Apple’s software engineering head Craig Federighi had a tricky task in the Epic v. Apple trial: explaining why the Mac’s security wasn’t good enough for the iPhone.
Mac computers have an official Apple App Store, but they also allow downloading software from the internet or a third-party store. Apple has never opened up iOS this way, but it’s long touted the privacy and security of both platforms. Then Epic Games sued Apple to force its hand, saying that if an open model is good enough for macOS, Apple’s claims about iOS ring hollow. On the stand yesterday, Federighi tried to resolve this problem by portraying iPhones and Macs as dramatically different devices — and in the process, threw macOS under the bus.
Federighi outlined three main differences between iOS and macOS. The first is scale. Far more people use iPhones than Macs, and the more users a platform gets, the more enticing that audience becomes to malware developers. Federighi argued iOS users are also much more casual about downloading software, giving attackers better odds of luring them into a download. “iOS users are just accustomed to getting apps all the time,” he said, citing Apple’s old catchphrase: “There’s an app for that.”
The second difference is data sensitivity. “iPhones are very attractive targets. They are very personal devices that are with you all the time. They have some of your most personal information — of course your contacts, your photos, but also other things,” he said. Mobile devices put a camera, microphone, and GPS tracker in your pocket. “All of these things make access or control of these devices potentially incredibly valuable to an attacker.”
That may undersell private interactions with Macs; Epic’s counsel Yonatan Even noted that many telemedicine calls and other virtual interactions happen on desktop. Still, it’s fair to say phones have become many people’s all-purpose digital lockboxes.
The third difference is more conceptual. Federighi basically says iOS users need to be more protected because the Mac is a specialist tool for people who know how to navigate the complexities of a powerful system, while the iPhone and iPad are — literally — for babies.
As Federighi put it:
The Mac from the beginning has been part of a generation of systems where the expectation is you can get software from wherever — you can hand it to your friend on a floppy disk and run it, that’s part of the expectation. But Mac users also expect a degree of flexibility that is useful to what they do. Some of them are software developers, some of them are pros running their unique tools, and having that power is part of it.
I think of it is as if the Mac is a car — that you can take it off-road if you want, you can drive wherever you want. And that comes with as a driver, you gotta be trained, there’s a certain level of responsibility in doing that, but that’s what you wanted to buy. You wanted to buy a car. With iOS, we were able to create something where children — heck, even infants — can operate an iOS device, and be safe in doing so. So it’s a really different product.
Federighi expanded on the metaphor a little later, when Apple’s counsel asked if macOS was “safe.”
Safe if operated correctly, much like that car. If you know how to operate a car, and you obey the rules of the road and are very cautious, yes. If you’re not — I’ve had a couple of family members who’ve gotten some malware on their Mac. But ultimately, I think the Mac can be operated safely.
I find the mental image of slowly, cautiously “driving” a Mac around the internet hilarious, because cars are deadly two-ton metal boxes that crush obstacles at superhuman speeds, while my MacBook starts losing keys if I type on it too hard.
If you pair these comments with some earlier statements about macOS, though, it’s a bit less funny. Federighi was bluntly critical of macOS security, saying Apple saw “a level of malware on the Mac that we don’t find acceptable.” If you used the Mac’s security model on the iPhone, “with all those devices, all that value, it would get run over to a degree dramatically worse than is already happening on the Mac,” Federighi said. “iOS has established a dramatically higher bar for customer protection. The Mac is not meeting that bar today.” It’s a distinctly negative evaluation of open computing systems, implying only a relatively small platform could afford that openness without disaster.
Federighi took a far broader view of security than Epic’s own expert witness James Mickens. Mickens testified earlier that iOS wasn’t meaningfully more secure than Android, but he analyzed mostly technical threats to the platforms. Federighi focused on scams, phishing, and other apps that target human psychology instead of computer code — many of which pose serious dangers.
Sometimes, though, the protectiveness felt patronizing. When Federighi explained Apple’s restrictions on cloud gaming, he focused partly on tangible security issues, like how to grant device permissions for different titles on a single gaming app. But he slipped seamlessly into discussing how the concept would be simply too confusing — that iPhone and iPad owners would be befuddled by the notion of launching a separate game catalog. Apple wants iOS devices to feel trustworthy, but at times like that, it seems more like Apple just doesn’t trust its own users.
