Play store is a fail-open system. When nothing naughty is detected it assumes all is well. Apple appears to lean closer to fail-closed, with QA having to prove it's safe. And they likely have more human review.
>When nothing naughty is detected it assumes all is well.
This is the root of my question: I would presume that Google would have better systems than it appears to have to detect apps that violate their policies. Otherwise, why have them?
I understand that Android is more open as a platform, including the ability to side load your own apps. But I think they deserve criticism for not protecting their users from this "Creepware". It's one thing to download some APK from a website; it's entirely another to have it provided to you by a company you should be able to trust.
Play store allows apps to download code. Since their checks can themselves be detected by malicious submitters clean code can be sent to Google and bad code to victims.
I wonder what the rate of submission of new apps or updates is. Pretty sure this is a few 100 updates a week and having a small QA team to manually vet out is feasible even for Android store that makes lesser money than the App Store.
You think the android app store gets 100 submissions a week? There are millions of apps. Big apps have tons of active versions so they can distribute to all sorts of different populations.
