"And this is where we run into the first bit of craziness. Amazon decided that they should model the Alexa app store after the iPhone app store. So there is a certification process to get your app into the store. But think about the difference: you are not uploading a binary file to the Alexa app store, you are simply registering an URL. So Amazon has no real control over your software. You could get an app approved, and then you could swap out the app for any other app, and the Certification team at Amazon would never know. They don’t control your code. Your code is not in their store, so they have no control over what you do. And yet they modeled this process after the iPhone store, where Apple does have control over your app."
But that doesn't get at how crazily broken the certification system. You have to read the quotes from the other developers to understand that.
I don't think the concept of a certification process is the problem, just the implementation is terrible (compared to the Apple process which is merely "poor")
A moderately clever developer could sneak something past the Apple app store review too. Wasn't there a flashlight app that included a secret wifi tethering tool?
But the big deal that no one talks about is that Alexa is not compatible with EC2 backends, this is the most bizarre limitation I've ever seen, you can host An Alexa app on your own PC at home, but not on EC2.
Source on this? I know last time I played with it, they weren't doing SNI (in 2015, what?) but I've never heard of it not being able to hit EC2 IPs.
And at the end they gave up and said that yeah its something deep in the implementation and I should use something else.
I don't want to post the mails but anyone can try it out !
There is one really weird thing where you can't use US West to do an Amazon Lambda passthrough to your server, but as far as I know EC2 instances in any region should work for Alexa to call out to.
But I have the mail conversation here (10 people at least and dozen of back and forth).
This was 2 months ago and I gave up on it for this specific reason.
That said, I'm curious how you managed to get an email conversation going with the team - the whole crux of the original article by Lawrence (and the forum thread which it cites) is that there's no way to have a direct conversation with anyone representing Alexa, so certification is a crapshoot.
Also, you can similarly get around the iPhone cert process buy only having certain code run after a certain date, or when you trigger something remotely.
As for the effectiveness of that control, there's little practical difference between "simply registering an URL" and uploading a binary; both can load external content or be modified (in terms of what the user actually sees/experiences) almost entirely after the initial review. There will always be apps that try to abuse that possibility, and they usually get reported or re-evaluated, but it's probably a very small number of apps that will do that.
The point is to simply filter out a larger number of spammy, malicious, or otherwise offensive apps at the onset rather than spending more resources constantly monitoring everything after the fact. That said, it's unfortunate when the review process is as flawed as it seems to be in this case (poor communication, inconsistent policies, etc).
Apple will scan your App to check for basic violations, that's all automated. For instance is there a specific flag that you can initialize a socket with to listen in background. This is only allowed if your app is supposed to stream music in background or do some VoIP thing. So if you're app is not that and the software detects you have that flag set anywhere in the code no way you will get it through the certification. There's simply no possibility for such analysis with a URL.
Most of the apps caught in the review process are probably those that fail other guidelines (usefulness, privacy concerns, illegal/inappropriate content, poor UX/quality, excessive crashing, etc). Most of those things can't be caught by automated means, and the content-related things can certainly be changed after initial review.
I've personally worked on several apps that significantly modify app behavior after being published - not so much to bypass any review requirements, but rather to adapt to changing business needs without waiting to publish a new release.
I used to work in games, and the approvals for Nintendo, Sony, and Microsoft were all super, ridiculously frustrating at times. We had experiences very much along the same lines of failing again for doing the very thing they asked of us in the previous rejection.
Anyway, usually it works out eventually. No problem with making some noise about it being bad, and hopefully they hear it, but it is not uncommon, nor unique to Amazon.
The point about registering a URL isn't entirely accurate, IMO; plenty of Apple App Store apps consist partially or entirely of webviews. Even for fully native apps, Apple doesn't really have "control" of the code in the sense described in the article. Registration and the approval process are primarily there to give the publishers control over what appears in their store, as well as identify the submitters in a way that attempts to keep a little bit of accountability should they do something bad. Those reasons for requiring registration and review are just as valid for a url as for a bundle of code.
Even ignoring the edge cases and subjective items, they can be extremely picky about such important things as... leaderboard username terminology. Which will not necessarily be the same across all storefronts from a given company, even if they're all using the same service under the hood.
And then the moment you step into the territory of needing waivers for anything - better hope your publisher has a good relationship to secure those.
Yeah forget that. At first I thought it was a joke of some sort. But I guess that's how you are supposed to do it.
