David Heinemeier Hansson

January 21, 2022

The Mac proves Apple can safely open the iPhone

The Mac is such an inconvenient platform for Apple. It prevents the company from making any credible claim of an impending security catastrophe, if lawmakers force the iPhone to allow installation of apps without the App Store. With the Mac, we have almost forty years of proof that computers don't need an App Store to be safe. Made by the same company that now tries to pretend to legislators that this isn't possible!

Worse still, Apple continues to brag about this solid security record for the Mac when they try to sell you a new computer while their lobbyists argue the opposite on Capitol Hill. Here's how the company presents the Mac as a fortress when it comes to apps installed without the Mac App Store:

Gatekeeper on your Mac ensures that all apps from the internet have already been checked by Apple for known malicious code — before you run them the first time. If there’s ever a problem with an app, Apple can quickly stop new installations and even block the app from launching again.

This is a strong argument because it's been backed up by the experience of regular Mac users for decades. This is not a platform overrun by malware, scams, and villainy. It's a thriving, modern computing platform that relies on technical security measures to counter the threats to computing rather than hurried human review.

Furthermore, it's proof that choice works! Choice for users, choice for developers. If users believe they're better off only installing software directly from the Mac App Store, they're free to do so. If developers think they're better off distributing their software exclusively via the Mac App Store, they can do so too. But if either of them chose not to, that's their prerogative, and things have been working out just fine!

We've indeed chosen not to distribute our Mac apps for Basecamp and HEY via the Mac App Store. We distribute these apps directly via our websites. And our users are choosing in droves to download these apps. Just like users do with the fine products made by small independent shops like Panic or huge makers like Adobe.

Apple of course knows this is true. That the Mac, with its free choice for developers and users, is a thriving computing platform. They highlight the ever-higher sales all the time! 

This cognitive dissonance forces them into some bizarre logical contortions as to why this proven model of choice can't work for the iPhone. Let's address some of them:

  1. The iPhone is special because it keeps more sensitive data than a normal computer. It does? Isn't Apple's whole pitch for its ecosystem that you have all your data available on all your devices? That your Mac and your iPhone share access to the same emails, same iMessages, same contacts, same calendars, same notes, same files, SAME EVERYTHING? Yes, it is. Which means that this argument is just utter bunk. Your computer is just as crucial to protect as your phone.
  2. iPhone users are less sophisticated than computer users so they need more protections. They are? Who are these unsophisticated rubes who'll be exploited if they're given access to a platform with the same application installation process as every other computer ever made? Kids? We already have parental controls for them. This is demeaning nonsense.
  3. The iPhone isn't actually a computer, it's a phone. Apple loves to compare the iPhone with a full-fledged computer when they need to sell you on why it's such a revolution over the past. And they love to compare it to the locked-down feature phones sold by American telecoms prior to 2007 when they have to defend their extractive business practices. At least we're not as bad as those guys! Sorry, but there's no logical refugee in "at least we're not Verizon anno 2005!"

The fact is that the iPhone is already a considerably more secure device than even the Mac! Apps run in a tighter sandbox, and everything is far more locked down than traditional computers. This is where the defense against malware rests, along with the kill-switch power to nix any app that exploit novel vulnerabilities to escape detection up front.

The only thing these technical defenses can't guard against is business model threats. That's why Apple employs thousands of people in the App Store review department without any technical or security qualifications! Because they're not there to uncover security threats, only threats to the faucet of monopoly rents. And they're very good at that, because even when they fail to detect a scam, Apple still takes a cut. It's win-win for Apple, lose-lose for consumers and developers.

Despite the inherent contradictions in the argument that the iPhone would suffer a security catastrophe if it worked like the Mac, it's not hard to understand why Apple is making it. There are no other arguments to make!

Nobody but the most hardened Apple sycophants would have any sympathy for an argument that their new $1,000 iPhone can't install the software of their choice, lest its developer surrenders to the 30% stickup. Trillion-dollar monopolists just don't garner support from a naked attempt to pick the pockets of independent developers.

So this security nonsense is the only option for Apple. But oh dear would it have been an easier argument if that pesky, successful, secure Mac wasn't there to contradict all the claims and show the way!