Hacker Newsnew | comments | show | ask | jobs | submit login

Apple could do that too, if they felt like it.

Edit: Except with iPods.




They haven't had to because they stop this stuff before it happens.

The cost of keeping the Apple App Store clean of malicious software is placed on the developers who are forced to wait for approval. The cost of keeping the Android App Market clean is placed on the users who will have to deal with the malicious apps that haven't been pulled yet.

Freedom isn't free it seems.

Does anyone know if Google can pull apps that haven't been installed by means of the Market?

-----


I'm quite sure that its impossible for Apple to find all malicious software via their review process.

-----


i'm pretty sure it's only apps installed via the market.

-----


I suspect you may be right. But what is it that makes you sure?

-----


>They haven't had to because they stop this stuff before it happens.

How does Apple stop malicious software? No one has ever claimed that.

Apple's review process doesn't validate that the software does what it claims it does, beyond the superficial.

-----


I did a little googling, and found plenty of articles on Android's Marketplace having malicious software, but only articles along the lines of "Researcher says IPhone Data Model Could Lead to Malware" (http://www.pcworld.com/article/183741/researcher_says_iphone...) for the iPhone.

As far as I can tell, the iPhone has only been hit by malware when jailbreaking is involved. Maybe I'm missing it, but considering that minor infections in the Android market have made headlines, I imagine I would fine something for Apple too.

P.S. I'm hardly pro Apple, I have a Droid. I'm just saying that the probably do check for this sort of thing, because it's impossible in my mind for some one not to have tried to submit malware to the App store.

-----


Apple has rejected some apps for uploading the users contacts to a third party server, using private APIs, etc. It seems like they do dig a little deeper. Who knows if that's enough to stop all malicious software but considering we've seen a number of malicious Android apps (fake Bank of America app, proof of concept botnet) it does seem like Apple's review process is providing some real benefits to go along with it's real disadvantages.

-----


If you could somehow find a loophole within the scope of Apple's public APIs - Then sure... You could do something malicious.

-----


The description of "malicious" seems a little nebulous.

I have never heard of an Android application that breaks out of the sandbox. When people talk about "malicious" applications, these are apps that don't actually do what they promise to do, and because of an overly generous user (who okayed excessive permissions) they exploit trust.

This is similar to a web site saying "Hey, add me to your trust zone" (in Internet Explorer) "and I'll be extra awesome", and then exploiting that access.

Another poster mentioned that location has a special confirmation security grant, which is interesting to learn, however for other accesses there is no guarantee that the app is doing everything in your best interest.

-----


Actually they could do it with iPods too, as soon as they connect to a wi-fi network or sync with iTunes.

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: