1. 105
    1. 52

      This infuriates me to no end. I have some iOS devices laying around (which would otherwise be paperweights) and wanted to build little educational games to run on them for my young son tailored to his interests.

      But no, after one week, I discovered (like the author of this article) that they would no longer run.

      Not only that, but I was also exploring embedding a few languages in iOS projects. But while deploying one of them to my iPad, I found out you are limited on how many apps you can deploy per week on each device.

      I got pissed off enough that I scrapped any kind of hobby development for Apple products. The fact that they pretend to care about environmental waste or education is a joke.

      1. 11

        You could use Altstore to sideload – it automates the app certificate refreshing business, so all you need to do every 7 days is plug the device into a laptop with iTunes installed and press the refresh button.

        1. 1

          One super downer with Altstore that caused me to lose interest is that if I read the docs right the AltStore server must STAY connected to your network so your AltStore side loaded apps can validcate their nubbins and remain runnable.

          I get why they need to do that, but as a reality for me anyway it kinda su-ucks :)

      2. 10

        I think you could still do PWAs (progressive web apps) which can look almost like native apps. They only ever have a subset of features available to them compared to native apps, but for little toys that might not matter. I’ve been wanting to play around with writing some PWAs myself for some time.

        1. 13

          Trying to do this years ago I discovered one interesting thing: the more your web app tries to look like a native app, the more users think it is “slow”. A less native looking web app which works at the exact same speed will be perceived as “fast”. It’s kind of the uncanny valley effect but for software.

          1. 6

            Yep, this definitely happens. Modern operating systems have so many subtle animations and micro-interactions that any attempts to copy them exactly are bound to fail. Web apps – or other types of cross-platform apps – need to have internally consistent design languages that work the same way across platforms. They shouldn’t try to blend in with their host platform, because that way lies madness. Anyone who has used a stock Qt Widgets app on macOS can attest to how frustrating the experience can be.

            1. 2

              You could almost be advocating for the Java Swing “Metal” look and feel here :)

        2. 3

          I’m with @jmtd. And in addition, new tech like WASM and WebGPU should theoretically enable a lot more classically native-only features

      3. 6

        Yes, agreed. This is the reason I stopped caring about the Apple ecosystem as well. In my view, the important thing about computers is that they expand the human potential for creativity and discovery. It’s particularly upsetting for Apple to not give a shit about any of that, considering that their early success is entirely due to it, as is much of their marketing even today. The company’s stated values are at odds with its observed actions.

      4. 2

        That’s a very reasonable response.

        If Apple’s black box approach pisses you off, vote with your wallet and buy devices from companies that make hack-ability a priority.

      5. 1

        Can you make it work by side-stepping the official distribution channels via e.g. jail-breaking?

        1. 2

          You can, but have you ever actually jailbroken an IOS device?

          1. The breaks are HIGHLY version dependent. You’re locked into an old OS version forever unless you want to fight the whole fight AGAIN.
          2. It’s a RAGING PITA. Like, in order to do this you need hair trigger timing to put your phone into recovery mode or whatever AT EXACTLY THE RIGHT MOMENT or it won’t work.
          3. There are toolchain issues. Like, if you want to build programs that actually run on IOS and aren’t e.g. vanilla POSIX that you run from a shell, actually deploying to your jailbroken device can be tricky from what I’ve read (Would love to hear from someone who jailbreaks, codes IOS apps and loves it :)
          1. 2

            angelXwind has been keeping AppSync Unified updated for the past decade. Also jailbroken phones de-facto use dpkg/apt and have OpenSSH preinstalled. Plus tons of ported POSIX software on various repos. Not as much as MacPorts/Homebrew but pretty damn close.

            1. 1

              That’s really great to hear! Has actually jailbreaking gotten any easier?

              I did it ONCE like 10 years ago and have never been able to again. The split second timing of putting your phone into recovery mode to trigger the thing is something I just can’t get past.

