I have no sympathy for their concerns. I can download apps on my MacBook machines all day from many different sources, and it harms no one. While I understand the associated risks, computers have been this way long enough that the free and fair use of software on my devices is far more valuable than the brittle safety a marketplace offers.

Apple's greed knows no bounds, and while I'm no big fan of the EU, there are some regulations like these that ensure these big bears in the industry can't abuse their positions for profit, at such unreasonable expense to consumers (not always monetarily, but be it fair access, availability, and choice), and developers especially.

If commercial real estate charged XX% cuts of all sales from a business, every business would crumble with enough time, and only the big hitters would succeed with great resentment towards their gracious corporate overlords.

Then again, I'm not American so I can easily see the influence your country has on most other countries, so to say the "EU have enormous capacity for overreach at the expense of participating countries and their citizens" is completely ignorant and oblivious.

Overall, I'm happy they're actively involved. The hands-off attitude in the US is terrible.

In reality a cookie consent notification can just as well be a small widget somewhere with an accept and refuse button, but it's the builders of these frameworks that have a vested interest in getting you to press accept.

I've applied for a job at one of these companies about a year ago, and I asked them about it. They said to me that according to their metrics, there's about 30% more acceptance if they only bury their Refuse button, so it's a legal risk they are willing to take.

Needless to say, when they invited me for a second conversation, I politely refused.

No, the shitty cookie screens with dark patterns is not the responsibility of the EU - although you could make the argument that the EU should have been stricter or more prescriptive.

I once read a light-hearted analysis of the cumulative time wasted by humanity due to the original USB plugs/sockets being unidirectional. I suspect a similar analysis of these cookie popups would be shocking.

Hah, first Google hit: https://www.linkedin.com/pulse/billions-hours-now-being-wast.... (Not sure I agree with the numbers used, but the order of magnitude probably isn't too far wrong)

The problem is definitly NOT THE REGULATION but the way that websites have become a data/cash machine...

Yes, why not stop there?

There's no such thing as a mandatory cookie popup. You don't need to get explicit consent if your website needs certain cookies to do what the user wants it to do. Placing a session cookie to log in is fine, for example. And it's also fine to place tracking cookies if and only if the user goes to aforementioned widget and presses the "please track me" button.

But users don't want that, obviously, so websites are built to force you to acknowledge the choice. The problem here is not the implementation of the law - it's the attitude of the website builders.

It's absurd how used we have become to wantonly collecting user data that some people can't even imagine not doing that.

You don't need cookie popups! Really. You don't.

You only need to get consent to track users with software you don't run yourself. Or when you sell your data off to other companies.

Both are, unfortunately, the norm. But there's absolutely no technical reason to have these in place. Non at all. Plenty of alternatives for tracking that doesn't need consent. Or just not sell your customers' data off.

I would be infuriated if I found the bakery down the street is selling its security footage with my face on it, next to my sales and spending in that bakery. I'd expect them to at least warn me about this at the door. So I can then buy my bread elsewhere. That's what a consent banner is!

Not true, actually! GDPR is a framework, and every EU country implements a national law according to that framework (e.g. the Dutch implementation is called "AVG"). The specific requirement that refusal must be as easy as acceptance is not in the GDPR, but several countries added it to their national implementation of the GDPR.

The Dutch implementation is called "Uitvoeringswet Algemene Verordening Gegevensbescherming", which, as the title states, is the law that implements the GDPR. "AVG" is just a translation for "GDPR", not the name of the law that implements it.

The Uitvoeringswet describes how the GDPR functions within Dutch law, for example, it describes the role that the Dutch Data Protection Authority plays. You can read the Uitvoeringswet right here: https://wetten.overheid.nl/BWBR0040940/2021-07-01

The GDPR (in Dutch AVG, in French RGPD, in Spanish RGPD, etc.) actually DOES state that it should be just "as easy to withdraw as to give consent" in Article 7. The directive (2016/679) can be found here: https://eur-lex.europa.eu/eli/reg/2016/679.

Something along the lines of:

"We urge all EU citizens with Apple devices to have an alternate means of accessing critical internet services like banking, to protect themselves in the event we are forced to block all Apple services EU-wide for legal non-compliance."

... then watch AAPL stock drop below NVDA ...

... and Apple come crawling back, suitably obedient.

This may vary by location and landlord but it absolutely is a thing. And a guarantee for any high-end, high-traffic location.

I have friends in strip mall businesses and they have moved locations for better landlords.

I just can't stand Linux. I've tried several distros and after using macOS since 2009 and Windows since 1995, I just can't be bothered by all the things Linux distros lack, if muscle memory for the other two aren't already the biggest obstacle for me.

I am insanely efficient on macOS, and I almost never have to think about global hotkeys, global search & calculations, managing apps & settings, and seeing nearly zero interruptions while I work -- including popups, notifications, performance dips (if I'm being reasonable with my usage), OS UI bugs, etc.

These all do occasionally happen, but never to the extent I see in popular Linux distros and even Windows. It's just a fact, after nearly 30 years of first-hand usage and comparison.

I also use macOS because it is as extensible and open as I need it to be for downloading and installing packages, and customizing the OS to suit my needs -- which is something iPhones can't do without jailbreaking and such.

I've never owned an iPhone, and seldom use my iPad. I'm an Android guy, and being able to sideload apps in rare, but important, moments is important to me. The openness of Android has been important as well, namely the fact that Firefox has always been allowed to use its own browser engine since the start, enabling the same freedoms I have using it on desktop platforms, as a primary example.

People complain about the products that are best for them. Nobody (with the power to decide what they use) complains about a product long, unless it is still their best choice.

And suppliers of products being complained about are not companies "not worth supporting". They are making the product that is the best fit for the complaining customer! They are not perfect. They can do better. So customers speak up.

But like...if someone really does like the product but knows that product could be even better, wouldn't they naturally speak up about it?

After trying UI design tools and web development on Windows and Linux machines and finding the experience very sub-par for my needs, I've found macOS, and by extension, Apple's hardware quality, choice of keyboard layout, ease of use, etc. to be superior for my needs. I have almost no complaints about the Mac platform with the ways I've been able to customize it, and its nag-free experience. As they say, it just works™. ;)

It feels made for UI design & development, with minimal to no configuration, no late nights fixing file permissions or access issues, fixing Linux subsystems, fiddling with very limited terminals, and suffering from buggy piecemeal UI shell packages that prioritize fancy, laggy animations over functionality.

On the contrary, I've found not only doing these tasks and multitasking to be very frustrating when getting serious work done on other machines, primarily frequent interruptions (Windows) and major inconsistencies with global keyboard shortcuts.

For what it's worth, I'm also a staunch Android user, never owned an iPhone, occasionally use an iPad for reading and other content creation, absolutely love my Windows PC for gaming and surfing on my TV, and work exclusively on my MacBook. I'm very particular about using the most suitable machines for the tasks at hand, but well-rounded enough not to be completely captured by Apple.

I had 2 macbooks fail simultaneously over the new year, and instead of laying down the $$$ for a new m3 mackbook, I put a linux station together, with the intent for it to be a windows dual boot.

At this point a couple of months later, windows is no more than a KVM/QEMU virtual machine (and runs its DAW/synth apps, significantly faster and with greater stability than either of my dead m1 macbooks ever did.)

Best tool for the job has changed.

An equipment manuifacturer who's goal is for hw failures to trigger a new purchase and not a repair should be enough incentive to ditch them. We all know Apple has fallen way further than that.

They're a litigious, anti-consumer company that hides behind some fake, faded, John Lennon esque / hipster image.

Time to cut them loose, isn't it?

I've heard this since around 2004, and did try it every once in a while. And while I have the utmost respect for the Linux desktop developers... the experience was never comparable to me. I'm a sucker for well-thought out and coherent user interfaces, and the rigid principles Apple developers have to follow are no match for a loose group of open source devs.

I will continue to follow their progress, but as it stands, using a Linux desktop on my main machine feels like swapping a Mercedes with a home-built Gokart.

They are deciding that said product is the best fit for price on their individual criteria.

To "support" would require you to make sacrifices - aka, buy an inferior/worse-fit product from a company you want to support, instead of from the company that actually offers the best-fit for yourself.

Aside from me throwing too much at it (should've sprung for 32GB), it's the single best notebook I've ever owned, and the most reliable.

To say it was the best fit for me is an understatement! It's truly great!

Don't get me wrong, Framework makes a lot of neat stuff, but you can't swap out a Macbook to _anything_ without consequences. It does not take a lot of imagination and empathy to see that for some people, those consequences aren't acceptable at all, or not simply not worth the utterly undetectable sting that a company such as Apple would feel by us not buying a single Macbook from them.

If someone has to alter their entire work environment and process, while Apple doesn't even notice, is that truly worth the moral superiority they'll feel? For a whole lot of people, that answer is "no", and I can't blame them.

And yet we live under capitalism...

No, you can’t avoid capitalism, you’re born in the country your born and you don’t have that choice.

This is more like moving to a capitalist country and then complaining that you live in a capitalist country.

In reality, it's safer to assume that most or all major apps don't have problems with this, so I'm being a little facetious here. Regardless, after nearly 20 years on Android, nobody could possibly pry my muscle memory and features I've come to expect from my cold dead hands. :D

I have owned, and continue to own, all sorts of laptops and phones. I could rant about Apple all day long online, but in the end their product is simply superior.

It is such a powerful and self-evident idea that those computers are still above and beyond the best ones in the world, even with all those years of indifference.

Except Airpods. They're pretty sweet.

Sweet devices that keep falling off your ears. You need AirPod ear hooks to keep them on.

That said, my MacBooks have the best laptop batteries of any computer I’ve owned. My wife went through multiple laptops in the time I kept one in college. Turns out some electronics just suck!

So you bought an iPhone knowing you can’t download apps and then go cry because you can’t download apps?

Then your argument is that well, all my friends have iPhones or there are some other good features, or whatever else you make up?

So you obviously find value in the product, it’s missing a feature, but you will consciously buy it anyway, it doesn’t make any sense.

Does the standard simply change when a company is big enough?

Imagine ordering a steak salad even though the restaurant doesn’t allow modifications to the ingredients, then throwing a temper tantrum when you get it because it has steak. It’s unbelievable.

What "doesn't make sense" is reducing a complex decision down to a specific factor, and then trying to create the narrative that your specific chosen factor is the sole reason anyone chooses a specific product.

It is completely fair for people to prefer iPhone and also argue for Apple changing their policies.

And there are multiple manufacturers that aren’t associated with Google who make phones.

If this were truly such a shortcoming, more companies, in addition to already existing ones, would create phones with side loading apps.

Imagine me pitching my idea to YC, it’s like an iPhone, but with side loading apps! It’s brilliant!

You’d be laughed out of the room.

