Apple’s software chief faults Mac security to keep grip on iPhone App Store

Apple Inc.'s top software engineer criticized the security of his own Mac operating system in a bid to explain why the company shouldn't be forced by a judge to loosen its hold over iPhone and iPad app distribution, as Epic Games Inc. is demanding.

Craig Federighi, Apple's senior vice president of software engineering, testified Wednesday at a trial in federal court in Oakland, California, that his experience with imported malware on the macOS system shows how security would be eroded if the company allowed iPhone and iPad users to install software from the web or other stores, as it does on the Mac.

“Today we have a level of malware on the Mac that we don't find acceptable,” primarily because the system allows users to install software that isn't vetted by Apple, Federighi said. That makes it less secure than iOS and iPadOS, the operating systems that power the iPhone and iPad, he said.

Allowing apps from other stores or places on the iPhone would create a “very, very bad situation for our customers,” including “a huge decrease in their safety,” Federighi said. He also said iPhones and iPads have security protections, including the App Store review process, to keep the products free from malware.

Later in his testimony, Federighi said that despite its malware problems, the Mac is the safest choice among personal computers and is more secure than those running Microsoft Corp.'s Windows operating system.

Federighi said that the rival Android operating system, which allows third-party stores, faces similar security challenges. “It's well understood in the security community that Android has a malware problem.” Apple's iOS, on the other hand, has succeeded in blocking malware, he said.

Responding to a hypothetical situation in which third-party app download stores would be allowed, Federighi said that Apple's “security stack” is built end-to-end in a way that it would be challenging to let third parties in to manage user security and privacy. He would have “grave concerns” if Apple had to hand off control over security to third parties, he said.

Earlier in the trial, Epic tried to make the point that if installing software from third-party stores on the Mac is condoned by Apple, it should be allowed on the iPhone and iPad as well. Epic's lawyer tried to poke holes in Apple's retort Wednesday, asking Federighi if Apple tells users they should buy iPads instead of Macs if they are seeking security.

Apple's security and privacy safeguards draw users to iOS devices, Federighi said. “When users buy an Apple device, they're doing it because they've chosen an intuitive, consistent user experience that's safe, that they can trust.”

Federighi said the total Mac user base is less than one-tenth of the size of the iPhone and iPad population, which is estimated to be more than a billion active devices.