              1. 2

                Generally speaking, no. In fact, it’s gotten far worse. The jailbreak scene is a trashfire. However, despite the wider scene being a trashfire, it’s a massive scene, with it’s own sub-niches. There is a subset of software/developers/etc that is actually good. You gotta know who to trust.

                If I were to make specific recommendations, use checkra1n or palera1n (do NOT use palera1n rootless). Those are permanent exploits for iPhone X and older by trustworthy devs (for the most part). And as far as developers to follow, I trust angelXwind and Limneos (all I can think of off the top of my head atm). And whatever you do, don’t listen to, or use any software written by saurik or Coolstar. Also, avoid /r/jailbreak (and anyone involved with that subcommunity).

                1. 2

                  And whatever you do, don’t listen to, or use any software written by saurik or Coolstar. Also, avoid /r/jailbreak (and anyone involved with that subcommunity).

                  Reddit is indeed misery, but what’s wrong with those two people? I don’t follow the jailbreak scene, but I known saurik was involved with it from the beginning.

                  1. 0

                    Nice try, Coolstar.

                    1. 1

                      I’m asking because I legitimately don’t know.

        2. 1

          I wouldn’t be surprised if you could, I haven’t looked into the process. I already had a jailbroken nintendo switch lying around so I’ve been using that instead.

    2. 28

      Apple has a straightforward reason to do this – they don’t care about the $99 fee, but by keeping out hobby apps, people are more likely to download very expensive commercial apps of which Apple gets a 30% cut. For example, I needed a GPS-based speedometer recently, and (seeing no free option) ended up with one that charges $10 a month! Probably thousands of people have done that. On Android these types of very simple hobbyist-level apps tend to be free.

      1. 20

        On Android these types of very simple hobbyist-level apps tend to be free.

        Though good luck finding one that isn’t riddled with ads and asks for a bunch of inappropriate permissions.

        1. 24

          The F-droid app store is catered specifically for this. (Yes the Google store is revolting)

        2. 11
          1. 1

            That’s not on Apple.

            1. 2

              Yes, that’s the point.

        3. 4

          Perhaps I’m lucky, but I’ve actually had pretty good luck finding them. Putting “open source” into the search bar helps, and if that fails there’s often a side-loadable one on GitHub.

      2. 12

        My guess is that the actual rationale is a bit less cynical. By keeping out hobby apps — which aren’t subject to review — Apple is (trying to) optimize for end-user experience. And it’s no secret that Apple optimizes for end-user experience over basically everything else.

        I can’t really blame them for taking this position. Apple devices are better and more “luxurious” than Android devices in the market, and I think this kind of stuff is a major reason why.

        1. 17

          I don’t understand. Who is the end user when a developer is trying to improve their own experience? There’s absolutely no distribution going on in OP.

          1. 11

            That’s true, but the number of iOS users that use privately-developed apps which aren’t available on the app store are statistically zero. Even among those users, the only ones that Apple cares about are those which will eventually publish their app to the app store, and for those users the relevant restrictions are non-issues. I guess?

            1. 2

              Don’t forget about enterprise users, but I think they’re kinda not what you’re actually referring to here :)

              (If you’re a BigCo Apple will give you an enterprise profile your users can put on your phone to run privately built apps by BigCo. This is how they did things when I was at Amazon.)

              1. 2

                FYI: The definition of ‘BigCo’ is ‘more than 100 employees’ (from their docs). That puts it out of reach of small businesses but you don’t need to be Amazon-big for it to work.

                Unfortunately, iOS is pretty bad for BYOD enterprise uses because there’s no isolation mechanism between the work and personal worlds. On Android, you can set up a work profile that runs in a different namespace, has a different encryption key for the filesystem encryption, and is isolated from any personal data (similarly, personal apps can’t access work data). iOS doesn’t have any mechanism like that, so there’s no way for a user to prevent work apps from accessing personal data and things like InTune run with sufficient privilege that they can access all of your personal data on iOS.

                1. 1
                  1. 1

                    Thanks. I vaguely remembered reading about that, but InTune didn’t support it and required full access. Has that improved?

                    1. 1

                      I’m investigating this myself (need to set up BYOD at a new job) and haven’t checked on Intune yet much beyond an acronym level (e.g., it knows about Apple Business Manager which makes enrollment easyish).

                      The iOS and Android approaches are quite different—Android is kind of like having two phones in one box, whereas iOS separates the data but not the apps. Microsoft puts a layer on top that requires app support but gets you finer-grained control over data transfer across the boundary (like, can I copy/paste between personal and work apps).

        2. 3

          Whoa boy, folks with strong feelings are REALLY not gonna love this take :)

          But I agree with you, I do think unoformity of UX is a sizable reason for the $99 fee. It’s not so much “Hate hobbyists” as “Making it easy to sideload means Jane Sixpack will do so, brick her device, and flame Apple”.

          1. 2

            How many people have ever sued Google because a sideloaded Android app bricked their device?

            1. 2

              i’d be curious to see actual data on that.

      3. 7

        Open Google Maps and it will automatically show you your speed.


        1. 4

          The option mentioned in the support FAQ you linked doesn’t appear to exist on Google Maps iOS.

      4. 5

        ended up with one that charges $10 a month

        You could’ve bought a cheap Android device instead and it would’ve paid for itself in a few months.

      5. 5

        I just searched the App Store for ‘Speedometer’ and about 5 out of the top ~15 results don’t show anything about costing money, though perhaps they show ads.

        This one looks simple and says it has no ads: https://apps.apple.com/gb/app/quick-speedometer/id1564657242

        Did I find something different from what you were looking for?

    3. 22

      I really don’t get any FOSS enthusiasts who use Apple. It is the anti-thesis of freedom.

      1. 18

        As opposed to what? There are literally 2.5 choices for actually usable mobile devices.

        • You either get a privacy-respecting Apple with great hardwade, which is a walled garden, but actually many things can be circumvented and hopefully the EU will bust it even more open soon;

        • Or go with mainstream Android with blatant privacy violations thanks to the biggest ad-company in the world;

        • Or you restrict your device choice to Pixels and go with GrapheneOS. LineageOS and similar may be another option, but don’t forget that most other android devices don’t actually support swapping OSs and will wipe their proprietary firmware on doing so. I for example wouldn’t be okay with an expensive device that has its camera crippled due to no proper firmware support (Sony’s are known for this).

        And no, PinePhone and similar is so far from daily driver ready that it is not even funny, it is a toy to tinker with. If you do use it daily, then I’m happy for you, but let’s agree that your “daily driver” definition is completely different to that of the general populace.

        1. 7

          I fully agree with your definitions, I bought a PinePhone fully aware of that.

          But the commenter above is talking about FOSS enthusiasts here, in reply to an article about hobby application development, so I think the comment is still relevant. This isn’t about daily-driving, it’s about people having fun with toys.

          1. 1

            Fair enough!

          2. 1

            What if we need things only the proprietary world delivers even when we’re playing with our toys? :)

        2. 2

          No, those three descriptions of what you get are not the whole picture.

          I prefer hardware and a system that lets me control it than the other way around.

          Where are all the “[name] OS on iPhone” projects?

          Privacy leaking can completely be remedied on Android devices. In fact almost anything can. The same CANNOT be said of Apple devices.

          You’re telling me you rather a device you cannot control than one you can.

          1. 2

            There is iSH, which can run (emulated) x86 binaries including a whole alpine linux distro complete with package manager, readily available freely from the AppStore.

            Apple is limited, but no longer as much as it used to be and for many it is a more than okay tradeoff for a mobile device - I can live out my tinkering interests on a raspy/pinephone/desktop

          2. 2

            You’re telling me you rather a device you cannot control than one you can.

            If that device is awesome, then yes, literally yes.

        3. 1

          Removing Freedom zero (ability to run your choice of programs) is pretty terrible though.

