Federighi blasts iPhone sideloading as a ‘gold rush for the malware industry’

It’s no secret that Apple isn’t a fan of sideloading. Amid several regulatory battles over Apple’s locked-down App Store-centric system, the company has defended the iPhone’s security as an advantage rather than a detriment.

At Web Summit 2021 in Lisbon, Portugal on Wednesday, Apple VP of software engineering Craig Federighi used his time to defend the iPhone against sideloading. Framing around a defense against the proposed Digital Markets Act legislation, which would give developers “new opportunities to compete and innovate in the online platform environment without having to comply with unfair terms and conditions limiting their development,” a.k.a. force Apple to allow sideloading.

Federighi started his talk by defending the iPhone’s security. While he admitted that there’s “no such thing as a perfect security system,” he quickly blasted sideloading as “the single biggest reason” why other platforms have more malware. In a nutshell, he said, “Sideloading undermines security and puts data at risk.”

He described the iPhone’s closed system as a “consumer choice of a more secure platform,” and painted a grim view of a world where the sideloading is allowed on the iPhone:

“In this world, some of your neighbors are suffering repeated break-ins but your home has kept you safe. But then … your town requires you to build an always unlocked side door on the ground floor….It would open up a pandora’s box of unreviewed, malware-ridden software.”

Federighi also defended Apple’s stance against people who suggest sideloading is a choice. “Even if you have no intention of sideloading, people are routinely coerced or tricked into doing it,” he said. “Even if you never sideload, your iPhone and data are less safe in a world where Apple is forced to allow it.”

He praised the DMA and European regulation as a whole, but had no nice words to say about the effort to force Apple to allow non-App Store apps on the iPhone: “Sideloading is a cybercriminal’s best friend, and requiring it on the iPhone would be a gold rush for the malware industry.”

However, Federighi didn’t address the Mac in the 10-minute presentation, despite Apple having always allowed sideloading and implementing numerous safeguards to protect against malware.