I'll just stick to Netflix and watch videos there. Somehow that manages to work without side-loading a bunch of crap.
It's half google's fault for not allowing the amazon store app to be listen in Play.
Oh you want to make a youtube player that acts like every browser in the world, with the ability to minimize? Banned.
(The most sensible-sounding negative claim I've heard is that Amazon do that so that they can do more invasive location tracking than Google permits (though the same kind that Google does themselves))
* It annoys me as a consumer.
* It reeks of incomptency ( yeah, go and disable that security check that looks like it is there to prevent malicious software to be installed on your device, yeah, yeah, that one ).
* It is a convoluted process.
* It leaves my device vulnerable. Let's not speculate (like you did apparently) but copy and paste from their own source:
Update Phone Settings
Go to your phone Settings page
Tap Security or Applications (varies with device)
Check the Unknown Sources box
Confirm with OK
Open Downloads on your device by going to My Files or Files
Tap on the Amazon App file (Amazon_App.apk)
Tap Install when prompted
Tap Open to launch the Amazon Underground App
Use the Menu on the left and select Apps & Games
Yeah, I don't see anything about the "untick the checkbox again" part.
Even 6 months ago when I told people I thought Amazon was an all-around shitty company (having worked there) and shouldn't be mentioned in the same breath as Google, FB, etc., people looked at me like I was insane.
Somehow the stock keeps going up... I don't have any material insider info but just on a hunch I doubt that will remain true forever.
- If you can get something for free because it's included in Prime, it still offers the ability to spend money on it, right beside the 'watch now for free'. If you're not paying attention, you can pay for something you already own.
- Its killer feature is voice recognition. Say 'game of thrones' and it will play Game of Thrones. It also has apps. The killer feature doesn't actually work in apps though: if you say 'game of thrones' in Netflix, it kicks you out of the app and sends you back to the home screen.
There was a post a little while ago about people wrecking their lives while working at Amazon. I could understand, but not support, someone doing that at say Apple or Tesla. But Amazon?
Between this, inscrutable device compatibility of Kindle content, and 2-day delivery becoming unreliable, I'm cancelling Prime after a decade because the value is gone.
BTW, Netflix lacks voice search in all of its apps. Normal Android TV is at least reasonable enough to just bring up the Netflix text search if you try to voice search, rather than kicking you out.
I suspect that the delay you see is in the time it takes their warehouse not only to package your goods, but to also privately deliver it through their network to the most optimal ship point. You also have to factor in whether the carrier they've chosen supports delivery on the days you expect the item to ship.
Amazon should really make the difference between processing and shipping clearer, and perhaps factor it into the delivery estimates when you purchase. I've also always wanted them to let you chose carriers if you pay for a certain delivery speed instead of picking one themselves. I always have to cross my fingers that I don't get USPS for that important item.
Perhaps I am just old but voice recognition is a great feature, but not one that would "kill" the competition or make me chuck my AppleTV 3rd. gen in the bin to rush out and buy an Amazon device.
I would therefore not label it "killer".
If Google and Facebook are cities, Amazon is more like an army. Can be city-scale depending on the nature of the conflict. They have great power, and in some ways the very same kind of power as a government. But at the same time the power structure is more ad-hoc, and subject to falling into collapse or docility when not led by a strong leader.
In some ways, I think Steve Jobs realized the was more in he Bezos category, and that Apple couldn't really carry on without him. So he deliberately changed his management style, developing a leadership class and stronger cultural inertia in terms of process and values. He wanted to leave a city behind him, not a headless army.
Bezos on the other hand, made the Fire phone team answer to him (similar to Jobs bullying, without any of the mythical stories..) Yet the product he made them create was a total miss with consumers. As egotistical and deluded people might say Jobs was - he still had to be aligned with the needs of the average person to produce the iPhone, a masterful manifestation of usability principles.
Bezos is chaotic, sure. But more damning, he is out of touch.
Shitty middle managers are rampant. The engineering culture is defined by Levels..Level 3, 4, 5 etc. Consistency is promoted over quality. Codebases were so horribly not DRY it makes me want to vomit.
Unit tests for constants -- unit tests for specific code inside of functions.
I can go on and on. But generally the place is ran like it's a sales company primarily. Not an engineering company.
Amazon has a cancer through out it. It's basically a shitty copy of Microsoft without any of the virtues..but all the vices.
Not to mention, it says a lot that they have no perks except "free tea." 12 Leadership principles, which are dumb shit like "Be curious", "Have instinct."
Amazon doesn't have the brightest or the best - they have sheep that get tangled in the middle, or assholes that somehow become management. The company is only surviving because it set its margins so low that no one else could compete.
But now market leaders are sprouting out. Chewy.com for pet food. Walmart.com for general goods. Drugstore.com / Soap.com / Walgreens.com, the list goes on.
With such a shitty internal culture, Amazon will fall. I will have a shit-eating grin when that happens.
Amazon Web Services was their saving grace. But having seen internally how each team has different practices, different tech..some that are arcane and esoteric. Theres no cohesion. Even the CSS for Amazon, theres no sheet that is shared. Each team has to hard-rip the colors and whatnot from other projects like the retail site.
Makes me totally re-evaluate AWS after seeing how its built internally.
The charm of AWS is that every service in that goddamn console looks like its a polished part of a pyramid of engineering sanctity.
Heh, wrong. Each service...written by a different team, with totally different methods, totally different tech. Some teams even use .NET and IIS... You can probably probe the endpoints to some of these services and maybe see it externally. But well, take my word for it.
Once a team has a decent AWS project, they slap together a new logo. Make the UI blend with the existing panel. And then scale it using existing AWS services. But it still is a hydra of mismatched code.
The whole thing is a frankenturd - they did a good job with the design, ui, and IAM policies to make these services look like they are all part of the same cohesive development. But it simply isn't the case. AWS is patched together like a paranoid android on the inside.
Putting that aside, I'm not sure "why aren't people complaining?" is a reasonable way to prove or disprove how buggy software is.
Customers care about deliverables, not elegance.
Besides, bad repetitive code almost always results in bugs. If there were a ten commandments of programming, that would be #1.
I also wanted to pass along a blog post I threw together on the topic. http://www.derpgroup.com/blog/on-the-topic-of-certification
It's pretty long, but the tldr is as follows:
We're all worked up about this idea of having to build switches into our code to meet arbitrary certification guidelines, only to turn them off the moment we are live in prod. It's worth noting, though, that Amazon pulls these sort of antics (bait-n-switches) on us regularly and without remorse, and that there's really no way we can even know it happened. This is arguably even more destructive to the quality of our products than trying to build for a set of capricious guidelines.
>However, the Amazon system is so broken that it potentially offers a fix for itself. When the Certification Team rejects your app, you don’t need to change the app. You do not need to respond to their requests. You do not need to make any of the changes that they demand. Since a new person reviews each submission, and since there is no limit on submissions, one way to get through the certification process is to simply roll the dice and spam the certification team. Submit an app 10 times, or 20 times, or 30 times. At some point you will probably get lucky, and someone will approve your app.
Amazon has clearly put a lot of thought into how this is going to work.
They also have no idea how to run a video streaming service; or they think they do, and just don't know how much it sucks. They also have started sucking in buying things, with things like "pantry" which require you to buy a box for $5 so you can get things like soap.
I canceled my prime and have been buying things from stores. I buy my videos (ala DVD) so I can watch them when i want and not be worried about them getting pulled by disney from the "prime" section and being forced to buy it.
Honestly, the only thing I have any respect for is AWS. But even that is severely lacking in polish in clarity, and it's almost a full time job trying to keep up with their additions and changes.
Delivering batches of household goods of arbitrary size profitably is a hard problem that no one has figured out. Everyone is fiddling with business models trying to make it work.
I think at the end of the day shipping is expensive and trying to hide that from customers without incentivizing profit-negative transactions is nigh impossible.
Things will probably change when we have droids roaming the sidewalks, but until then these strange charges are going to keep popping up.
Wait, wait, I think I've figured it out. Raise the price. Repeat until either the transaction is sufficiently profitable, or the customers go away.
That will work better for everyone than what Amazon has started to do lately, which is prevent you from buying certain items at any price until your order exceeds $25.
Basically, Amazon has started to tell their customers "No." That's new, and I agree with the other posters who call it a bearish sign.
So much work in the phone ecosystem goes into trying to tame the beast of closed-source, untrusted, adversarial code trying to show ads, track the user, sell them in-app purchases, and so on. These are all unnecessary complications that a fully open-source phone ecosystem (with no app store, but a real open software ecosystem like Linux) would solve.