          1. 1

            As mentioned, it can be circumvented (in a limited way): see AltStore.

      2. 4

        Then you’re not being mindful of the fact that people may have VERY different needs from you and that pragmatism sometimes dictates that we drink the Kool-Aid and take the good with the bad.

        I’m partially blind / fine and gross motor impaired and I LOVE open source.

        I use IOS and Mac because the accessibility affordances there are amazing and make it easier for me to do my job with less actual physical pain.

        Would I love it if proprietary hardware and software weren’t a thing? HECK YES! But in the world I inhabit, sometimes I have to do what I need to do to get by.

        (I dream of retiring one day and making bringing the accessibility features of Linux up to snuff my ‘day job’ :)

      3. 4

        Apple platforms provide the most freedom than any other platform on the market today. Other than GNU/Linux. And I am not talking about Android. What you guys are referring to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX.

        But I digress. When I boot up my Mac, I am free to send an iMessage to my dad from my computer. I am free to run a C compiler within a Unix environment. I am free to have 10+ hours of battery life. I am free to sit on the toilet with my laptop in one hand, typing on the other, because it weighs 3 pounds. I am free to run GNU/Linux within QEMU. I am given the freedom to reasonably expect, when someone in the United States of America gives me their phone number, that they also have iOS and I will be able to use iMessage and FaceTime. I am free to use Apple Pay which gives me the freedom to go on MTA or BART without dealing with those shitty clipper card things. I am free to use my credit card wherever I want, without worrying about scammers stealing my credit card number. I am free to be part of a platform with the most social cohesion which opens up relationships and opportunities that would otherwise not be afforded to me if I used Android™.

        But most of all, it gives me freedom of thought. I got bicycles in my mind.

        1. 1

          Yo, I loved that.

    4. 21

      Clickbait headline. More correct: “Apple wants you to pay $99/year to develop hobby apps for iOS that work on a device for more than a week.”

      I don’t think this is any intentional stance on Apple’s part; it’s just such a niche use case from their perspective. Or it’s sort of the shareware model where you can try it out free for a little while, but then you need to pay to keep using it.

      1. 8

        If you can perpetually build/run an app on your iThing for $0 then this is technically indistinguishable from sideloading, which Apple very much does not want. You could wrap this up to offer app sales outside the App Store.

        1. 7

          And why would Apple ever want to permit you to develop an app that doesn’t directly make them money?

          1. 5

            Because Apple traditionally has been a hardware company?

            1. 17

              Historically, yes, but at this point Apple has reached market saturation for their hardware and is slowly becoming a services and advertising company.

              1. 4

                This. Apple’s app store appears to have made about $80 billion in revenue in 2022 from app sales, or about 20% of Apple’s gross revenue. That doesn’t subtract the 70% that the app developers actually get to keep, but it also doesn’t count the $X/yr those developers pay for dev kits.

          2. 3

            This assertion doesn’t appear to correlate with reality. The majority of apps in the App Store are free with no in-app purchases.

            1. 2

              How many of those use in-app advertising?

              1. 1

                Potentially many. Apple doesn’t take a cut from in-app advertising so it doesn’t matter for the purpose of this discussion.

    5. 15

      This sort of attitude has been in Apple’s DNA since Woz’s influence waned. Per the Diagnostic Port story:

      Burrell was afraid the 128Kbyte Mac would seem inadequate soon after launch, and there were no slots for the user to add RAM. He realized that he could support 256Kbit RAM chips simply by routing a few extra lines on the PC board, allowing adventurous people who knew how to wield a soldering gun to replace their RAM chips with the newer generation. The extra lines would only cost pennies to add.

      But once again, Steve Jobs objected, because he didn’t like the idea of customers mucking with the innards of their computer. He would also rather have them buy a new 512K Mac instead of them buying more RAM from a third-party. But this time Burrell prevailed, because the change was so minimal. He just left it in there and no one bothered to mention it to Steve, much to the eventual benefit of customers, who didn’t have to buy a whole new Mac to expand their memory.

      1. 3

        And Steve Jobs was right, at least in principle. The remit was to make computers for people, not to make computers for the kind of technical enthusiasts who work at Apple to design computers. The Macintosh was never intended to be a computer for Burrell Smith.

        1. 4

          I’m a little curious about this argument. I recognise that the average user will not pull out a soldering iron. Heck, I’ve soldered professionally and I’m not going to risk a machine I spent thousands of dollars on to my skill with the iron.

          That said, if Steve had had his way, how would the average user’s life have been improved. The average user probably never knew these lines existed. Were they going to receive the savings and the Mac would have debuted at $2494.97 had Burrell not spent the money on the extra lines?

          I agree that the remit was to make computers for people. The extra lines also made the computer useful for people like Burrell, but I do not see how that came at the expense of usability.

          1. 2

            I was very careful when I said he was right in principle. Burrell was right in this instance, but only because selling a machine with just 128k of RAM was the wrong decision, including for non-technical end users.

        2. 4

          People can take the machine to a shop that can do the “operation” for them. It doesn’t mean they have to do that themselves!

    6. 8

      That’s how it’s always been, except when the iPhone SDK first launched you couldn’t put code on a device at all without paying to join the program and, as I recall, manual device provisioning. People are still finding this out, but it’s part of the whole no sideloading, trusted store thing.

      Here is a clue about Apple’s priorities: A developer is not the same as a programmer. A developer is anyone who develops the platform. Shipping to the App Store is how that happens, and you pay for the privilege. If you don’t, you’re a customer, and most customers just want an appliance that keeps working.

      Hobbyist use cases are supported better on the Mac, while the iPhone’s security model largely designs them away. Many iPhone hobbyists jailbreak their phones.

      1. 2

        IIRC the iPhone launched without an app store, and people jailbroke the iPhone to add custom apps because that was the only way they could get them.

        1. 1

          Yes, that’s how it began.

    7. 7

      For enterprises, you can do a signing thing that lets you distribute the app to devices that you’ve provisioned with your org’s certificate, which lets you ship on-house apps to your employees. It’s a shame that there isn’t something like this for individual users. My guess is that Apple doesn’t want third-party app stores building on this. I’ve pondered building a thing that would automatically re-sign and re-deploy a scripted set of F/OSS things to my iPad every few days and if something like that existed then I bet Apple would start complaining.

      1. 13

        I’ve pondered building a thing that would automatically re-sign and re-deploy a scripted set of F/OSS things to my iPad every few days.

        Isn’t this effectively what Altstore is doing?

        1. 2

          Oh, nice! I hadn’t seen that but it looks like it’s exactly what I was looking for.

        2. 2

          Cool. Back when people cared about the Mac App Store, there was a lot of complaining about it, but I never understood why Panic, Omni Group, and like a couple other indies didn’t just collaborate make their own app store for Mac. It would have been less trouble than making software that played in the sandbox and then pulling it every few years. :-P

        3. 1

          I never heard of this, and… wow. It’s like time-restricted jailbreaking lol

        4. 1

          Oh that’s pretty cool! Looks like it’s limited to only 3 apps enabled at a time due to Apple’s restrictions on self-loaded apps. https://faq.altstore.io/how-to-use-altstore/activating-apps . But can be bumped up to 10 by an exploit (dirtycow! Been a while since I heard that, wild that it’s unpatched here): https://faq.altstore.io/how-to-use-altstore/macdirtycow

          Pretty cool set of apps on the “store”, looks like it contains a bunch of emulators (banned on app store), terminals, VMs, and hacked/altered apps - but you may need to add source/repos to access some.

          1. 1

            Got any lead on those repos? I was looking some time ago and came empty handed.

      2. 4

        A sideloading exemption for open source, or better yet, copylefted capital-F Free Software only (since GPL conflicts with the app store) would be hilarious. No selling v-bucks without App Store intervention for Fortnite, but apps with source I might actually trust wouldn’t be affected.

