On Sideloading on iPhone — It’s OK, I’m Changing My Mind

First, just for the fun of it, let’s go back 14 years ago. In 2008, Steve introduced the App Store. Takeaways from this short video: each developer could reach every single iPhone user (repeated many times during the presentation), the “business deal” for developers which details the revenue split is 70-30, sideloading of apps is allowed, but through iTunes on Mac or PC (the App Store was available through iTunes back in the days, remember?). The rest is history, and today sideloading of apps from other places than the App Store, as you know, is forbidden. It’s interesting to look back in the history of Apple because this is a place where you can find real gems when put in today’s context. Again, Steve Jobs, while at NeXT, speaking of people caring more about money than products. Is this Apple today?

Until today, I thought forbidding applications sideloading on the iPhone was good for users. But…

Ladies and gentlemen, I’m changing my mind on the sideloading of apps on the iPhone. I’m all in, and it is all Apple’s fault. I’m the one who wrote, “A Message to Apple Developers: We Don’t Need Another Android Platform“. And yet, I’m changing my mind. In a perfect world, I wouldn’t want sideloading, but we’re not in a perfect world. Apple isn’t perfect. The App Store isn’t perfect. Developers aren’t perfect. The App Store review team isn’t perfect. Everything isn’t perfect.

If the App Store was scam-free, entirely free of copycats, I would trust Apple’s review team in its abilities. It’s not the case. Apple can’t honestly defend the App Store as being a secure place. It is not. The App Store today is full of crap. Sideloading has nothing to do with this fact.

In a world where sideloading is possible, I expect a proliferation of “curated” App Stores. Those stores won’t be perfect, either. They will probably be full of highly questionable applications. Horror stories involving scams will be inevitable. The world isn’t perfect. But it is not the issue at play here.

“I always believed Apple would draw a line at outright lying — but they continue to lie about what selling software was like before the App Store. They lie about what the review process does and about how developers are treated equally. As a developer, I find this profoundly disillusioning.” — Brent Simmons said in Apple in 2021 report cards from Six Colors.

I don’t always agree with DHH on Twitter or on his HEY feed, but it is really hard to argue against the inconvenient truth the Mac represents for Apple. I would say that it’s the main reason why sideloading has to exist on the iPhone: because it exists on the Mac. The gigantic size of the iPhone market, certainly makes it a prime target for all bad actors in the world. Thanks to all the security measures and security foundations of the iPhone, and some common sense from the users, we should be good to go with sideloading of apps.

Buying software for the Mac outside the Mac App Store
Buying software for the Mac outside the Mac App Store
Security & Privacy preference panel on the Mac
Security & Privacy preference panel on the Mac

Using the Mac as an example to defend its stance on sideloading is a compelling argument but also a very dangerous one. As Marco Arment (a well-known developer) puts it, the iPhone landscape is quite different from the Mac. The iPhone is infinitely more popular than the Mac, it’s a more tempting target for bad actors who would love to get their hands on it. Sideloading effectively opens up the door a bit. It’s up to the user who wants to stay away from sideloading on the iPhone and stick with the App Store. And it’s ok. I guess.

On Apple's Mac website.
On Apple’s Mac website.

Here is another reason for being more open to the idea of sideloading of apps. Recent security issues related to Safari leaking browsing information are a prime example of a platform limitation: not downloading an alternative browser while waiting for Apple to fix the problem is a big issue. It would have been a plus for the users to be able to do so. There’s always a bad side to everything, even for prohibiting sideloading.

Today, all I want from Apple is to stop using stupid and invalid arguments. Their attitude is attracting needless and more powerful legislative actions, which could make things worse than if Apple made the proper choice before being forced to in the wrong ways.

“Apple made significant changes for developers in 2021, but it continues to seem to make them only under pressure and with the threat of lawsuits or regulatory action. It would be delightful to see Apple stop treating their financial success as proof that everything they do is obviously correct and get ahead of what developers need and consumers want. The company wouldn’t take a big financial hit; it might be neutral or even positive. It’s all self-inflicted PR wounds on this front.” — Glenn Fleishman said in Apple 2021 report cards from Six Colors.


Recently, I started following Kosta Eleftheriou on Twitter, a well-known and vocal critic of the App Store and of Apple in general. I asked him a few questions, which he gladly accepted to answer.

If you were calling the shots at Apple today, what would be the first three decisions that you would take and why?

First, I’d start by being honest with users. The App Store isn’t as trustworthy or as safe as Apple touts it to be, which misleads people into a false sense of security. And conversely, sideloading on iOS wouldn’t “destroy the security of the iPhone” any more than it “destroys” the security of Macs today – just see Apple’s statements here: “Download apps safely from the Mac App Store. And the internet. Now apps from both the App Store and the internet can be installed worry-free.” Market-speak exaggerations have now put Apple in a difficult position, so their messaging needs to better reflect reality moving forward.

Then, I’d start by being equally honest with regulators and respect their rulings. Following the rule of law is fundamental to having a functioning society, and the idea that a company can repeatedly be skirting the law just because its profits make the penalties meaningless, that’s not setting us up for a great future.

Third, I’d instill the idea that “just because we can, doesn’t mean we should” when it comes to how competition with 3rd-parties is viewed within the company. Apple has grown so much that this is a blind spot for many people working there today, and the people responsible for this are the ones in leadership positions. The good intentions have to come from within, and not get to the point where regulation becomes necessary.

Over the years, Apple has made the Mac more secure and locked down, do you think that Apple’s master plan is to eventually block sideloading of apps on the Mac? Why is it not possible on the Mac, but it is on the iPhone?

Apple definitely wishes to control the experience as much as they can on all of their devices, so blocking sideloading on the Mac is naturally part of that. But this would be much less palatable with users than it is for iOS because fundamentally people don’t want any existing freedoms taken away from them. With iOS, most people have learned that the App Store alone is where you can get apps from, and so they can’t really see all the things they’re missing out on – because Apple hasn’t allowed those things to see the light of day.

When looking at Apple’s response to legislation around the world (South Korea, The Netherlands), do you think Apple is simply testing the water and checking how far they can go before the bigger antitrust laws become into effect in the US or in Europe?

Yes, I think Apple’s strategy is to test how far they can go, but also for how long – because each month that passes where they get to maintain their monopoly power on app distribution, they’re making north of a billion dollars from it. But I do think Apple’s strategy is going to backfire, because regulators all around the world seem savvy enough to see through Apple’s pretextual claims about security, as to why they need to be the only ones in control. But we know that this is all about money and that sideloading can be safely implemented if Apple really wanted it.

Are you still hoping for Apple to back down on IAP and sideloading? If not, why do you think Apple is willing to further tarnish its relations with its developer community?

Apple is holding developers, hostage, by controlling the most lucrative ecosystem on the planet, so when there are trade-offs between improving developer relations and maximizing profits, they choose profits. I do not think they will back down on their own, which is why regulators need to step in – urgently.

Do you think Apple will use the next WWDC conference in June to announce major changes to the Developer Program, the App Store platform?

There are always changes, but I don’t know about major ones, it’s really hard to predict. I think Apple themselves might not even be set on what it is that they are going to do yet. But I’m always hopeful that Apple might finally see some of the problems it’s creating and not just keep reminding us how much they’ve “paid to developers”.


“You don’t need to be a developer to see the friction. And the App Store situation seems only headed to government intervention. While I am very against sideloading due to the security issues, Apple’s refusal to support even linking to outside payment options (for subscriptions) will most likely result in a government sledgehammer to open things up in ways that hurt both customers (security) and Apple.” — Rich Mogull said in Apple in 2021 report cards from Six Colors.

So, what’s going to happen in the next few months and years? The mess will continue. Apple will keep fighting against all odds. Developers will get even more frustrated1. Government all around the world will be pissed off by Apple’s attitude and bad faith. They will push for even more scrutiny and eventually regulation. All around the world, new laws will be voted on. It will probably be a public relations nightmare for Apple2. The percentage cut Apple is taking will most likely change a few percentage points downward. It will be too late; the damage will be done.

Even if Apple allowed sideloading, I don’t trust Apple to come up with an elegant solution, though. They will put every warning they can to discourage users from sideloading applications. It could make the user experience miserable, worse than on macOS. Why? Money is at stake here. A lot of money, actually. Because Apple seems to be run by lawyers and greedy people, we can expect everything.

I don’t want any of this, except for a fair percentage cut of the revenue split, IAP with third-party payment processing services and a clean user experience when sideloading applications on the iPhone. That is all.

What’s your take on the subject of sideloading apps on the iPhone? Leave a comment in the comments section below this post. I’m genuinely curious.

Update #1 – 2022-02-10 – This blog post has attracted a lot of people (see my Plausible Analytics) and started many discussions about the topic of sideloading (on Reddit, On Hacker News). I’m happy and grateful for that.

Update #2 – 2022-02-10 – In recent years, Microsoft showed leadership in many ways. They tried new things and pushed some boundaries (both in software and hardware). This week, they made important announcements about their digital stores, and I think Apple should follow them. I don’t think Microsoft digital stores play the same role in their revenues mix compared to Apple’s, yet they show the right way to go to open up their stores, IMHO.

Update #3 – 2022-02-18Jason Snell on Six Colors offers his balanced view on the subject of sideloading on the iPhone. In summary, it might not be the best for security, but adding the alternative for users is good not only for them but for Apple too. It could decide to be more selective has rejected and low-value apps would end up in alternative download sites.

  1. is this even possible? The Apple in 2021 report cards from Six Colors paints a bleak picture of the state of developers relations with Apple.
  2. Apple is in a continuous public relations nightmare.

7 thoughts on “On Sideloading on iPhone — It’s OK, I’m Changing My Mind

Add yours

  1. And they could call it notarizing, like on the Mac … macOS continues to undermine any argument Apple has against sideloading on iOS. It’s not more dangerous if they keep security checks in place.

  2. A lazy argument by fans and people who run little to no businesses at all. Apple is run by business folks, it is a reason why all of you are complaining instead of being successful like Apple….

  3. Key issue with sideloading: when crossing the border and the agents ask for your passcode, they will soon swiftly proceed to install software, unless additional credentials or filters are in place—which will be circumvented too by asking the iphone’s owner. For what purposes, who knows.

  4. There is no *technical* reason that Apple cannot maintain the exact same review processes that they have today, or even more stringent ones (that’d actually be good), BUT instead of then putting the app in the AppStore, they simple sign with with the AppleBlessed(TM) key, and give the binary back to the developer.

    Whatever might happen to that binary between Apple signing it, and the iOS installer getting hold of it DOES NOT MATTER — if the signature is still good, then it’s no worse off than if it was put in the AppStore.

    The security argument is total BS.

  5. I don’t see the serious issue many spout with sideloading. For it to be the security impact Apple and otherwise are claiming you would need significant adoption. If that was the case we would be seeing the same issue on the Android side. We aren’t.
    For Apple being a security target… yes. It’s size and common base; a major exploit would be optimal, not a side load exploit. Browser or App Store. It isn’t like Android where you need a myriad of versions to cover the user base.
    Lastly, yes, I can see Apple doing the wrong this and making a solution difficult. Apple need to get it’s head on straight and solve this head on with the user / developer buy-in in the forefront. Don’t think we will see that. Excuses along the vein of “CSAM Tool enhances privacy. Think about the children” I fully expect to see. Hope I am very wrong.

Leave a Reply

Up ↑

%d bloggers like this: