It’s a Cyber-Criminal Best Friend: Apple Chief Explains Why Sideloading Catalyses Malware Attacks

Malware attacks that usually happens when malicious, illegal software’s executes unauthorized actions on the victims system has become a global source of concern in recent times. With  spyware and ransomware attacks on the rise in public and private corporations, resulting in loss of data, blackmail and other vices by the hackers, different states authorities have been devising ways to nip the cyber attack in the bud.

Sideloading, a process of file transfer between two local devices, and most especially the transfer between a PC and a mobile device has been seen by many tech analysts as a major catalyst for many malware attacks and it seems the Apple’s hierarchy is echoing this.

Apple’s Senior Vice-President, Craig Federighi while delivering a speech at the 2021 Web Summit, highlighted the various security risks of malware attacks while stressing that “Sideloading is a cyber criminal’s best friend and requiring that on iPhone would be a gold rush for the malware industry”.

Federighi, not oblivious of suggested solutions that seeks to allow users the leverage to decide for themselves whether to take the risk of sideloading apps, believes the idea will come to naught as he opined that “criminals are smart and really good at hiding inconspicuously.”

Craig Federighi, who oversees Apple’s iOS and macOS software divisions, with his assertion is throwing a jab at the European Commission’s proposed Digital Markets Act, a bill whose passage would require Apple to let users install apps outside of the iOS App Store.

Federighi believes Apple’s relatively low rate of malware on iOS from the “5 million Android attacks per month, may be due to the non- sideloading method by the company, adding that if Apple were forced to let users install their own apps, “the floodgates are open for malware.”

He further emphasized the negative effects of malwares on children and parents who can be fooled. “The fact that malware can hurt everyone is something we shouldn’t support,” Federighi notes.

 “There is concern that if Apple allowed sideloading, some social networking apps will probably try to avoid the annoying privacy protection of the App Store and only make their apps available via sideloading”, he added.

He affirmed that the privacy requirements in Apple’s App Store transcends those of the letter of the law, noting that social media companies who want to escape them could force customers to choose between “losing touch with your friends online or taking on the risks of sideloading.”

Federighi averred that the process of sideloading undermines security, while putting data risk, positing that if customers and regulators want the option to sideload apps, the alternative of Android should be enough to meet that without requiring it for iPhones.

“But all the concerns on iOS are curious, given the other half of his job description: leading the macOS software team, where apps can be freely installed outside of Apple’s app store (and have been for decades) without suffering from apocalyptic malware attacks,” he acknowledged.

He finally noted that is Apple chooses to, it could enable iOS sideloading in a similar manner and require something like the Gatekeeper system on macOS, which gives Apple the capacity to check signed developer IDs to confirm the software is genuine.