Do those capabilities require a more expensive edition of Windows?

[1] https://eylenburg.github.io/android_comparison.htm

https://www.xudongz.com/blog/2017/idn-phishing/

It does make running commands from an untrusted website a little safer, which is nice. I imagine it's not uncommon to copy installation scripts from random StackOverflow comments or blog posts, for example. But that's still not safe even with this tool. Homograph attacks aside, how can you tell if a URL you're pasting into your terminal is the official source for something? It's trivial to create fake GitHub accounts or organizations.

Of course, more secure installation methods should be preferred, but those are not always available. I am simply comparing the provided solution to homograph attacks with another solution to the same problem.

> The use of this rule can be seen for example in MacOS, which always places the menu bar on the top left edge of the screen instead of the current program's windowframe.

I guess now that the browser is the one app you probably spend the most amount of time in, it might make a little less sense? Android's lack of a menu bar system makes it make very little sense there.

Still better than nothing, for those already fully immersed in the Apple ecosystem, with no hope of escape? (I still use and recommend Android, but I have a spare iPad to play around with, so I enjoy seeing stuff like this come out.)

[1] They recommend using a secondary Apple ID, which eliminates most of the risk: https://swiftpackageindex.com/xtool-org/xtool/1.10.1/documen...

We should all be taking full advantage of the amazing capabilities of the pocket supercomputers we all carry around with us at all times (even if the companies who make them don't want us to or don't care about us). Anything less would be silly! Now Linux and Windows users (the majority of iPhone users) can do easily do so, and that's great.

To install your own personal homebrew apps without Apple's approval, use AltStore (Windows) or SideStore (Linux):

https://faq.altstore.io/altstore-classic/how-to-install-alts...

https://docs.sidestore.io/docs/installation/linux

https://www.lenovo.com/us/en/p/laptops/thinkpad/thinkpadx1/t...

> RCS may require access to certain SIM card information, which only pre-installed apps can do

> because they don't want to implement RCS themselves.

Sounds like they can't implement RCS themselves even if they wanted to, not simply that Google doesn't provide an open source implementation? (Referring to app developers here, not custom ROM devs.)

Is that a planned feature? It's frustrating that third party messaging apps don't work with RCS. I hope we don't have to get the EU involved here...

I'll probably end up adding it myself if you don't want to, because it's actually something I wanted to include originally but forgot to.

This is definitely a huge issue with the current implementation of DMA compliance. Apple's mandatory DRM encryption scheme as part of the notarization process doesn't just block reproducible builds and the improved security that those offer, but also means that third party app stores aren't capable of auditing the apps they offer in any way. If Apple lets something slip through their notarization review (which is not an impossibility, since it's happened on the App Store before), then the third party store carrying that app will be unfairly blamed for the incident.

> (or have the capability to jailbreak their iPhone and know what they’re getting themselves into)

It is a common misconception that people can "just" jailbreak their iPhone if they're not happy with the walled garden. This requires someone finding a critical-impact zero day vulnerability in iOS, quite literally worth around half a million dollars [1]. Apple is hard at work as we speak trying their hardest to prevent those from slipping in -- and that is a good thing, in general. It's not currently possible to jailbreak any up-to-date iOS device.

I'm all for sandboxing and other iOS security features; I'm not proposing that we get rid of any of that. Sideloaded apps would presumably still be fully sandboxed, and would still only be able to access sensitive data with explicit user consent. This is very different than the situation on Windows, where in 2025 you can still double click an .exe and instantly have all of your passwords and credit cards stolen (not an exaggeration; this literally happens).

I'm also not against the idea of making it difficult enough to enable sideloading so as to make social engineering attacks against grandma effectively impossible. This is what Chromebooks are doing; nerds get root, but grandma doesn't.

However, the DMA is more concerned with delivering alternative apps to everyone than it is concerned with empowering techies. So I can see why you might not support it even if you want to have a little more control over your phone, as a techie.

[1] https://archive.is/9jdW7

Yeah, that's an important point. Delta on the App Store is most likely a direct result of the Digital Markets Act: https://www.theverge.com/2024/4/5/24122341/apple-app-store-g...

The Apple Developer program is not intended as an option for end users to enable sideloading on their device, even if that is a side effect of joining it. It is only intended to allow developers to briefly test new builds of their own apps in a limited capacity before uploading them to the App Store (or third party stores in the EU). Apps "installed" this way expire after a certain length of time and you must ask Apple's cloud service for a new certificate each time that happens in order to keep using them. You're still tied to Apple indefinitely this way. If your developer account is terminated for whatever reason, or Apple decides to increase the price such that you can no longer afford your account, then suddenly you no longer have sideloading, and you no longer have access to any of the apps you previously sideloaded.

Therefore, I lump it into the same category as jailbreaking -- yes, you can argue that the existence of that means iOS already has sideloading, but it's not officially supported.

Sidenote: You don't need to spend $100/yr if you want to go the "unofficial sideloading" route; AltStore (Classic) is available for free: https://altstore.io/

I'm so glad you asked, because I wrote an entire website about it: https://doesioshavesideloadingyet.com/

Executive summary: Epic Games benefits greatly from the DMA, but powerusers and smaller developers don't get much benefit. This is due to Apple's lackluster compliance measures that are currently being investigated and may be deemed illegal.

We might hear another update from the EU rather soon though: https://9to5mac.com/2025/03/10/report-apple-will-be-fined-by...

I really hope that the DMA does not go down in history as a failed experiment, because that will be a huge loss for open platforms as a whole.

I've seen this sentiment a couple of times here and I think it's the wrong framing on what the EU is trying to do. Third party app stores aren't the point; they're just a vehicle enabling users to choose which software they want to use without interference from Apple. The indie devs using AltStore PAL don't all necessarily want to use it, but they're forced to because of the way Apple chose to implement DMA compliance.

In fact, the DMA doesn't even explicitly require that gatekeepers allow third party app stores; they can only allow direct distribution (e.g. via web sites) instead, if they want (this is to the best of my understanding of the text, but IANAL).

When you say you don't care about alternative app stores, what you're really saying is that you don't care about the end user's ability to use apps that aren't approved by Apple. That is certainly an opinion that many folks have, but I'd prefer that they refrain from hiding behind the shield of "third party app stores are weird and who even cares", whether deliberately or not.