
Apple’s protected App Store doesn’t look so bad now - shawndumas
http://www.loopinsight.com/2011/03/30/apples-protected-app-store-doesnt-look-so-bad-now/
======
jokermatt999
To me, it's less about the protected app store and more about the fact that
the protected app store is the _only_ way to get apps on your iOS device.
Allow sideloading, and suddenly the protected app store is not really an
issue.

~~~
TomOfTTB
While I don't agree with the author in regards to the app store Apple's
restricting installs to the App store is a valid security measure. Allow side
loading and there's literally no way to secure the device any longer (which is
why PCs have so much trouble)

~~~
Kylekramer
As long as it goes by the Android model (turned off by default and made clear
that once activated that sideloading can be dangerous and warranty voiding),
what wrong with that? Isn't it a person's personal decision whether they want
to prioritize security?

------
TomOfTTB
This is a straw man argument. Apple's rarely been criticized for a restriction
that safeguarded the user. In fact, most of the criticism of the review
process isn't criticism of an individual restriction at all but criticism of
the fact that Apple doesn't publish its policies. So you don't know what you
are and are not allowed to do.

As for Google being open doesn't mean you have to be reckless. Nothing about
doing a basic security check contradicts a policy of letting every legitimate
app into the store.

------
Nanofied
I agree with the fact that Apple made a smart move by controlling submissions
to the App Store, but I think some responsibility lies in the owners hands in
the case of Android. Too many download apps and never once look at the
permissions involved before installing. For example if a ringtone app asked
for geolocation, something is probably fishy.

------
bilbo0s
I wonder sometimes if there is some way that you can have an open store, but
keep out malware. Or does keeping out malware always entail some sort of app
review process? If it does, then, yeah I would much rather have the closed,
app reviewed store than the open one. Getting a virus on my computer somehow
doesn't seem as bad as getting a 'virus' on my phone. That's just me though.

~~~
orangecat
_If it does, then, yeah I would much rather have the closed, app reviewed
store than the open one._

I wouldn't object to a stronger review process for the Android market,
specifically because Android allows the option of installing apps from outside
the market.

 _Getting a virus on my computer somehow doesn't seem as bad as getting a
'virus' on my phone._

That seems to be the general feeling, but it doesn't make a lot of sense. Your
computer is at least as likely to have sensitive information on it as your
phone, and is more likely to have stuff like business and financial
information. I'd really like somebody to ask Apple "since it's so important to
remove any possibility of malware, how can you justify continuing to allow
Macs to run software from any random source"?

------
bryanlarsen
The Google store is closed to malware the same way the Apple store is. Both
stores have automated software to check for malware before approval, and both
stores have mechanisms to remove malware afterwards. Apple's checks are more
thorough and have humans in the loop, but neither are infallible.

------
drivebyacct2
>With the malicious apps installed, the developer was able to gain access to
the customer’s IMEI and IMSI, product ID, model, partner, language, country,
and userID. In a statement released by Google, they said it’s believed that
only the IMEI was compromised.

Number one, who cares.

Number two, they were revoked and remote deleted.

Number three, nothing about Apple's process actually ensures that this can't
or doesn't happen. It may have some affect, but there have been mistakes made
in Apple's store as well.

I don't find the conclusion to be appropriate. "Most people just want to feel
safe."?

"They who can give up essential liberty to obtain a little temporary safety,
deserve neither liberty nor safety."

~~~
TomOfTTB
_Number three, nothing about Apple's process actually ensures that this can't
or doesn't happen. It may have some affect, but there have been mistakes made
in Apple's store as well._

We really don't know the specifics of Apple's process so you really can't say
that. Also the author makes the point that he can't think of a malicious app
that made it into Apple's app store and I agree with him on that. I can't
think of anything either. If you can think of one than you should tell us
otherwise you shouldn't say Apple's made similar mistakes.

~~~
runevault
Considering Apple has removed apps after the fact for learning they had
functionality they did not desire to be available (Camera+ using volume
control for other things, or Yelp's special feature that was turned on via
gestures or shaking or somesuch), there is 0 reason to believe they will catch
outright malicious software.

------
matthewslotkin
this is exactly correct. kudos to Apple for having the foresight on this one.

