Source Code: Your daily look at what matters in tech.

source-codesource codeauthorNick StattNoneWant your finger on the pulse of everything that's happening in tech? Sign up to get David Pierce's daily newsletter.64fd3cbe9f
×

Get access to Protocol

Will be used in accordance with our Privacy Policy

I’m already a subscriber
Apple Epic Trial

Apple's Craig Federighi throws Mac security under the bus

He admitted that macOS has a malware problem.

Apple's Craig Federighi throws Mac security under the bus

Apple's Craig Federighi said the level of malware on macOS was "not acceptable."

Photo: David Paul Morris/Bloomberg via Getty Images

Apple pursued a bold, rather unexpected strategy in court on Wednesday in its antitrust fight with Epic Games: It had Craig Federighi criticize the level of security on the Mac.


On the stand was Apple's Craig Federighi, the company's senior vice president of software engineering in charge of both iOS and macOS, and his testimony thus far has largely centered on security and privacy and the lengths Apple goes to protect iPhone users.

When asked about the difference between iOS and macOS security, Federighi said, "Today, we have a level of malware on the Mac that we don't find acceptable." Federighi went on to say that malware hidden in apps downloaded from the internet is a "regularly exploited" vulnerability on desktop and that "iOS has established a dramatically higher bar for customer protection," adding that "the Mac is not meeting that bar today."

It's a stunning admission to hear Apple's software chief throw one of its major software products under the bus, but it's a strategic play from Apple and its legal team to draw strong distinctions between the level of security required on desktop computers and smartphones. On the smartphone, Federighi said it's much more important to protect user security and privacy because the devices carry sensitive information, from medical records to banking information, and those devices are carried around and out in the world all day every day.

"The Mac is a very successful product, and I love it very much, but there are well less than a tenth as many Macs out there in active use than iOS devices," Federighi said. He called iOS a "much more attractive market" for malware and other cybersecurity threats. He went on to describe the Mac as similar to an automobile. "The Mac is a car. You can take if off road if you want, and you can drive wherever you want," he said. "There's a certain level of responsibility." But, he added, "that's what you wanted to buy, you wanted a car." The iPhone, by contrast, is a device that even children can and should be able to safely operate, he argued.

Epic and its lawyers have throughout the trial pointed to the freedom consumers have on macOS to download applications outside the Mac App Store and to largely do what they please on the macOS operating system. Epic has held up the openness of the Mac as an example of what the iPhone, as a general computing device in Epic's eyes, should be transitioned into if it were to win its case.

But Federighi on Wednesday argued against this proposition by saying it would destroy the level of security enjoyed by iOS users, in effect tarnishing the Mac in order to save the iPhone. "It would become commonplace for users to be directed to download misrepresented software from untrusted sources where they'd be subject to malware," Federighi argued, referring to the notion of alternative app stores as a "pretty devastating setback for iOS security."

Subscribe to Protocol newsletters for the latest news, analysis and research on the people, power and politics of tech.

Latest Stories