The US Department of Justice and 16 state and district attorneys general accused Apple of operating an illegal monopoly in the smartphone market in a new antitrust lawsuit. The DOJ and states are accusing Apple of driving up prices for consumers and developers at the expense of making users more reliant on its iPhones.

  • @NotMyOldRedditName@lemmy.world
    link
    fedilink
    English
    -29 months ago

    What do you do though if Apple is telling the truth and allowing 3rd party wallets would degrade the security even for their own wallet?

    • @4am@lemm.ee
      link
      fedilink
      English
      89 months ago

      I would ask them to prove that claim in court for starters.

      I would ask them why they feel they’d be liable for users who installed and gave permission to an app that would use NFC readers for payments.

      I would ask them why access to the NFC reader by a 3rd party app in any way allows access to Apple Pay’s stored, encrypted data (which it doesn’t need)

      I would ask why permission settings and security validations couldn’t be made on API calls with the potential to be harmful. Even for third-party app stores, Apple could still require app reviews and code signing for any apps that want to conduct financial transactions; they just don’t want to because they’ll make less money from Apple Pay.

      Apple often handholds user flows and restricts access to features because non-technical folks might be tricked into installing a malicious or insecure service, and Apple stuff is built for non/technical people. But, on the flipside, they often leverage this position to wall you into their garden. This is the problematic practice that needs to be addressed.

    • @Zak@lemmy.world
      link
      fedilink
      English
      69 months ago

      Perhaps they aren’t lying, but claims about security often involve theoretical weaknesses that aren’t practical to exploit in the real world. Apple is very skilled at making sure those claims align with their business interests.

    • @0xD@infosec.pub
      link
      fedilink
      English
      19 months ago

      It would not. It’s really as simple as that, saying as someone with two degrees in cyber security and 7 years of experience as a security consultant for various companies from small shops to multinational businesses, banks, and insurance companies.

      I would love to see their threat modelling to justify what they’re saying to brainwash their acolytes… It’s a pure strawman to justify their bullshit.