        1. 3

          This will literally never happen even after hell freezes over, but god I hope it does. That would be slapstick comedy hilarious.

    8. 5

      [Pardon the length. I have Opinions on this stuff :) ]

      Great article, and I know that many of us share your frustration.

      The problem is that, like DHH’s description of Ruby on Rails, “Apple is Omakase.

      When you buy ANY Apple device, you are buying a black box that they control. They control the horizontal and the vertical. Any amount of agency you are given with the device is on THEIR terms.

      This rubs a lot of technical people the wrong way, and I get it.

      I think that in many of our minds, Capitalism and profit motive are in direct contradiction to the ideals that many of us hold VERY dear - that information and its darling child technology want to be free, and that anyone who locks us away from the ability to hack is committing a grievous moral affront.

      The problem is that this is a fundamentally naive view in light of the way we currently structure our society. Innovation is driven in terms of engineering hours which are funded by sales. Companies MUST protect their critical assets, and often that means not sharing everything.

      So my hopefully reasonable take is: Either drink the Kool-aid and enjoy it along with all the restrictions and barriers it imposes, or choose differently and buy open hardware that you can hack ’til the cows come home but may well lack the polish you might otherwise want.

      Until we immanetize the eschaton we really can’t have out cake and eat it too, much though we’d all love that :)

      As for myself, I drank the Kool-aid and paid the $99 for a developer program license. Whether I continue doing that year after year remains to be seen, but I knew what I was getting into when I bought in so from my perspective it’s either like it or lump it. Raging against the dying of the light feels like energy better spent contributing to open source.

    9. 6

      Come to Linux, the water’s warm, although a bit less friendly (also less clingy and invasive and restrictive though)

      1. 10

        Respectfully, that’s a rather ableist stance.

        Linux’s accessibility features are not there for many people’s needs. This isn’t out of malice, a11y is a HUGE problem space and people need all kinds of affordances to help them get by.

        But when you have a platform where the predominant desktop broke screen zoom for the better part of two years, I don’t honestly think anyone could in good conscience say that people who need such features would be wrong to use commercial software.

        1. 2

          That’s an excellent point and it was remiss of me not to remember that.

          I’m clearly not alone in feeling that Apple’s approach to development has gotten less and less “open” over time, though… and this is a thing that can be felt, which matters.

      2. 6

        On phones?

        1. 1


          They’re working on that. A fully open-source phone that was actually usable, would be nice.

          Remember how Android was forked from Linux? Yeah, funny how that ended up.

          1. 3

            A fully open-source phone that was actually usable, would be nice.

            I agree that’d be nice. I participated in the Librem 5 crowdfunding, but that ended in a useless phone. At least they upstreamed their work, so I’d like to think the money didn’t completely go to waste.

            The Pinephone is just hardware though, right? I mean, flashing a stock Android phone which uses a mainline kernel with another OS would be essentially the same as buying a Pinephone. You still need usable software to go with it.

            Remember how Android was forked from Linux? Yeah, funny how that ended up.

            It makes me sick.

          2. 2

            Will they make one with an OLED display? The power savings & color would be worth the upgrade cost.

    10. 3

      Apple is well-known for its walled gardens, security theater and hostility towards general purpose computing for decades already. If you buy these devices and give Apple your money, you deserve what you get. You’re not in control when operating these devices. If that’s what you want, fine. If that’s not what you want, don’t buy Apple.

      1. 5

        security theater

        Walled garden, sure. But Apple has top-notch security and it is absolutely unfair to claim otherwise. Out of any platform available for the general populace, it is by far the safest device to own (in part due to its walled garden, sure) — from the hardware all the way to software. The only other device that is similarly well-protected is a Pixel with GrapheneOS.