The issue is you want those good Apple features, you want that Apple ecosystem, the blue bubbles, etc, but you also want to have a feature that the phone doesn’t have and people are crying that Apple won’t give them that feature.

I don’t even care, and I even if I did, decisions already been made so there’s nothing to argue.

This is simply an amusing situation, the grandstanding is simply funny.

> I don’t even care

> This is simply an amusing situation, the grandstanding is simply funny.

Wait till the Commission delivers the punch-line.

It’s possible to not care about something and still submit an opinion. Or maybe it’s the degree of caring that is confusing you, I care enough to comment and have a viewpoint, but I don’t care to the degree that I am upset or will lose any sleep over it.

There you go, hope this helps you understand what I meant there so that you are no so hung up on it so as to feel the need to quote it.

Please do save me the suspense and share the punchline now!

It’s perfectly reasonable to use YC here as at the end of the day they’ve helped launch of ton of companies that are popular with consumers.

Regarding the irony in using them as an example of corporate righteousness, well you did get me there and I agree with you.

Of course, native apps that wrap web-based apps is almost the reverse of that, and we still often get laggy, sub-par experiences as a result of broader platform support for lower maintenance costs.

PWAs fill the opposite gap where you get native-like apps at the expense of low performance, distributed any way you like.

What we really need is for high-performance native applications to be distributable via the open web, and that's exactly what the EU is enforcing here, in a way. What would be better is for WebAssembly to take off and offer native performance in apps that can be visited at URLs, just like we're used to.

Why do you care so much that Apple has been forced to give consumers more choice, you can still just use the app store yourself, nobody is forcing you to use apps from alternative stores.

This is the standard "one true religion" reaction imo.

The users should not be forced to run Apple approved applications.

They're acting like an anticompetitive wuss if you ask me. If Apple is the righteous one here (imagine that), they can pack up their bags and tell the whole EU to shove it. They can individually invite all 27 markets to kiss their ass and watch as the relevancy of Apple products plummets in the first world. Problem solved, Apple saves the day. 中国梦!

Or, they can take the king's ransom of iPhone revenue and surrender their asinine software double-standard. This doesn't end well for them either way, there's no sense it making it last longer.

Show of hands, how many people actually spend multiple minutes (or hours) just swiping through their respective App Store just to find something new and interesting?

Aside from the store experiences, the web's powerful (gasp!) ability to find and download content including Computer Applications™ has always been its greatest strength. App stores are a net detriment seeking to protect the lowest common denominator: the uneducated computer user who hasn't bothered to learn everyday security practices to avoid downloading malicious apps or vetting software developers on their popularity and/or security themselves.

This takes a little knowledge and practice, but this isn't much different from shopping for good produce in a grocery store. Avoid the rotten fruit, and use your friends/family to help you judge what's best! That's the beauty of freedom on our devices, as it enables the power users and enthusiasts to enjoy these devices at their fullest, without senseless obstacles offering unsolicited "protection".

This part:

   > If commercial real estate charged XX% cuts of all sales from a business

Using another real estate analogy -

Imagine you bought a house from Fruit Builders company. The house came with a pool.

Now unlike every other pool in existence, this is a very special pool that just really cares about your privacy and security a lot.

It won't let you use any random pool toy (it has lasers), no it must be a well-behaved toy that is rigorously tested and officially notarized by Fruit company themselves (= non-employee contractors taking one look to make sure Fruit's cut is not being circumvented).

So you go to the supermarket, purchase a marked-up toy, the toy company reports its earning to Fruit, and Fruit takes their cut.

All for your safety of course.

If you’re going to come up with analogies, at least do something that is remotely applicable.

But sure, here's another -

You can run any company's software on a MBP, downloaded from the internet, without paying a dime to Apple. Similar situation applies to Windows / Microsoft.

The iOS model is advocating for rent-seeking in MacOs and Windows binaries.

Surely Apple's OS/framework that they tried to say they spent so much money developing, sandboxes and protects all running code from said data vacuuming behaviour?

Or did you really believe Apple when they said it would reduce security™

Because the only reason it would is if Apple let it happen on purpose so they can create a consumer backlash by saying "I told you so".

I won't pretend to know exactly how their processes work in detail, as I'm an American citizen, so the EU's concerns generally don't interest me much, but if the U.S. Federal gov't versus State governments can be used an analogy, I have similar feelings, in principle.

How does that count as a "marketplace"?

> Web Distribution ... will let authorized developers distribute their iOS apps to EU users directly from a website owned by the developer

All of this just makes it crystal clear what Apple's goal is: to prevent competition. It's not about security like they've been lying about; it's all about maintaining their app store monopoly.

Web Distribution requires stricter app and developer review than Marketplace distribution.

> The goal was to get out of Apple's clutches when your customers have their devices

Whose goal? Read the DMA. It is very explicit that it expects Apple to maintain security of devices and apps.

Which goes to the parent's point that their intent is to prevent competition. Otherwise why would the alternative need more onerous security measures, if not to act as a deterrent through friction?

> Read the DMA. It is very explicit that it expects Apple to maintain security of devices and apps.

It also says that the security measures have to be "strictly necessary" and "there are no less-restrictive means to safeguard the integrity of the hardware or operating system" and "[t]he gatekeeper should be prevented from implementing such measures as a default setting or as pre-installation" etc.

Which implies to me that you not only have to be able to turn them off, they have to be off by default.

Without a kill switch, gatekeepers would lose control over apps, making them "strictly necessary." Most interpretations of the DMA agree.

