The worst thing is, people have this belief that Apple is somehow protecting them, so they offload the critical thinking to Apple and lower their own guards. For example, a person thought he was getting a legitimate Bitcoin wallet app, but turns out it was a fake and he lost his life savings [1].
edit: to be clear, I'm not blaming Apple for not stopping these scams, at their scale, it's just practically impossible to stop every scam, but by making their unrealistic promise that everything on the app store is safe, they are misleading people into this false sense of security.
> I'm not blaming Apple for not stopping these scams
Why not? You should blame them. They have positioned themselves as the gatekeepers. Why? To extract profit from application developers. However, such a powerful position also comes with expectations and responsibilities. They should absolutely not be allowed to get away with gross negligence.
We absolutely must blame them every single time they fail to keep malicious software out. They are responsible for that man's losses and should fully indemnify him. Had they not approved that software, it would not have happened.
Nobody cares about their "scale" or how "difficult" it is for them to determine what is and isn't malicious. They have assumed that responsibility by gatekeeping their devices and therefore any failures are directly attributable to them.
Apple's 30% cut suggests to an untrained observer that for every seven hours of coding you do, they could do three hours of verifying that your app is not a scam. What happens instead is, I guess, robo-verifier spends 2 milliseconds. Ka-ching!
I agree, I think they should help him, but I also think it would open a whole can of worms.
The fact is, no matter how much time/energy/effort they spend, they will never eliminate all scams, scams would just become more and more sophisticated. This doesn't mean, they should just give up, but having been through the review process, they are already doing quite a bit.
So that would mean, they will make it much harder for apps to get approved in the store (and it's already a very painful process), so you'd only end up with apps from large developers which is not ideal.
We are seeing a similar dynamic with Youtube which has become rather "ban-happy" as in they don't want to take risks, so would rather ban content than try to reduce false positives, because at a certain scale, you just can't identify content with good precision/recall.
Absolutely. Apple should be afraid of holding the gatekeeper position. Anyone should.
When people can install and use whatever they want, safety becomes their responsibility. They should open up their platform and let people do their own due dilligence. If they assume that responsibility and then neglect it, they absolutely can and should be blamed for any problems.
Something does not have to be perfect to be useful; a filter that throws out 50% or 90% of malicious trash is very useful even if a lot of malicious trash gets through.
The appropriate metric for safety of an app store is not whether you can get attacked, but rather how many users - proportional to all users - get attacked every year.
So why would someone release malware in f-droid, when the user base is not your average joe and would likely know how to counter or detect any attacks?
This is the second person in this thread to think using an open source repo as an example carries weight. There are less users, therefore less malware is released here in the first place and then there’s less load for the malware filters for that that does get through.
Because it's technically the same as GNU/Linux repositories (i.e. relies on community and FLOSS). Therefore, one can expect that when it grows, and average Joe starts using it, there will be no huge inflow of malware in it.
> But we have historically seen issues with those repos haven’t we?
I've been using Linux for at least 10 years and I have never received malicious software from distribution repositories. For some reason, malware just doesn't make it into the repositories.
This is called market penetration. Look around, how many linux “desktop” users do you see? Who would you rather own, a few hundred million devices or a few 10 thousand?
So if we followed this logic, and reversed everything that wasn’t 100% perfect, so you realize how far back in human history we’d be propelling ourselves? There is not a single gov program, law, corp, anything on this planet that is perfect, except maybe the planet itself.
Yes and likewise, car manufacturers should remove seatbelts and airbags. They simply encourage reckless driving, and by giving the false sense of security / assuming the gatekeeper role, they should be liable for any accident.
I don’t think any one of my less technical friends has any belief that the App Store is infallible or even mostly secure. Apple doesn’t advertise it much, and if they did I’d be happy to call that a mistake.
I have no ties, other than owning a few of their devices. I think you should up your prior that there exist people who generally think this is ok.
I think about 0 out of the first 100 people I know that I think of have heard any version of those claims (maybe 5 now since a few read HN). It’s probably not even a top 10,000 trafficked page on their site.
Do you have any ties against apple or for a competitor?
Car manufacturers are going to face the liability issues when they try to sell "self driving" cars. Volvo has for example ack'ed this in public years ago.
You absolutely cannot, unless you have an open ECU to begin with. Typically this is only sporty type cheap cars (evo, wrx). But even if you were to take on such and endeavor the difficulty of such a task and the knowledge requirement will scare off the unexperienced
Flashing your car's ECU is illegal. Or more specifically, federal and state laws make it illegal to operate an automobile on the open road or highway after you've altered a vehicle's emission control devices (which includes the ECU).
The Apple review process is not in any way equivalent or even similar to seat belts and airbags. Not even the government can be fully blamed for bad drivers since people don't actually need a driver's license in order to drive.
Punishing companies for adding protections to their products is an insanely backwards incentive. May as well turn off sandboxing, and lock screens. If they ever break, it’d be a liability!
Nah. If you're gonna set yourself up as the ultimate arbiter of what I can run on my device, you are absolutely to blame for any harm that comes as a result.
Protections? Encryption is protection. Address space randomization is protection. This Apple review process? This is just humans failing to do what's expected of them. Also known as negligence.
there’s a lot of faulting apple here, when you point out it’s a “humans failing”. Does this mean you understand the process completely and you can do better?
I think what Apple _could_ do is insure that there is a real person that can be held accountable by law enforcement in the users jurisdiction. That way a user has some legal recourse in the event they are wronged.
Nobody wants Apple to be judge and jury, we have judges and juries for that, but it would be nice if they could tell us who to go after when we have to.
If they can't do that, I don't think its unreasonable for us to ask Apple to be responsible any losses, then let Apple seek compensation for their losses from the app publisher.
The real solution I see would be to charge money for listing apps in the store. And not small money, but significant, non-refundable fees. Enough to actually check and verify the software by competent humans and also just to make scams more expensive (you would need to pay $5-10k upfront, like Google requires for certain Gmail apps).
But I don’t like that kind of approach, so therefore I would be careful in demanding Apple to fix the problem. Any fix they come up with, would likely cause troubles for small players.
A solution is to make systems secure enough that any user-level code or app either can't do malicious things, or needs to be explicitly granted fine-grained permissions to access a user's resources.
Sandboxing is a step in the right direction, as are various levels of things like code signing and even Windows Defender-esque systems that maintain lists of known malicious apps, authors etc and prevent them from running.
It also helps not to have an easy monetization scheme for malicious actors, either. Making it easy to give them money, and even sign you up for fraudulent subscriptions so you keep giving them money, is a mistake.
An actually user-friendly system would look at the apps that you're making payments with, and ask whether or not you want to keep subscriptions that you don't appear to be using much. This doesn't happen, though, because it is in no one's interests but the users' to help save them money.
And as the article points out, Apple’s marketing coupled with fake ratings and reviews that plague the App Store can “create the perception for the public that they are safe downloading an app or buying a product and engaging in content that other people have found valuable” (emphasis mine)
So, enlighten me, how does another app store increase safety if Apple is writing the APIs used by the other app stores? clearly it doesn’t, it just provides options for more of the same. so then I wonder what the point to all of this is, and the only idea that comes to mind is a bunch of tech savvy android users really want to use iphone but can’t/won’t until there’s additional gatekeepers, err i mean app stores.
We're just rolling our eyes that people actually believe that the full control apple wants over their products has anything to do with security.
It's the most profitable course of action, that's all there is to it.
But to address your question: if apple allowed other stores, they could be significantly more picky about what's allowed on their store. This would consequently increase the security for people only using the official store.
This is obviously a no-go however, as that would be less profitable then the current situation.
I’m still failing to see the hand wavy logic that results in them being more picky if there are more stores. garbage apps (apps providing no real value but are otherwise safe) are not the problem. malware is. so they’re somehow being less picky about malware being on the store yet increasing the quantity of stores will allow them to remove more malware?
also you do understand businesses need to make profit, and keeping their customers happy is definitely the right way to do it in my book. so given your logic here, how do you explain all of the other privacy features apple gives away for free?
I have sympathy for the person in this story, but I think shifting the blame to Apple in this case is ludicrous. I'm still somewhat shaking my head that someone went through all of the trouble of using a hardware wallet, and then entered his key words into the first app he downloaded.
If anything I think this story is just a prime example of why irreversible crypto transactions are an absolute nightmare for the general public. With the banking system this person would likely have recourse, with crypto it's "Whoops, your wallet key words got stolen, sorry, there go your life savings."
The problem isn't that Apple should be responsible and isn't, the problem is Apple is extremely paternalistic but in a way where it gets all the powers but skirts all the responsibilities.
If the responsibility is too impossible (and I'm fine saying that it is), then their paternalism shouldn't be called out and their reputation knocked down a rung or two. Instead, they get to keep a reputation which is far better than the other megacorps'.
> Instead, they get to keep a reputation which is far better than the other megacorps'.
I think this is what having strong marketing gets you. You can see from the defence on HN/Twitter where most people would be fine with Apple having a control over all their devices and aren't afraid of the growing dominance of a single company.
Totally off topic: that phrasing made my brain skip a beat. I've always seen "called out" used to convey confrontation, especially in a public manner like "He called out Apple on Twitter for their paternalism." Turns out a similarly common use is the more general "to bring attention to" in a positive way.