No screenshots. I just remembered that the bundle thing was something I was excited about wrt Next at the time. And booting from Cdrom, and display postscript. I wanted one so badly but by the time I had money they were very obsolete.
> creating the first App Store which was originally demonstrated to Steve Jobs in 1993
without any footnotes. Would have loved to actually read something on the topic.
The Bundle was one of those great ideas for users that got kicked in the nuts by Copy Protection methods until signing and activation was bult into the OS proper.
Even on early Windows all you had to do was xcopy a directory to share it with friends. My Quake2 folder still follows me from machine to machine.
Worse still, there's no standard vocabulary to interact with skills and the flexibility of the wording depends on the developer. You need to mention the app, which can have weird long names (e.g. Agog Reader) or near-duplicate names (e.g. three bitcoin apps).
All-in-all, the skills feature (and the skills store) feels like an after-thought.
Joseph Jaquinta expressed a similar sentiment when he wrote:
"Amazon's traditional areas (everything on AWS) follows a different model. They are more like a utility. Minimal engagement. No direct support. They provide a service. You take it or leave it. While this I think is a workable approach for a wide audience in a mature area, I do not think it is a wise approach for Alexa. But, that's if they give a hoot about 3rd party developers and think they are going to add any significant value to their platform. We don't know if this is so, because they won't say."
"There’s no public tracker for tickets. Features and suggestions go off into the void, and you’re left guessing if they are ever going to happen. Releases come infrequently and unannounced. There’s no product roadmap. No indication of what’s coming up. Nothing to create a development plan against. There’s no bidirectional collaboration with the community. The closest any developer gets to the team is during skill certification. And, even then, names are hidden and you only get anonymous mails from the “Alexa Skills Team”."
When you registered for a 900-number, you had to submit a script along with it. MCI would try to limit the possibility that you'd use it for some nefarious purpose, all CYA. They had a team (probably one person) that audited the numbers periodically. That didn't stop people re-using the numbers for bogus financial services and adult things.
The real kicker is we once got a massive nastygram from Verizon threatening us with shutdown - they claimed we were sending porn spam messages via the number. After quite some time auditing our entire stack we got a "our bad, one of our techs had malware on their Android phone" email.
Also they need to improve the quality of the samples vs itunes. When you buy a rock song, there is usually is only one recording of that song. But if you buy classical music there will be many recordings with very different qualities. With the quality of the samples available now, it's almost impossible to tell if a recoding will be of a good quality or not. Itunes has much better quality.
I mean, audio players could do that in the 90s.
Overall, amazon's coherent pricing strategy and simplicity make it a pleasure to work with
This is also not true for add-ons (for desktop/mobile or FirefoxOS), these are packaged as zip files and can't be arbitrarily changed.
However, there is the problem however of the app or add-on downloading and running code from the internet unchecked, which is probably intractable to do in an automated way (at least for the current APIs exposed, and for a dynamic language like JS), manual review is required.
Mozilla requires manual review, and Apple disallows interpreters. I'm not sure what if anything Google does about this problem for Android.
Somehow, Amazon's "working backwards" principle always fails when it comes to establishing reasonable procedures, SLAs, and solid documentation.
There is a lot of good that Amazon can do with their certification process - things like helping a developer figure out appropriate example phrases, or making sure that all of the appropriate fields are filled in (like providing a thumbnail for the appstore, etc).
Their weird pedantism about an arbitrary set of rules, however, serves only to scare off those of us who are actually interested in advancing the default user experience. Out of the box experimentation is frowned upon, and the result is that they're basically handing the ecosystem to the shovelware creators.
Why did the title change? It used to be the same as the original article, but now it's been needlessly editorialized to be kinder to amazon. Seriously? What the fuck. That's not HN's job, and is a disservice to the article, and the community.
The user "dang" posted further down in the comments saying that he changed it because the title was "over the top", which didn't seem like a good reason to me (but then again, I'm not a moderator). I can understand the desire to avoid sensationalism, especially if the belief is that this anger over third party Alexa skills is only about the problem in the article. In reality, though, this is just one of many issues that currently has the community up in arms, so I don't think the original title was as hyperbolic as they believed...
To whoever changed the title of this: I hope Amazon is paying you a lot of money (under the theory that it's somehow better to be willfully corrupt than just stupid).
HN may strive to provide intellectually superior content, but that doesn't make me any less susceptible to linkbait.
For one, I appreciate some effort to prevent the front page of HN from devolving into 30 completely unedited, but completely unhelpful titles. If I wanted that, I would just read ads.
I think there's a lot more "editorializing" going on by inserting an implicit excuse into the title, that wasn't asked for and wasn't needed.
The point of a linkbait title is to elicit an emotional response that is disproportionately strong compared to that of the actual content. As such, they are worded strongly.
I agree that "relatively new" was a bad emendation. I probably just would have removed "absolutely" from the original title and left it at that.
Linkbait: "You won't believe the disgusting thing this A-list star did in public!"
Non-linkbait version: "Tom Cruise accidentally stepped in dog poo."
The first is linkbait because it teases you to learn who the star is and what was the disgusting act (which was actually quite boring).
Linkbait: "This company sucks at app stores!"
Non-linkbait: "Amazon sucks at app stores!"
The first is linkbait because it forces you to click to learn which company it's talking about. It would most likely make the reader think it's about Apple, or maybe Google Play Store, both of which are probably more interesting than Amazon's store. The second title is NOT linkbait because even though it's inflammatory, it conveys enough information to let the reader decide whether it's worth a click. The reader immediately knows:
* It's about Amazon app store.
* It's going to be very negative.
If the HN reader is interested in how Amazon's app store is doing and how users are reacting, then it will stand out as a link worth clicking. If the HN reader doesn't care for an opinion about amazon's store, or doesn't want to read a strongly-worded one, they'll pass. There was no baiting at all.
I argue that the editorializing of the article created MORE of a problem, because it wiped away an important piece of information for HN readers: that this is a strongly-worded negative review. The edited title ("Amazon is relatively new..") conveys no information about the article. Frankly, it now sounds like a very dumb article.
Removing emotional context doesn't make a story more "objective". If someone wrote a story like "russia invades china", and the story got edited to "russia parks some tanks in the capital of china", clearly even though both stories are "accurate", the second one has actually lost information.
Emotion is great. I want to understand other people's emotions, which means titles should express them if they are present. It's for precisely that reason that I appreciate tamping down "over the top" linkbait, if that's what this is.
Understanding others' emotions gets hard if everything is a life-threatening emergency†. It's like watching CNN during their worst years: every possible event got a "BREAKING NEWS" banner. It made it hard to stratify emergencies. If every title devolves into "THE INTERNET IS ABOUT TO EXPLODE because git just went to v2.8" HN would become useless to read.
† I'm not saying that's what this article is doing, just making an example.
linkbait is, at least to me, more along the lines of "you'll never believe what these developers made" and this post is nothing of the sort.
> Do authors have no say in what they call their piece?
Absolutely. No one is asking smashcompany.com to change their title. But this isn't smashcompany.com either.
We're always happy to change a title again if someone can suggest a better one: https://hn.algolia.com/?query=by:dang%20change%20it%20again&....
Edit: Ok, since people feel so strongly about this, let's restore the original title minus the high-octane "absolutely". If I hadn't been in a rush earlier today I probably would have settled on that in the first place, but not every day can be a ponder these things deeply day.
Everyone should realize, though, that indignant denunciations are not in the spirit of this site and don't belong in titles here. They are a form of linkbait because, unfortunately, indignation always sells—mechanically and for reasons that have nothing to do with the intellectual curiosity that this site is supposed to be for. Upvotes due to indignation are reflexive; what we want HN to be is reflective. This isn't a matter of taste but of core values. To change that about HN would destroy it, so we're not going to.
I appreciate you for pondering on these things! Goodness knows I wouldn't want to moderate this place.
"There's a reason why the article is scant on the details of the rejection"
Did you click through the link to the page where the developers were discussing the certification process on the Amazon developer forum? This is the link the article above:
This seems as detailed as you will find for a critique of an app store.
And additionally, both of those developers linked to their own blog posts where they offered still more details:
You say the final paragraph is the "icing on the cake". The final paragraph is a summary of what Joseph Jaquinta suggested in his longer post. The above linked blog post would be redundant if it simply copy-and-pasted everything that developers had written over at the Amazon developer forums. Like any blog post, it was written with the assumption that some people would click through the links to see the source material.
As happenstance would have it, though, it was MY skill that got rejected that started the forum thread that he pulled quotes from. If you are actually interested in more details, I can provide them, but the point wasn't really about my specific rejection - it was that this has been an ongoing and growing pattern recently across the entire development community. These issues are well documented and individually enumerated (so as to not just be anecdotal, per your concern) on the Amazon developer forums, if that is what you're looking for.