        I do like and use desktop linux as much as the next person, but we should all know that an npm install could literally do anything on your computer from encrypting your hard drive to installing a permanent keylogger, the only thing protected is installing a video driver, as per the old xkcd, and unfortunately there is still a certain mindset that everything is security theater (though it has improved over time, back in the days even Linus and the kernel were prone to this, until proven otherwise. Nowadays the problem is mostly userspace).

        1. 5

          But Apple has top-notch security and it is absolutely unfair to claim otherwise. Out of any platform available for the general populace, it is by far the safest device to own

          Citation needed. This is an often repeated claim for which there is zero evidence. When’s the last time a vanilla Debian installation was pwned by zero click exploits, as it happened countless times on iOS over the past couple of years? My falsifiable claim is that an ordinary machine with latest Debian stable is way more secure against digital attacks than any Apple deployment.

          As for npm, makefiles, and so on: You are a developer, you know the risks: Vet the code or run it in a VM. It’s not rocket science (and yes, I know, VMs are not impervious, but they exponentially raise the difficulty of exploiting the device).

          Don’t get fooled: Great security is compatible with user freedoms. The big corporations make people believe that these two things are mutually exclusive, but the opposite is true: A lack of user freedoms is a severe security risk by itself. A prime example are locked down Android devices bundled with uninstallable crapware.

          Apple systems are safe when you define safety as the user not being in control of the device. To me, that is the opposite of safety - a device is safe when I can install and remove whatever I want. It is high time we stop allowing monopolists to define the term safety as they please.

          1. 10

            Citation needed. This is an often repeated claim for which there is zero evidence. When’s the last time a vanilla Debian installation was pwned by zero click exploits, as it happened countless times on iOS over the past couple of years? My falsifiable claim is that an ordinary machine with latest Debian stable is way more secure against digital attacks than any Apple deployment.

            That’s a fairly apples to Debian’s comparison. Last time I installed Debian, it didn’t include a GUI or a web browser. It did include the Linux kernel, which has had quite a lot of vulnerabilities. Just looking at the ones in the last month, there are a lot of use-after-free bugs in the USB stack. If the same bugs existed in XNU, they would be less easy to exploit because XNU uses kmalloc_type, which does type-pooled allocation, so none of these bugs would allow an attacker to get a type confusion bug and trigger exploits.

            If you do get a root compromise on the Debian system, out of the box it doesn’t provide any secure boot, so it’s trivial for an attacker to modify the kernel binary image on disk and have persistent root access. In contrast, iOS and macOS have a full secure boot chain. iBoot uses a special compiler mode that provides memory safety (and a reasonable degree of type safety) for the code, whereas GRUB (the equivalent on a Debian install) had a memory safety bug last year that let you bypass secure boot and required all cloud providers to roll out updates that revoked the signing keys. Once you boot, the filesystem layout that Apple inherited from NeXT has a clear separation of system files and modifiable files, which makes it easy for Darwin-based systems to have an immutable base image, whose hash is part of the secure boot chain. This means that a compromise can’t modify any system files (though it can put alternative versions in your path). This makes cleaning up from a compromise much easier, because you have a large set of known-good things to use.

            Beyond that, if you install a random app via apt-get, it will (with the exception of a very small number of things that come with SELinux policies) run with the full privileges of the user that runs it. If it has a vulnerability that an attacker can exploit, it can compromise all data owned by the user. In contrast, anything installed from the app store is sandboxed by default (with Apple’s version of the TrustedBSD MAC framework) and has no access to the filesystem except for its own private region and files that the user explicitly grants access to. Even apps installed from random sources on macOS often now come with similar policies. For example, UTM on Mac runs sandboxed and so a VM escape is limited to the files that the app has access to unless it also has a sandbox escape.

            1. [Comment removed by author]

              1. 2

                so did iBoot a few years ago…

                The difference is they’re actually trying to improve memory safety in the bootloader.

          2. 3

            When’s the last time a vanilla Debian installation was pwned by zero click exploits, as it happened countless times on iOS over the past couple of years?