There is a well established principle that retailers bear some responsibility for what they sell. I doubt Home Depot would get away without liability if they sold a dryer that caught on fire and burned down a house if it was found they had acquired the dryer from a dodgy criminal syndicate.
Especially considering there is a review process, and Apple takes a 30% cut.
If it was an open market (no review process), and they just took enough to cover operations and processing fees, I can see them being blameless, but if you are going to review apps, you need to actually review them.
That’s an interesting parallel, while Home Depot buys their product, in a market place it works differently. As of now Amazon for instance bears no responsibility of what happens with the vendor’s product as long as they have plausible deniability (“paperwork looked good”).
That’s exacerbated when products are counterfeits and legit brands get pissed off, but it would got the same for unsafe products as well I’d guess.
Amazon getting their provisions corrected could make a positive precedent for digital goods as well.
I feel like the difference should be that if you are merely providing a market, then the customer must "belong to" to vendor: at bare minimum, the vendor must know who they are; Apple, however, insists that the customer belongs to them, that the vendor will learn nothing about the customer, and that the vendor is merely providing software to Apple under a license that allows Apple to sell copies of it to their customers... they absolutely should have full responsibility for the things they choose to sell in this scenario. Apple also certainly isn't just checking "does the paperwork look good": they are carefully examining the product, vetting it, and then claiming on their website and in all their marketing materials that customers can feel safe using all of the apps they sell because of this curation, for which they take a handsome cut of the profits. It is all simply ridiculous, really.
The issue here is that Apple is facilitating wire fraud, which is extremely illegal in the United States. The bad actors who created that app are committing wire fraud on an Apple platform, which is of course colloquially known as the App Store.
The problem is that if you are associated with a crime committed in the United States in any way (besides being a very distant third-person witness with no associations whatsoever to the individual), and you are not a crime victim or an individual reporting the crime, you are almost always considered to be an _accessory to the crime_ which is a misdemeanor (go to jail for up to 365 days) or felony (go to prison for over 365 days) state level (has parole for prisoners) or federal level (effectively has no parole for prisoners) criminal offense, which the police will arrest you for and charge you with, while the person committing the misdemeanor/felony gets charged with whatever crime they perpetrated.
For example, if your "acquaintance" shoplifts at a store and gets caught, and you don't stop or report them: you will get charged as being an accessory to a crime and you're going to jail.
Also, if you are involved in an altercation in any way, the cop can put everyone involved in handcuffs and charge them, even if you never got physically or verbally violent.
There are also catch-all laws in the US that one can go to prison for, basically for acting in "bad faith" but never actually doing anything else criminally wrong.
This is why you never talk to the police, ever. They will twist your statements in the wildest ways imaginable. If you get pulled over by the police, you should practice, every single time, saying as little as possible to the officer.
This has never happened to me personally, but, everyone needs to know this: If the police in America start questioning you and it gets into a detailed discussion, you stop right there and say: "No comment: I need to talk to my lawyer first."
> There are also catch-all laws in the US that one can go to prison for, basically for acting in "bad faith" but never actually doing anything else criminally wrong.
As someone who used to be a criminal prosecutor in the US, I would be very interested in seeing citations to whatever statute you are referencing.
As far as being charged as an accessory, you generally need to have known that a crime was or would be occurring, and to have provided some form of assistance. That doesn't need to be direct actions in the act, it could be financial or emotional assistance.
And no one is going to prison over shoplifting unless we're talking about repeat offenders or large amounts of cash. Let alone just happening to know someone who shoplifted and failing to report them.
Having said that, definitely don't talk to the police without a lawyer present.
Of course, but I was responding to the specific claim that Apple "gets 30% for it."
Arguing about the $99/year developer fee is a pointless rabbit hole. You might as well also accuse Apple of selling the developers an iPhone and a Mac for developing the scam app. And then don't forget to accuse the electrical grid operator of selling electricity to the scammers.
Arguing about the $99/year developer fee is a pointless rabbit hole.
No, it isn't - till Apple instituted this practice developers never paid any company for the privilege of creating software and adding value to their platform. Whether the app is free or paid, Apple still makes money when a developer wants to distribute the app on their platform and this acts as another incentive for them to be lax.
You have a serious issue with the concept of scale if you think that Apple, a trillion dollar company, is in any way influenced by a $99/year developer fee. Any possible positive incentive is grossly outstripped by the risk of reputational damage.
Do you seriously think that Apple values the promise of a scammer’s $99 fee recurring next year more then they would value having fewer scams in their store?
