Apple Overstates Security Benefits of App Store Business Model, Expert Testifies

Apple could open up its App Store on iOS to third parties without incurring extra security woes, Harvard professor James Mickens said Friday.

This March 19, 2018, file photo shows Apple’s App Store app in Baltimore. (AP Photo/Patrick Semansky)

OAKLAND, Calif. (CN) — Apple exaggerates the security benefits of its App Store model, and its app review process provides only  “minimal additional security,” prominent computer scientist and former Microsoft researcher James Mickens said Friday as he took the stand for Fortnite maker Epic Games in its antitrust fight with Apple.

In addition to disputing the relevant market at issue in the case, Apple has hung its hat on the idea that its success depends on its strict policing of the App Store, including a rigorous process for vetting apps to curtail malware, copycats and scam applications.

The Harvard professor challenged this assertion Friday, telling U.S. District Judge Yvonne Gonalzez Rogers, who is hearing the case in place of a jury, that the bulk of Apple’s much-touted security benefits come from Apple’s operating system itself, not app review.

“App review provides minimal additional security benefits compared to the security benefits that an operating system alone can provide. The safety of your experience on an iPhone is largely guaranteed by iOS, not the app review process,” Mickens said.

Epic wants to upend the App Store business model that requires app developers to use its in-app payment (IAP) system, and takes a 30% cut of every in-app purchase of digital goods.

Epic tried to circumvent these rules in August 2020 by installing a “hotfix” to the iOS version of Fortnite, allowing users to pay it directly for in-app purchases instead of going through Apple and getting Epic banned from the App Store. Epic answered with a federal antitrust lawsuit that claims Apple is foreclosing competition in the market for iOS app distribution. 

Last week, Gonzalez Rogers heard from Trystan Kosmynka, head of app review for Apple, who characterized the process as the best way to guarantee a safe and trusted App Store. Without it, the store would be a wild west of phishing, malware and explicit or offensive apps.

App review involves a combination of human and automatic inspections to ensure that apps are secure and don’t do things like access a user’s private data without their consent.

But Epic’s attorneys assailed the process as embarrassingly inadequate, citing internal emails that showed Apple higher-ups dealing with a host of problematic apps that feature violence and sexual content. Some of those emails were from Kosmynka himself.

Kosmynka said those apps represent a minuscule portion of those that make it through app review. “We proactively catch the vast majority of issues,” he said, adding, “We certainly miss some but it’s a small fraction.”

On Friday, Mickens said users would not have a meaningfully less secure experience on the iPhone if Apple allowed third-party distribution of apps in the App Store.

Mickens said that’s because Apple’s operating system (iOS) catches malware through “sandboxing,” which isolates maliciously-behaving software. 

“If something bad gets on a device, sandboxing is a critical security mechanism that operating systems use to restrict the scope of damage,” Mickens said.

“If the apps get on to the device through a system over which Apple has no control, does sandboxing still take care of it?” Gonzalez Rogers asked.

“Yes, and that’s an extremely important point,” Mickens answered. “Sandboxing is agnostic to the means by which a malicious app gets on a device. An operating system can still sandbox that app and restrict the kind of damage it can perform.”

While Mickens said iOS and Google’s Android mobile operating system are “roughly equivalent” in terms of susceptibility to viruses and malware, he chose to compare iOS to the operating system on a Mac, since they are both owned by Apple and “share critical infrastructure or plumbing.”

But unlike iOS, macOS allows third party app distribution, and Mickel said that doesn’t make it less secure. They both share a kernel that manages the installation of new apps, runs security processes and makes sandboxing possible. 

While macOS contains some unique security features like Notarization which scans for malware, Mickens said it could be implemented pretty straightforwardly on iOS because they share that same kernel. 

“MacOS and iOS — these are two operating systems which Apple itself has written and advertised as being extremely secure. But macOS, which has been touted as very secure and allows distribution channels in which apps have not been reviewed at all. And yet, Apple says macOS is very secure. That’s why the comparison between iOS and macOS is so important,” he said.

Mickens added, “If iOS were opened up to third-party app stores, that would not prevent users from using the regular App Store. These things can coexist and users can choose” what they want to use.

Apple will get to take a shot at Mickens on cross when testimony continues Monday. Its attorneys will likely target Mickens’s past work with Microsoft and his mentorship of Ph.D. students with Microsoft fellowships to impugn his credibility.

%d bloggers like this: