Allowing sideloading increases the potential for exploits in IOS to be found, that could then exploit other IOS users.
If I had a well designed bank vault I still wouldn't want would-be burglars unrestricted access to probe the lock design which could then be used to exploit other vaults of the same design. In this model, I would put a cage or bars or say, a walled garden around the lock mechanism to prevent unwanted hacking or characterization.
With nukes I don't have the device in my hand, or a hotline on which to try every possible launch code.
I can purchase an iPhone and a developer account and find the same exploits I could if sideloading was enabled. The "obscurity" doesn't exist to begin with.
> I can purchase an iPhone and a developer account and find the same exploits I could if sideloading was enabled. The "obscurity" doesn't exist to begin with.
Obscurity DID exist - you said yourself that you have to get a developer account. That's a barrier to entry, which is defense in depth. Dev accounts are a tiny proportion of iOS users.
Also, if alternate app stores were permitted, any exploits discovered via sideload could be deployed at scale. By not having alternate app stores the risk is reduced.
As well, assuming no alternate app stores exist and you managed to deploy your 0-day in an app on the original App store, Apple could discover it and have the means to remove the app quickly to mitigate damage. If alternate app stores existed, it adds additional red tape to get the exploit app removed and potentially allowing more damage to occur.
While I personally agree that defensive in depth does have it's real world uses, I'd be really surprised if having an Apple dev account is a real world barrier for anyone doing iOS exploit development.
Maybe script kiddies wouldn't, but they're not the kind of thing to be worried about anyway.
Ahhh. Sounds like it's mostly fear of potential loss rather than something easy to pin down and fix.
Yeah, I'm not aware of any good way to counter that kind of fear unless Apple wants to do so.
Unfortunately, countering that fear is 100% the opposite of what Apple want, so they're likely going to try and amplify it to the maximum extent instead.
If I had a well designed bank vault I still wouldn't want would-be burglars unrestricted access to probe the lock design which could then be used to exploit other vaults of the same design. In this model, I would put a cage or bars or say, a walled garden around the lock mechanism to prevent unwanted hacking or characterization.