Unlock-in
One of, if not the biggest criticism of iPhone OS which holds weight is that of Apple’s tight control over the App Store. Without submitting to the App Store approval process, qualifying as (and paying to be) a registered developer, or jailbreaking your device, you can’t install applications of your own devising.
For the majority of people using iPhone OS, this doesn’t present a practical problem (although their options are being artificially limited). For hobbyists and developers, it’s at the very least a wrinkle, and at worst completely off-putting.
There are several reasons why Apple doesn’t allow users to grab applications from anywhere on the web and install them, each with varying levels of legitimacy.
First is piracy: if the device will execute unsigned applications, then you can install any old .ipa that somebody’s downloaded from the App Store and stripped the signature from. Some developers claim that jailbreaking solely exists to facilitate piracy; many of those who jailbreak insist they’ve never downloaded an illicit copy of an app in their lives. What is true, though, is that many people do jailbreak their devices in order to install App Store applications without paying for them. Even if they’re a minority of users, they’re still a headache.
Second is support—, security— and user-experience-related: how do you allow app installation without significantly risking the security of the device and without compromising the fairly straightforward app installation process. I certainly struggle to see how app installation can be performed on-device from arbitrary sources without there being a huge risk of iPhone OS trojans. It’s clear that Apple is keen on leaving this aspect of mainstream computing far behind if it possibly can.
Third is revenue: Apple’s magical 30% cut on App Store sales, which goes to pay for maintaining the SDK and documentation, as well as the App Store itself, plus the various ancillary related services, such as Geniuses helping people who have some sort of app-related problem. As I’ve argued previously, I can’t see that the $99/year developer programme fee can possibly pay for all of this stuff on its own (which means that those who develop free applications actually make Apple a loss).
So, what to do about it?
First is to implement a standard block of code which performs Fairplay verification. App Store developers could then implement this in those applications they know will only be sold via the App Store. A couple of implementations of this exist already (and some developers have used them to track launches of legitimate versus illegitimate versions). A version of this with Apple’s stamp of official approval could boost its adoption.
Next is to tweak the iPhone Configuration Utility and iPhone OS itself to allow the installation of unsigned applications on any device. The net effect is that whether installed manually onto a jailbroken device, or via the ICU, an application which is only supposed to be sold on the App Store would only launch if it was properly signed and authenticated (or otherwise behave differently according to the developer’s preferences).
This isn’t an endgame, of course. The ideal would be the applications could come from anywhere, any time, and have both the flexibility to share data with one another, access external devices, the network, and so on and also do all of this without compromising the security of the user’s data or the device itself. And do all of this with a slick user experience irrespective of the source of the application.
That’s not going to happen in the immediate future. Nobody’s quite figured out how it’s possible in a way which isn’t horrendous for normal people to use.
Moreover, it needs to happen without destroying the most successful commercial application distribution system built to date and the profit margins of the company responsible: and for that reason, it can—for the time being—only be complementary, rather than a complete rethink. Because of this, a way to get non-App Store applications onto the device wouldn’t be as nice or as slick as the App Store itself, and would by no means be aimed at iPhone OS users in general, but it would let you, or I, or anybody else download the SDK, build something and throw it onto their device and share the .ipa for others to try out if they’re so inclined.
The nice side-effect of this is that it would also make life much easier for App Store developers. All of the problems of ad-hoc distribution vanish if you don’t care for the use of “technological measures” in order to constrain who gets a copy of your application.
