Apple continues to battle impending antitrust legislation in the United States that could bring major changes to the App Store. A letter sent to the Senate Judiciary Committee by Apple and obtained by Netcost-security.fr specifically contradicts claims that Apple’s anti-sideloading stance is “unfounded, hypocritical, and dishonest.”
This letter from Apple to the Senate Judiciary Committee is dated March 3 and signed by Timothy Powderly, the company’s senior director of government affairs. The letter was sent in response to allegations by cryptographer Bruce Schneier, who told lawmakers that Apple’s sideloading security concerns were “baseless”.
In his own letter to the Senate Judiciary Committee, sent in January, Schneier wrote:
I would like to address some of the unfounded security concerns raised about these bills. It is simply untrue that this legislation endangers the privacy and security of users. In fact, it is more accurate to say that this legislation endangers the extractive business models of these companies. Their assertions about privacy and security risks are both false and misleading, and driven by self-interest, not the public interest.
Reuters was the first to report on Apple’s response to Schneier, and Netcost-security.fr has now obtained a complete copy of the document. Apple explains that Schneier’s accusations are “particularly disappointing” and prove that “even talented technical practitioners” can confuse sideloading issues:
Given our general esteem for Mr. Schneier, these accusations are particularly disappointing. In our experience, the work of delivering industry-leading security and privacy to a modern computing platform at the scale of a billion devices is among the most complex engineering and technical policy efforts. and difficult ones, and much of this work remains easy to misunderstand. Schneier’s letter points out that even talented technical practitioners, if they haven’t worked on key issues in this space, can confuse issues.
Throughout the letter, Apple points to a number of different examples of third-party app stores containing malware-infected apps and apps that harvest user data. One of the examples cited by Apple revolves around the Android ecosystem.
In the Android ecosystem, which has 50 times more malware than iOS 5, Nokia found that “the fact that Android apps can be downloaded just about anywhere is still a huge problem, as users are free to download apps from third-party app stores”. , where many applications, although functional, are protected by Trojans.
The letter continues:
In Nokia’s 2021 Threat Report, Android devices accounted for 50.31% of all infected devices, followed by Windows devices at 23.1% and macOS devices at 9.2%. iOS devices made up such a small percentage that they weren’t even singled out, being lumped together under “other” instead. We consider this a triumph in protecting our users, and it could never have been done without the cutting-edge last line of defense of our device security controls, working in tandem with the security and privacy protections of frontline that we provide to our users through the App Store and test apps.
As expected, Apple also highlights a number of protections offered by the App Store, including the testing process, app tracking transparency, and privacy nutrition labels. None of this would be possible with third-party app stores, Apple says.
The full letter is embedded below.
Check out this video below for more Apple news: