14 DAY TRIAL // iOS 9, slated for release next Wednesday, September 16, will feature an overhauled app sideloading process that increases security and protects users from easily installing malicious applications on their devices.
Sideloading is the process through which users download an iOS app on their phone and install it from outside the App Store.
This is a general no-no when it comes to Apple's security recommandations, but the company has allowed it, mainly because iPhones started being used in the enterprise sector where companies wanted to deploy their own private apps, for internal use only.
For an app to be sideloaded, developers usually have to apply for a special certificate, which would validate the app when a user tries to install it.
In the past, these certificates have been easily stolen by malicious actors, and what was once a mirage, became a reality, with malware being spread in Apple's closed iOS ecosystem.
To prevent malware like WireLurker or XAgent from ravaging iOS devices again, Apple has decided to complicate the sideloading process in iOS 9.
Sideloading an app in iOS 9 takes more than just 2 taps
As David Richardson, Lookout Product Manager, explains, the process has now been made much more time consuming, requiring more than two taps on their screen.
Because users generally tend to dismiss security best practices, the overcomplication of the entire app sideloading routine will make users reevaluate their haste and take a closer look at what they're putting on their phone.
The new, overhauled app sideloading process in iOS 9 now includes some steps like these:
Step 1: Download the app on the device Step 2: Double-clicking to install it has been disabled. So doing it is useless Step 3: You must go to Settings -> General -> Profiles Step 4: Select the app's certificate from a list of untrusted certificates Step 5: From the untrusted certificate app list, click on the app you want to "trust" Step 6: This verifies the app, and now it can be opened and installed
Security by design is a complicated concept, and to no one's surprise, Apple engineers seem to have a solid grasp of this technique.
By changing the way users sideload iOS applications on their devices, Apple has anted up built-in security protocols by making users take more actions when installing applications outside of the App Store from untrusted sources.
