

If you were making an app store, what would the rules be? - Zak

I think the app store model is a very good one, not just for phones, but for most any sort of general-purpose consumer computing device. To have every application on the system, as well as the OS itself under a common installation/update mechanism along with a repository of software known to be non-malicious would be... a lot like a modern Linux distribution, actually. Of course, Linux distributions lack a mechanism for buying software, and many find the idea of doing so abhorrent.<p>If you were in charge of the app store for some new platform, be it a netbook, tablet, phone or something not yet invented, what rules would you put in place? We're all aware of the problems with Apple's approach, but we have no shining example to point to and say "that's the way".
======
davecardwell
<http://baseshield.com/> is a YC-funded app store for Windows that has a lot
of good things going for it.

Does anybody familiar with the company know what the process for getting apps
added to their library is? They’ve made such a good job of the
implementation—I particularly like the fact that they use virtualisation /
sandboxing to protect the host system—I’d be interested to hear what rules
they have in place for app additions.

~~~
swies
Right now the best way to add an app is to email your setup program (or a
link) to contact@baseshield.com. Then we'll get it packaged up and added to
the store.

We know this process is a little awkward now, but we've got some exciting new
stuff coming out soon that makes sandbox creation easy.

------
Zak
Some rules that come to mind for me are:

* Apps must not alter data they did not create without explicit permission from the user.

* Apps must not cause advertising to be displayed outside of their own UI or when not in the foreground (the meaning of which depends on the platform's UI).

* Apps must not alter data on other devices without explicit permission from the user of the other device.

* Apps most not transmit data from the device without explicit user permission.

Some grey areas I don't know how best to handle are:

* Plugins and the like that might violate the rules despite the original app being ok.

* Agreements with third-parties (e.g. phone service providers). To what degree should it be up to the maintainer of the app store to enforce those agreements?

* Allowing installation of apps through other mechanisms.

