

Be responsible for yourself and for the future iOS software environment.

This article is from the official account of Wechat: non-objective Laboratory (ID:zhinan617). Author: ByArsT.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.