Regardless, the title may be emotionally driven, but it is not sensationalist. They (the Alexa team) literally do not have a good understanding of how to run this app store. I think the context missing here is that we don't mean that in the sense of "we're angry because our opinion does not match Amazon's". We mean that in the sense that we (and every time I say "we" here I mean the Alexa developer community) has had to hand hold the Alexa team into doing even the most basic things just to get the skill "store" where it is now, because it has not been a focus of theirs.
I am _not_ glad to see the title change, as it goes against the stated rule of titles matching the title of the submitted content and is blatant editorializing that is supposedly verboten on HN. It's ridiculous and unwelcome from my perspective. Especially since it's a multi-billion dollar company involved who can certainly deal with some mild criticism.
I'm more interested in the frankly absurd notion that there is this software giant who is supposedly super good at web services, yet is incapable of doing the simplest possible things to sustain its development community. It's an incredible dichotomy - the Mighty Amazon of Prime Now Shipping vs. the Meek Amazon of "How Do We Certify Like Apple?" - but it's one that needs to go away.
But you might be right. I've been on HN for 3+ years and i've never seen anything like this happen before. This is clearly an abuse of power and is not in any way an act on the behalf of the community.
dang is here as a moderator precisely "on behalf of the community." As in, he acts to facilitate productive discussion. You might disagree with his decision here, but I can't see any way in which he has different goals than you would want him to. At worst, he has made a mistake, and the backlash from it will make him not do it again. (At best, he is being "the hero we need" by attempting to stop a flamewar argument before it starts, even if that means taking the heat that that flamewar would have spawned entirely himself.)
My point was that it doesn't, any more than a waiter asking after your mother's health when she's just died implies the restaurant is on a decline. That's not insensitive (therefore implying the restaurant is now hiring insensitive people); it's just a faux pas (therefore implying the restaurant is hiring regular ol' fallible humans.) The change to the article title here, likewise, was not an abuse; it was just an overly-hasty application of the regular HN guidelines—the thing dang does literally all day without anyone noticing when he's doing it well, done with slightly less care than usual.
dang is a regular person; regular people realize when they do things other people don't like, and then stop doing those things. Systems composed of regular people (i.e. not tyrants and sycophants) self-correct, rather than entering downward spirals. Not everything presages the end of an era. Most things, where conscientious people are involved, are just hiccups.
The decision to switch the submission title away from the article's actual title is unjustified. The decision to switch it to a selective edit of the article's first sentence is even worse.
I'm in favor of flexibility regarding the titles, and if HN supported such flexibility, then your decision in this case would seem less arbitrary. But given the rigidness applied at other times, this seems like an odd exception.
I'll point out that the current title does not come close to expressing the level of frustration that developers are currently feeling regarding the Alexa app store. Shouldn't the title give some indication about the real conflict?
It isn't, really. Editorialized titles tilt the balance in an opinionated way.
Most of the time the rule seems stupidly rigid and inflexible.
For more detail, see https://news.ycombinator.com/item?id=10877460.
Or, you can write a blog post commenting on that story, and post the blog entry to HN.
Have you read the comment that Dang makes at the URL that you just posted? Dang says "Please don't editorialize the titles of stories you submit here." And yet, here Dang is editorializing the title of the story submitted here.
Please don't address a fellow user this way.
> Basically, the rule is that the title on HN should be exactly the same as the title of the blog post.
That's mistaken. The actual rule is to use the original title unless it is misleading or linkbait: https://news.ycombinator.com/newsguidelines.html. Had you known that, you'd have known that we were upholding the rule, not breaking it. It's standard practice, when a title breaks the HN guidelines, to replace it with neutral, representative language from the article.
Does that mean we get every edit right? Of course not, but if you're going to object, please do so on the basis of what the guidelines actually say.
Put the original title back.
Oddly, I haven't heard one horror story about the Windows Phone app store.
Seriously, what is the point of saying that? There are lots of articles about the problem, but you stick to your own experiences then!
Edit: I wonder what smut the down voters have been downloading that may have given them the malwares. Reputable apps are fine. And there's no infestation. Just stahp.
And when it comes to e.g. games there isn't much of reputation information outside a very small set of hits. No need to download "smut".
I'd say that's a problem with the review process.