            When was the last time a nation-state level threat actor wanted to attack vanilla Debian installations? For Android/iOS, there are companies which exist just to find these vulnerabilities to make exploits that are sold to nation-states, since cell phones are big targets for repressive regimes. Some examples are Hacking Team and NSO Group, Are they attacking Linux installs?

            1. 2

              Are they attacking Linux installs?

              Most servers on this planet run some Linux flavor. Debian and Ubuntu (which is Debian based) are extremely widespread. They are certainly attacking Linux installs beyond Android, yes. Anyone who maintains servers with exposed ports on the internet knows that there’s constant probing and attacking going on.

              1. 4

                You are comparing a server maintained by someone at least a bit knowledgeable about computers that usually run self-made, trusted programs and are otherwise completely sealed off from any kind of external environment, to a device that can be used by my grandma to install any kind of untrusted app, right next to all the family photos, credit card, etc.

                It’s not hard to protect a single port of access, as opposed to a mobile’s huge surface area.

                1. 3

                  It’s not hard to protect a single port of access, as opposed to a mobile’s huge surface area.

                  Server security can actually be incredibly difficult and the surface area is often larger than what is exposed on a personal machine. Also, servers can be and often are very high value targets.

                  Either way, the discussion has gone full circle. If we as a society let large corporations decide what code can and cannot be executed, we the people will experience a loss of rights and powers the likes of which has never been seen before in history. And precisely this is happening at an accelerating pace. As an example, it has now been proven beyond doubt that the US government pressures social media companies into censoring uncomfortable speech and political opposition (prime example: Hunter Biden laptop). These walled gardens are the perfect instrument to impose a wide variety of restrictions quickly and easily. By the time people realize that the security argument was a Trojan Horse, it’s too late.

                  There is no security reason why Apple’s or Google’s keys must be in the TPM and you cannot put yours in there to replace it. Is granny going to generate an asymmetric key pair to customize the system? No, she isn’t. Again: Freedom and security are not incompatible, they belong together.

                  It is remarkable how many people with technological expertise fall for this cheap PR. Pay 99$ to protect me… From myself? Preposterous. It should be called out for what it is: A grift, rent seeking, abuse, exploitation. And it should be boycotted.

                  Same thing with Web Environment Integrity. It has nothing to do with security and everything to do with control and power. No profit driven company cares about you being secure beyond the letter of the law, don’t make me laugh. One thing is certain: We will hear a lot more about remote attestation in the near future and it’s not going to be pretty.

          3. 1

            because less people use gnu/linux on personal computers? but (this has happened)[https://www.vice.com/en/article/v7gd9b/facebook-helped-fbi-hack-child-predator-buster-hernandez] on debian-based systems as well

        2. 1

          but we should all know that an npm install

          erm… npm works just fine on macs, as do any things it installs

          1. 3

            I don’t understand your comment - my point is that Linux desktop has practically no security whatsoever: any program (e.g. npm) runs with the same privileges as your file browser, so the UNIX model is basically useless at that granularity. There are solutions, e.g. Android makes the whole thing secure built on the same base, but mainstream linux userspace barely cares about it.

            OSX is a lot better, probably the best out of the 3, but ios is better.

    11. 3

      Apple has pushed people away from web to native for years by hobbling their browser and forcing everyone to use it. Then, they do things like this to make developing native apps for their ecosystem painful or impossible.

      Things do seem to have taken a turn for the better on the webapp side with recent released of Safari, but damn I feel like any other company doing shit like this regularly would cause them to bleed customers and PR value. They have such cultural power and dedication from their users that it doesn’t seem to matter, though.

      1. 4

        Most users aren’t hobby programmers ¯_(ツ)_/¯

    12. 3

      Wow, the comments here really show what a hellscape modern mobile platforms are. Of course, (non-dev) users don’t really care, and neither do companies. That’s why we’re stuck with this kind of extortion.

    13. 4

      And that’s why, kids, you should never buy an Apple device!