Your citation has nothing to do with Apple banning apps and the idea the article cites is as old as dirt and has been discussed since way before the App Store.
There is no copy cats rule. There is an existence proof that this isn’t true in every category where Apple bundles a first party app.
That is not what they are referring to. For some strange reason there is a myth that you can’t ship an app on iOS if Apple has a competing service. Even though there are all sorts of existence proofs that it isn’t truth.
Signal can't send SMS on iPhones (it can on Android). Firefox has to use Apple's browser engine. Just because they don't do it in 100% of cases doesn't mean they don't do it.
Allowing apps to send SMS exposes users (think: kids) to all sorts of headaches such as auto-signing them up for premium content. And Apple has no mechanism to prevent this other than blocking the APIs entirely.
And you can use a third party browser engine. You just can't be dynamically compiling code at runtime which is needed for JIT Javascript. Being able to do this defeats the purpose of having an app curation process.
Signal doesn't auto-sign up kids for premium content. Firefox doesn't run local apps.
If these were actually security restrictions then they would be privileging their own applications by waiving them for themselves, which is just as bad. Meanwhile in practice the effects of these "security restrictions" rather than rules against apps taking the bad behavior you're actually objecting to are suspiciously convenient for them -- their users can't switch to Chrome and it gives iMessage a larger network effect, and keeps people on iPhones when their friends have iPhones because they're all using iMessage rather than Signal or Whatsapp etc.
No but having an SMS API allows dodgy apps to signup kids for premium content. When dealing with security issues you don't just imagine the perfect case scenario.
And you use Chrome, Signal and WhatApp on iPhones. Not sure what you are talking about here.
> No but having an SMS API allows dodgy apps to signup kids for premium content.
So reject the dodgy apps then. What justification is that for denying it to Signal? In particular, what justification is that for denying it to Signal but not iMessage?
> And you use Chrome, Signal and WhatApp on iPhones. Not sure what you are talking about here.
Signal and WhatsApp on iPhones can't send SMS. Chrome on iPhones isn't Chrome, it's Safari with a Chrome logo.
> You don’t think it’s a security issue for apps to be able to intercept your text messages
Apps, like Signal, that you have given permission to intercept your text messages? Why would that be a security issue? You gave them permission to do it because that's what you wanted.
> Of course the OS vendor is going to have privileged access.
Also known as "private APIs" etc.
> Do you also want third parties to be able to reprogram the Secure Enclave?
Why would that be unreasonable, if done at the request of the device owner?
When the effect of the "security restrictions" is in practice to ban the competing apps while Apple exempts its own apps from the security restrictions, it's the same thing.
How is Apple not going to “exempt” itself from having privileged access to its own operating system? Signal is not “banned” from the App Store neither is Chrome - they both exist on the App Store.
Signal is an app for sending text messages and Apple doesn't allow it to send SMS text messages. Example of why this is a security vulnerability rather than a security feature: Someone with an iPhone uses Signal to communicate with someone with an Android phone but they still have to use iMessage for SMS with others. Then they accidentally send a message to the other person using iMessage instead of Signal and it goes out unencrypted.
The "Chrome" in Apple's store is just a skin over Safari. It doesn't actually exist there, only something different with the same name.
Someone with an iPhone uses Signal to communicate with someone with an Android phone but they still have to use iMessage for SMS with others.
How is this any different from people having to use WhatsApp, Facebook Messenger, SMS etc?
Then they accidentally send a message to the other person using iMessage instead of Signal and it goes out unencrypted.
So the same people who are smart enough to know the risks involved in letting a third party intercept your text message aren’t smart enough to choose the right app?
> How is this any different from people having to use WhatsApp, Facebook Messenger, SMS etc?
It means you're using a different app for secure messaging and SMS. If they're the same app then it knows to not send SMS to the person you have encrypted messaging set up with.
It also requires you to use multiple messaging apps, which increases cognitive load and the potential for mistakes, because there is nothing available on iOS that can both send SMS and send secure messages to Android devices.
> So the same people who are smart enough to know the risks involved in letting a third party intercept your text message aren’t smart enough to choose the right app?
Smart people make mistakes all the time. Isn't that your whole thing about not giving the user full control over the device?
You mean like making a mistake and clicking “yes” and giving permission to all of your text messages to a third party that can then log it and use it to take over accounts?
How many people trusted the “no logging VPNs” before the ES hacks showed they were in fact logging everything?