The comment literally says: "All of this just makes it crystal clear what Apple's goal is: to prevent competition. It's not about security like they've been lying about; it's all about maintaining their app store monopoly."

There is no reason for the security measures to be more onerous for the competing thing if they were sufficient for Apple's thing, unless the purpose of the security measures is to prevent competition.

> Without a kill switch, gatekeepers would lose control over apps, making them "strictly necessary."

Gatekeepers having control over apps isn't necessary for security. The device's owner having control over apps is. They can opt into a particular gatekeeper's control if they choose to. How is it "strictly necessary" for the gatekeeper to force them to use one provider of vetting services over another? Isn't the point of the act to enable competition?

Web Distribution means Apple is handing over responsibilities previously handled by the Marketplace directly to the developer. Allowing developers to police themselves is obviously riskier.

> The device's owner having control over apps is.

This is simply not true. Device owners are hopeless at maintaining the security of their devices.

> How is it "strictly necessary" for the gatekeeper to force them to use one provider of vetting services over another?

There are 2 tiers of "vetting services": 1. Marketplaces determine the appropriate content or type of apps allowed in their listings, 2. Apple determines if an app, developer, or marketplace is an outright threat, e.g. if an app turns out to be a scam, or if a bug in an app exposes an exploit, it is "strictly necessary" for Apple to be able to yank the app immediately.

Doesn't that depend on who the developer is? Certainly it isn't the case that no one exists who the user might trust at least as much as Apple.

> This is simply not true. Device owners are hopeless at maintaining the security of their devices.

"Device owners" includes substantially all people. Many of them are not hopeless and are entitled to make their own decisions. Some of them are even more qualified to do it than the people Apple has reviewing apps.

The hopeless people may be better off sticking to trusted stores, but they can do that without prohibiting others from doing otherwise.

> There are 2 tiers of "vetting services": 1. Marketplaces determine the appropriate content or type of apps allowed in their listings, 2. Apple determines if an app, developer, or marketplace is an outright threat, e.g. if an app turns out to be a scam, or if a bug in an app exposes an exploit, it is "strictly necessary" for Apple to be able to yank the app immediately.

That doesn't change the question. How is it "strictly necessary" for Apple to do that, rather than whoever the owner of the device chooses to do it? It would obviously be possible for a third party like Symantec, Malwarebytes or the makers of uBlock to do the same thing.

Sure, the amount risk probably varies, but you are talking about going from a Marketplace that implements some level of app review to no-review. It's more risk.

> Many of them are not hopeless ...

Exactly, and "many" is not enough. It's not possible to design a special switch only for those qualified "many" - and only them. Platform owners and the EU insist on protecting the unqualified everyone else too.

> How is it "strictly necessary" for Apple to do that, rather than whoever the owner of the device chooses to do it?

It's not in the sense that someone else could do it, but the DMA doesn't require it, so obviously no gatekeeper will. Also, it's a terrible idea because there's no market for it. Everyone already expects it to be free.

Only if the developer isn't as trustworthy as Apple. In fact, it could be lower risk even if they are less trustworthy than Apple, when it's their own app, because someone who is less competent but not overtly malicious who posts their own app is much less likely to be supplying malware than a general-purpose store that tries to vet everything but accepts submissions from just anyone at all including overtly malicious actors, and could thereby miss something.

And the user, in choosing which alternate stores or developers to trust, can decide that.

> It's not possible to design a special switch only for those qualified "many" - and only them.

Well of course it is. In the worst case scenario you could make the switch irreversible and then once enabled the device could never add another store. But that's really no different than requiring a device wipe to change it back, because a wiped device should be no different than a new device that never had the switch enabled to begin with.

> It's not in the sense that someone else could do it, but the DMA doesn't require it, so obviously no gatekeeper will.

Isn't whether it's "strictly necessary" the condition on which they can demand it?

> Also, it's a terrible idea because there's no market for it. Everyone already expects it to be free.

How is it free? They're charging $100/year and a percentage on top of that.

(But yeah, this is just slightly silly naming from Apple).

Does this only makes sense if you assume payments are tied to the App Store? They aren’t.

If you remove payments from your list of motivations, what do you presume Apple’s motivation is to encourage apps to list themselves on the App Store and not a third-party marketplace?

Like literally the only participants in that business transaction are the consumer and the company, Apple does not even enter the picture.

It would be like car manufacturers charging you a percentage for going to the grocery store, because they provide a Private and Secure™ transportation platform.

Consumers will soon catch up, and if the EU does not put pressure on Apple about this, they definitely will.

Similarly, I dream of going to Epic's website to download some Fortnite, maybe charge a thousand vbucks to mom's credit card if I'm feeling adventurous, and that has nothing to do with Apple or iOS.

This is how every single general-purpose computing platform (including Apple's MacOs) and the open internet has worked for multiple decades.

Some may be like Uber, turning the car into a taxi service, or like Turo, allowing it to be rented. Others may be independent mechanics that can work on the car perfectly fine without access to blessed tools.

There is no cost passed on to the customer because the car manufacturer does not enforce a percentage cut of Uber's or Turo's revenue.

That said, there is likely no perfect analogy in cars. We can instead turn to MacOs / Windows / Linux etc., general purpose computing platforms that do not suffer from a gatekeeper's stranglehold.

This is how it used to be, until Apple got too large and instead of being beholden to developers it flipped the other way around, and now releasing an app for Apple's platform is a supposed privilege.

Take the games industry, where developers and publishers are often given huge incentives by a platform (mostly consoles) to develop for that platform; because games developers are providing value for the platform owner by making the platform more attractive because it has more content options for the consumer.

Why is it so hard for people to wrap their heads around that concept.

Right, as an incentive. That's exactly right. Makers of other platforms chose a particular funding model to suit their commercial strategic environment, not because they were obligated to. Why should Apple be obligated to follow other (or even their own) prior business models?

> This is how it used to be

It really isn't. In fact this expectation of free full-featured developer tools for mainstream platforms is relatively new. https://www.itprotoday.com/windows-78/microsoft-sets-pricing...

> Take the games industry

Sure. Remind me where I can download the free developer kit for the PlayStation 5? Remind me who I need to pay in order to distribute a PlayStation game?

In fact, Windows itself came with everything that you needed to build just about any userspace app in the box since Windows XP SP1 (the first one that included .NET Framework).

Also if I bought visual studio, MS couldn't tell me what I could make my program do, or outright refuse to let people use my program.

Which the annual tax (aka developer fee) presumably covers.

If you believe in that as a security measure, you could still have a signing requirement and apple could revoke trust on known-bad binaries. Which is probably what they will do.

If the developer needs to use Apple resources to track and manage said entitlements, and the consumer expects Apple to police bad actors, then are we asking Apple to do this for free on the bad actor’s behalf (oops, I didn’t mean to use your microphone, GPS, BLE in order to sell the info to an enemy state, law enforcement, angry ex!) or should the cost of said infrastructure be passed to the customer when purchasing hardware? OR does Apple wait until an application is exposed, generally through an echo chamber after the damage is done and is made aware of the issue?

The vanishingly few remaining users use F-Droid (sometimes exclusively), which is probably the safest app store on Earth, with GNU/Linux and *BSD distros' base repositories. Open source only, reproducible builds with public recipes written independently, trackers removed (because they usually rely on non-free libs).

I honestly don't see how having only one store makes an OS safer. That store could be an unchecked mess.

We could talk about policies around app inclusion and permission management though.

Are you sure? Android phones are pretty big in China, which is by far the world's largest smartphone market, and I guess Play Store & "the Amazon thing" (I don't remember the name either) adoption there is close to 0%. Anecdotally I have noticed a lot of people using phone vendor app stores in India (the second largest market, though half the number of devices as China) and Indonesia (another huge market). Taken together I'm very skeptical that Play Store + Amazon have a majority of Android users.

No, good point! I hadn't thought about the China market. I don't know how things work there.

    > I guess Play Store & "the Amazon thing" (I don't remember the name either) adoption there is close to 0%.

If the argument is "Apple in particular has a huge vested interest in making sure that their first party App Store doesn't distribute malware", that's somewhat stronger.

I don't know which argument nektro was trying to make, I could read it either way.

Personally, I lean towards the point about vested interests, although it is only "lean towards" not "fully embrace": what they care about isn't strictly security, but their bottom line, and being a US company with US moral norms and US payment providers, this can also be observed in the form of their content rules — they seem to treat sex as a much more important thing to hide than violence[0]. This does not sit well with people like me who think violence is bad and sex is good.

[0] A bit over a decade ago, the app submission process flagged the word "knopf" in German translations, telling me it was a rude word and I might get in trouble if I was using inappropriate language. It's the German word for button… or knob (but in the sense of button, it's never a dick), and so I can only assume someone got a naughty words list in English and translated it literally rather than asking for a local list of naughty words.

I'll bite. Is there anyone here that thinks overall security for elderly (and lower skilled users) will *not* be hurt by additional app stores? I find it hard to believe. And, I write this post an an uber geek is is neither an Apple fan boi, but is very impressive by their overall security and UX. For the geeks, it would be great to have more stores. For the average users... maybe... For the least tech-savvy users, I cannot believe it will benefit them.

My parents are in their 80s and use Android with F-Droid (I set it up for them). No scams. No account or password. No ads. Simple apps. They have definitely benefited from having more choices available to them, specifically a repo of software built with something other than profit motive in mind. Apple's not very good at offering that.

If app stores need to be locked down to protect the elderly, then surely the Internet needs to be locked down to protect all children. After all, Safari still navigates little Jimmy to pornhub if he clicks the link.

I feel like the real solution, same as the one most parents should be using instead of forcing it into everyone else is the same it's always been; don't give young Jimmy unfettered access to the Internet (and use a child/safety filter in your own home/on your own devices) and for Apple to provide a setting that enables/disables alternative app stores, so that children of the elderly can choose for them in the same way they'd choose for their children.

https://support.apple.com/guide/assistive-access-iphone/set-...

My original question was a request for hard evidence which I think is lacking in arguments of security and safety.

I think I've seen an equal amount of press surrounding fake and useless apps on both android and apple platforms. But this is purely observational.

Move the switch back and the device won't boot without a factory wipe. That's going to deter both anyone who can't successfully disassemble the device to flip the switch (i.e. severely technically illiterate people) and the people who aren't willing to press YES to a prompt that says it's about to erase all their data (i.e. mildly technically illiterate people), while leaving it possible for exactly the people it should be possible for.

I have yet to hear a convincing argument (from multi-store proponents) about how to prevent this. If the big social media companies pull their apps from Apple's official store and move to their own stores (with unfettered access to spy on users) then they will be successful at dragging their users with them. Furthermore, there is no evidence that GDPR has had any success stopping them from siphoning up all the data they want.

This is the same thing that Apple does if they refuse to follow the process as it is, right? You're being insufficiently stubborn. And excessively dismissive if you think users making choices have no power. There are demonstrably people committed to having it their way:

https://news.ycombinator.com/item?id=39685700

Unless you think tech companies have gotten too big and people don't have a choice anymore. If you have a monopoly, what you want is not another monopoly to fight them over which gets to fleece you, it's to smash them both by any available means. One of which is resistance through personal choices, one of which is... anti-trust enforcement.

> about letting other large players carve up the Apple/Google 2-slice pie into a few more big slices

Do you not believe that increasing competition for app stores will "empower individual users"? If yes, please provide an alternative to DMA that will benefits users more.

So, to answer your question: no, I do not believe it will empower individual users. If we really want to empower individual users we should be looking to inject more competition into the social media markets as well. More "app stores" that do nothing but offer the same apps while bypassing Apple's protections will not benefit users. And if the 30% Apple tax is the real problem then why not legislate against that directly?

Sure, but you can do both.

> More "app stores" that do nothing but offer the same apps while bypassing Apple's protections will not benefit users.

It's not just the same apps though. For example, the license Apple uses for the app store is incompatible with the GPL, so no one can make an iPhone app under the GPL or use existing GPL code in one. That license is one of the things that allows collaborative projects to form and right now that can't happen for iPhones.

Likewise, the $100/year fee deters hobbyists from creating apps.

And Apple prohibits certain types of content in their store, e.g. adult content or P2P apps, which some users would want.

> And if the 30% Apple tax is the real problem then why not legislate against that directly?

Price controls are generally a bad idea. The cost of hosting the app installers is generally negligible, but a few apps could be huge, and then it isn't, so how much should it cost? Can they charge a flat percentage of sales or does it have to be per-GB of transfer? What happens when the market price of storage or bandwidth changes over time? What if it's different in different regions?

Legislating rules to handle all the edge cases is a fool's errand when competition would handle it for you because anyone who charges too much would lose business to someone who charges less.

Users have a lot of power individually. The most obvious example is when there is competition. You could be a single person and your counterparty could be the world's largest corporation, but if you have ten other viable alternatives, they can do no worse to you than the best of your other alternatives or you just choose the other one.

But you can also do it by being stubborn. Some people seem to have completely forgotten how to do this. There is a transaction with a surplus of $100, the counterparty is some egregious monopolist and the deal they offer you is that they get $99 and you get $1. A lot of people take the deal, because $1 is better than nothing, but that's not it. What you do is flip over the table and walk away, because that costs you $1 but it costs them $99 (or $50 or whatever their share would be after offering whatever it would have taken to satisfy your sense of fairness).

People are so lazy now, or they've been conditioned, so now they always just take the $1 even if the alternative is only a minor inconvenience for them. Okay, you have to use Signal instead of WhatsApp, so what? But being willing to walk away from an unfair offer can sometimes be to your advantage even in an individual negotiation, because you both know the other party has more to lose. It's definitely to your advantage when other similarly-situated people do the same thing at scale. See also:

https://en.wikipedia.org/wiki/Superrationality

> They express their power collectively through the political system.

They express their power collectively however they want. Organizations (e.g. FSF, EFF) can do things like pool money to create competing systems. Even for-profit corporations can do this -- you don't like the incumbent? Start a competitor, and raise funding from all the other people who don't like the incumbent.

But again this seems like something people have been conditioned to believe doesn't work, even though it obviously does. To take a simple example, the EFF created Let's Encrypt, which cut the legs out from under the certificate mafia and made TLS free for everybody. All it took was an organization to pool enough resources to develop the initial implementation.

> I'm just very skeptical of the approach taken by Europe with the DMA. It seems to be less about empowering individual users and more about letting other large players carve up the Apple/Google 2-slice pie into a few more big slices.

Government regulations often fail as a result of incompetent administration or some corruption. But some forms of anti-trust can only be fixed through the law because the trusts themselves were created that way.

If government enforce contracts in restraint of trade then people will enter into contracts and form a cartel or enforce a monopoly. That is not acceptable, so then governments have to constrain what kinds of contracts they're willing to enforce, and somebody has to write down what "restraint of trade" means to establish how that works. It's not fun and they'll often get it wrong but the only alternatives are to either not have governments enforce contracts or allow cartels to form that become de facto private governments. So we do the best we can.

The EU is not great at this, but the problem they're trying to address is real, so sometimes you just get to sit back and watch two entities you don't really like have a fight with each other.

When everyone you actually need to communicate to is on WhatsApp, Signal is pretty much useless.

I guess pigs fly or hell freezes over. Musk and Zuckerburg had years after such changes to make their own store on Android (which put in similar privacy policies at the same time as Apple). It doesn't make any sense for them because being off the main store is worse than gleeming off a bit more data to sell.

>I have yet to hear a convincing argument (from multi-store proponents) about how to prevent this.

How about proving that the subjects in question are on multiple stores to begin with, or otherwise have shown interest?

You're questioning GDPR's validity, but your own premise isn't a thing to begin with.

You should not have to police adults on what they're allowed to do with their property. If someone asks me to help them setup their computer, I may gave some advice and warning about things to avoid. If they asked me to do something that may be dangerous, I can refuse to do it, but I will not actively prevent them from doing so. They're not children.

If someone is ok with putting their whole digital life at risk, then let him do so. Just like you can't prevent someone who wants to eat cake all day. It's not your life.

The fundamental problem with this "power to the people" mentality is that adults don't actually know how to use technology. The average person is technologically illiterate.

You can go on about giving adults full control over their property, etc. etc. but we both know that this is how you get security disasters: old people getting scammed, people losing their life savings and what not.

Part of being an effective security engineer, is realizing that you need to protect people themselves. 2FA is a prime example of security driven via this mindset: necessary because the technologically illiterate masses reuse passwords. There are other benefits, but that's the main reason.

So you shouldn't have to police people, but practically, in the end you do.

> If someone is ok with putting their whole digital life at risk, then let him do so.

All fun and games until people lose their life savings and get forced into homelessness or whatever.

Then these people start to blame you. Then technologically illiterate senators and regulators will also blame you. Lose-lose scenario.

Crypto is a prime example of what happens when you give people control. "Power to the people!," tons of people get scammed, and this prompts regulatory lockdown.

TL;DR is that the EU regs wouldn't be a problem if Apple could hide the functionality behind developer settings, but they can't. Exciting times, people in the EU are gonna get totally fucked by shady apps. GG.

This happens when senile people are legally authorized to exercise control over their assets. It has nothing to do with technology and has been happening since before computers existed. The general solution is to appoint a conservator who is required to authorize major transactions.

Which hardly justifies using the same measures for someone of sound mind.

> 2FA is a prime example of security driven via this mindset: necessary because the technologically illiterate masses reuse passwords.

And then their phone number changes or they lose access to their email and you've locked them out of their account.

This is particularly egregious when the second factor is required to be a phone number, because people in financial straits will have their service canceled for non-payment and now you've magnified their problems at the worst possible time. But phone numbers serve as a convenient tracking ID since most people only have one of them, which may explain the popularity of requiring them "for your own protection".

> All fun and games until people lose their life savings and get forced into homelessness or whatever.

We build insecure systems and then blame the users for it and offer to lock them in a cell to protect them from our bad choices.

Why is it that anyone can charge a credit card or a bank account who has the account number? Public key cryptography has been a thing for decades. Put a USB-C connector on the credit card itself and require the card to be plugged in to the device the first time each merchant wants to charge the account. 99% of credit card fraud, gone, because you can't breach one merchant and use the card info at a different one without physical access to the card.

Meanwhile anyone could trivially cancel a subscription because the list of authorized merchants would be listed on the bank's account webpage and the user could remove one at any time.

> Crypto is a prime example of what happens when you give people control.

Anybody can go to the bank, right now, and withdraw cash and hand it to a scammer. Sometimes they do. You can also give them your television or company ID badge. Cryptocurrency is no different. Most of the crypto scams are get rich quick schemes, which people have been getting scammed by since the invention of barter.

What made cryptocurrency so susceptible to scams wasn't that people were in control, it was that some people were actually getting rich, which made others credulous, and that attracts con men.

"We have to protect people from themselves" is only true for small children and the mentally ill. Adults get to make their own choices -- because there is no one else to make them. As soon as you appoint someone else to do it, that person has a conflict of interest and the incentive to defect, and the person affected needs the right to choose differently unless you can prove that this specific person is mentally incapable of exercising reason.

"Nobody is ever completely reasonable" doesn't cut it because that applies to the gatekeepers too.

Why would we want freedom to self publish on the web but not in mobile apps?

I'm assuming that Apple is going to profit from that catalogue.

Basically, it is what the web would look like if it were developed by corporate interests, conversely "apps" could have been a better designed web[1], but instead are this comparatively clunky gated process where you have to explicitly install the app first only then can you use it.

1. The web was designed to deliver pages, this was well designed, application like functionally grew organically afterwards and is quite the mess.

And it has become the norm because both developers and consumers have readily and happily accepted that deal.

The TI calculators were progamable, my brother used those.

Then the pocket pcs (windows ce) had 3rd party programs, those were distributed as files by the publisher. Program stores were webpages were people sold their files. I used the skyscape medical books; you installed the program as usual, then you bought a code specific for your version and file. All that done through a webpage

Then we have android. Google had the Marketplace (now playstore) as we know it today, except packages didnt use google services to validate licenses, Many times it was just a package (a file) The main progress was ease of use.

Then comes iOS and their extreme BS of not being able to "sideload" "apps" The store is no longer a convenience, it is a requirement. For your safety, of course. The main "progress" here is that they convinced many "Americans" that a commodity affordable phone with a painted cartoon of a bitten apple is "Exclusive", as VIP only. I compare it to the NFT phenomena, except the fruit cartoon did stick.

I know they have ulterior motives for their walled garden, but this is a product of said garden. The App Store is by far much safer to use than Google's Play Store. Plus the parental controls on android are essentially non-existent.

I'm happy in this walled garden.

That doesn't justify them prohibiting you from installing anything from outside of it. It should be up to you.

If you wanted to, you could even configure your phone to not add any new stores without a factory wipe. But maybe first you want to add in the repositories that have only free and open source software, or the stores of some respected game publishers who offer lower prices if you use their own stores for their games. And maybe the existence of these stores would encourage Apple to charge lower fees, and then you benefit from the lower fees even if you choose never to install anything from those stores, since your option to exerts competitive pressure on the stores(s) you are willing to use.

When things eventually open up, when Apple is finally forced to permit other app stores on their mobile devices, I'll take a hard pass on them.

You are saying you are happy in a "safe secure system".

In contrast, a "walled garden" is a prohibition on alternatives, not a source of safety. The prohibition of alternatives does not make the App Store safer.

If anything, it protects Apple from competing with safter alternatives! Like an app store only for children. Or an app store of formally verified apps.

Please correct me if I am somehow missing something...

1) I happy having a walled garden, I feel safe

2) I am happy being imprisoned in a walled garden with no door, I feel safe

By what metric? The warm fuzzy in your stomach because you believe apple's bullshit? Have you actually used the play store? They are identical.

Spoiler: it isn't.

It's been a couple of years since I've last tried, but given Google's history regarding subpar controls I doubt it has gotten appreciably better.

I'm confused by this. Did it come to play regarding parental controls ? Like an extra layer from the carrier ?

So safe in this walled garden where Apple reviews all apps for user safety and security.

Regarding smartphone safety, the only truly safe thing to do is not not use one at all.

Both stores are walled gardens.

One onboarding experience: https://news.ycombinator.com/item?id=39685272 :-D

In the US, SCOTUS's job is literally to interpret the spirit of the law in the event of ambiguity.

There's a distinction to be made between principles-based and rules-based regulation which I bet you're unfamiliar with.

At the same time, SCOTUS has been guilty of stretching its terms to include ideas that are clearly out of scope. (For example, the dubious invention of “substantive” due process - which all of the abortion stuff hinges on.)

Also, substantive due process was not invented for reproductive rights. It was invented in Dred Scott v. Sandford, to prevent “free” states from depriving slave owners of their “property”.

As a consumer, and an Apple users, I want them to be slapped as hard as possible for how they implement this.

(One of) the reasons why I like the walled garden is how it simplifies everything troubleshooting-wise. I have a few quirks to know, the rest is because of hardware failure and that’s it.

My peer not being tech-savvy might install stupid things from stupid places and it might be a problem.

The way it’s done it’s unlikely, but still it just complexify things for next to no reasons in my book. (Yes 30% is a lot; I personally don’t care, though I do recognize I’m a good position and I can afford not to–but then again, the most vocal about the 30% are not the most unwealthy…)

Just because it makes your life easier as the family tech support is a pretty selfish reason to hope for a very good pro-consumer law to fail.

It essentially says "Tell the user you're tracking them, give them a button to click not allow you to do that". If sites actually did that, I honestly couldn't care less about the extra second it would take to click "No, fuck off".

Oh no, you have to be given the option to not permit your data to be shared with ~1000 different partners with "legitimate" interests. Honestly, the only thing that is wrong with GDPR is that it came out too late.

Ironically Apple did more for privacy than GDPR ever did, and was able to enforce it… by having a walled garden!

Every time you dismiss a "we care for your privacy" banner, you're being made aware that your data is shared with hundreds or thousands of data brokers with "legitimate interest". The fact that vendors prefer to make your experience miserable rather than give up tracking is another example of "malicious compliance".

What happens is that you now have the right to request a copy of the personal information a site has collected and ask them to delete it. You can also sue them if they don't fulfil your request. You're welcome to exercise your rights as an EU citizen at any time.

Not true.

https://noyb.eu/en/noyb-win-first-major-fine-eu-1-million-us...

Know what's cool? Firefox on android supports ublock origin. There are some chromium forks too with desktop extension support (on android). Funny what an open(er) market and easy of installing apps does, huh?

And let's not kid ourself: Microsoft is enabling (and re-enabling and re-enabling and re-enabling) so many things because they are slowly turning their OS into spyware to make more money, not because they care at all about their users.

I'll re-iterate Cory Doctorow's quote: "Anytime someone puts a lock on something you own, against your wishes, and doesn't give you the key, they're not doing it for your benefit".

Yes, and they may also respond to phishing emails served up by the Mail app. Do your peers consider you responsible for fixing that too?

I think you like the App Store for its safety. You trust it, enough to be happy with it.

What does that have to do with wanting others to be denied alternatives? That deliver however much safety and different benefits that other people want?

If safety is one of Apple store's selling points, then competitive app stores will push Apple to deliver even more safety. Perhaps new forms of safety others pioneer. Apple didn't invent security or sandboxes. While also encouraging it to loosen non-safety driven (and therefore quietly non-customer friendly) restrictions on innovation.

That can only benefit you.

Edit: self plug: https://boehs.org/node/private-apis

Don’t worry they’ll find a way to make it socially mandatory (the same way not having a google account nowadays seems impossible (I don’t personally but still do because of work for instance)).

This misses the mark so badly that it’s not even worth reading the rest.

App Review is based out of Sunnyvale and has more than 300 people that make on average $85k/y in their first few years, and mostly over $100k/y after three years.

Long tenured people, the ones that last more than 5 years and are advancing towards a decade of doing the work get close to $200k/y with some exceptions over that number.

Many of those 300 people are multilingual, some specialize in a specific language, but to expand and better serve non-English markets, Apple recently opened a branch in Ireland and one in Shanghai.

The latter mainly focusing on the Chinese market and the one in Ireland specializing in European languages and supplementing the English market.

It’s not like Apple lied at any point saying “buy our phones and do whatever you want on them!” No. It’s clear. You do what they want. In what name should they be forced to “open” it to anybody?

What’s next? Force google to make their map data open? How would that go? It’s mostly the same thing.

Spoiler: companies have been forced to do all sorts of things they really didn't want to do, and it often went fairly well for society at large.

Huh, guess it's just Foxconn then.

I have no idea what your argument is here. That people shouldn't advocate for greater competition in the marketplace just because they already bought a phone?