Comment by terhechte
1 year ago
This is my biggest iPad gripe. I understand the security, but just make it a new "entitlement" that is only given to UTM, Parallels and VMWare fusion. Or make it a "developer mode" that you can only enable if you pay $99 a year. I'd be fine with that, but the whole iPad is unusable for any kind of software development and I'd love to be able to travel with just an iPad because for everything else I do while I'm traveling (watching videos, reading, browsing, writing, drawing) the iPad is great and I don't have to lug two devices around.
It's not about security. Apple doesn't want to open on external applications, including the one run in VM/emulators, because it wants every software to pass from the AppStore. Not because security, but for the fee it has on app store purchases.
If it opens to having VM, you could just run another OS in a VM (Windows, for example) and install normal software on it (like the desktop version of most programs) and not pay the AppStore fee.
It's only a commercial reason, not a security one.
https://lapcatsoftware.com/articles/2025/6/1.html
> For more than 90 percent of the billings and sales facilitated by the App Store ecosystem, developers did not pay any commission to Apple.
Would the remaining 10 percent of App Store sales have meaningful competition from a CLI (no GUI) terminal VM that enables development workflows on iPad?
> developers did not pay any commission to Apple
That's certainly a take. The developer fee is $99 a year, that HAS to be paid to put something on the App Store.
Sure they are not getting commision on the download, but they ARE getting their pound of flesh from the developer fee.
3 replies →
If it was really about security (in the sense of that which benefits the end user) they'd just stick it behind a toggle and be done with it. I just think it's important to call out the misalignment - security can refer to the interests of the end user, or alternatively to the vendor. The ambiguity is convenient for PR statements.
We’ve decades of examples of simple toggles not working. Bad actors will just explain to the target the necessity of switching it on.
By that logic the bad actor will just explain that he needs you to log into your online bank account so could you please do that and wire some money. Such scams certainly exist but it isn't a relevant attack vector for the sort of end user security that we're talking about here.
You can load your own root CA on iOS devices (i did it to enable certificates issued by my own private CA). That bypasses a LOT of security issues, and yet it’s still feasible.
Put it in the bootloader then.
The pretence that Apple makes these things for security reasons and there's absolutely no way in the world to make it possible is a bit ridiculous.
3 replies →
But we have another example to look at. Why isn't this a big problem on Apple laptops?
1 reply →
Can’t you already do that? If you pay 99/year you can sign your own apps with whatever entitlements no? You just can’t submit them to the Apple Store for obvious reasons
It was removed, https://news.ycombinator.com/item?id=44255512
Hypervisor yeah but it’s still possible for code in debug mode - there is even an app that automates the process for you https://github.com/osy/Jitterbug (requires a paid dev account)
1 reply →
They will never allow this. They want to control and also cash in on the apps you use on these devices.
Apple wants you to buy both... $100/year may make it worth it for them.
Apple customers have bought both, even multiples of each, would be willing to pay a hefty premium (e.g. bundle hypervisor entitlement with iPad Pros that have more memory) -- but Apple continues to refuse.
With the recent court ruling that enables non-Apple payment channels, blocking VMs does not protect revenue, but it does hurt Apple customers who want iPads for a quick portable terminal, while using their Macs for extended work sessions.
Urchin Tag Manager?
UTM is a Mac/iOS emulator and VM host
https://getutm.app/