They might have think twice if Apple didn't promise to make sure the app store was completely secure. A promise which they realistically can't keep at their scale no matter how hard they try.
Also, this is just one example, the article itself has other ones.
> Apple didn't promise to make sure the app store was completely secure. A promise which they realistically can't keep at their scale no matter how hard they try.
They did. This was literally their defense in Epic lawsuit.
Summarized Apple lawyers said: "We can't offer alternative stores because they would be full of scams which would be bad for users. Our store is curated and safe for users.".
For over a decade, the App Store has proved to be a safe and trusted place to discover and download apps....And a big part of those experiences is ensuring that the apps we offer are held to the highest standards for privacy, security, and content."
The page then says this about security:
"Security for every app.
At every level.
We ensure that apps come from known sources, are free of known malware, and haven’t been tampered with at the time of installation or launch."
And this about trust:
"Apps must adhere to our guidelines.
When you download an app, it should work as promised. Which is why human App Reviewers ensure that the apps on the App Store adhere to our strict app review standards. Our App Store Review Guidelines require apps to be safe, provide a good user experience, comply with our privacy rules, secure devices from malware and threats, and use approved business models."*
Yeah. The man who lost his life savings due to malicious iOS software bearing Apple's signature of approval should directly cite this as evidence that Apple is responsible for his losses. Apple should pay back every last penny, his lawyers and more for good measure.
When has Apple made that promise? Where do they make that promise?
No system is perfect, and when you get the realm of people submitting privileged information to third parties, all bets are always off. There is absolutely no way Apple could make guarantees about that. And they don't. Anywhere.
And no, saying that they review apps isn't a promise that it is "completely secure". That is absurd.
Trying for some security and confidence is a world removed from absolute security. The latter is effectively impossible.
This thread is farce. Anything if it gives people an opportunity to ply their rhetoric. It is a reminder that while HN has some good discussions, it has a lot of people who just want to make stupid arguments based on lies.
"But I thought you said TLS was completely secure? How could someripoffsite.com steal my cash?"
> When has Apple made that promise? Where do they make that promise?
From apple.com/privacy:
"Every one of the more than 1.8 million apps on the App Store is required to follow strict privacy guidelines and report how it uses your data. And every app is rigorously reviewed by a team of experts at Apple."
Your private key is used to sign a transaction transfering your bitcoin to our account. We do not share your private key with anyone and it does not leave your phone.
Privacy and security are not the same thing. Also, an app can follow all the privacy and security guidelines and still use dark patterns to mislead and get something from you that you wouldn’t otherwise give up or outright defraud you. I’m sure Apple makes a good faith attempt at preventing that as well but they can’t catch everything.
The words "strict" and "rigorous" do a lot of heavy lifting in setting user (and market) expectations. We programmers are pre-inclined to think in terms of Boolean logic, but the law frequently splits hairs on qualitative value judgments; there is no simple rubric for what counts as "reckless endangerment" or "gross negligence", for instance.
I think it's a given that no one expects any QA or security process to perform perfectly. But there's some fuzzy line past which Apple's process fails to be "rigorous", and whatever that line is (or should be), courts will inevitably contrast the high expectations set by Apple's marketing with these real-world results when considering claims of negligence, liability, false advertising, anti-competitive behavior, etc.
In my opinion, this anecdote is enough reason for Apple to reject any app that purports to be a cryptocurrency wallet or in any way be a secure mechanism for cryptocurrency. There's no practical way for Apple to prove that any app won't betray the user.
Or in the alternative, Perhaps Apple should create a different tier of app review for any apps which claim to facilitate financial transactions (other than purchases, game currencies and microtransactions). This would encompass all apps for banking, investment and crypto. This tier should require a much higher verification of the developer's identity. The iOS sandbox should be further locked down to limit communication only to whitelisted IPs/domains which must all be under the control of the verified developer. And hey, you know what, let's even require the developer to submit the app in source code form.
I remember the early of days of Bitcoin, when Apple was rejecting wallet apps by default. I was honestly surprised that they relented: from consumer safety, to regulatory concerns, to 30% protectionism, they have every incentive (from their walled-garden/theme-park philosophy) to categorically ban on-device wallets.
> There's no practical way for Apple to prove that any app won't betray the user.
This is honestly a fundamental problem with both the App Review model, and the very concept of cryptocurrency (which for the record, I'm positively inclined towards, both technologically and ideologically):
- The Review model because the developer doesn't actually submit code, and static analysis tools can only go so far. Even if Apple started requiring source (opening many thorny IP liability issues), no reviewer can realistically audit every line. Even then, the mere fact WebViews are trivially common means a developer (or a malicious hacker) can always swap out the web backend with phishing attacks, credit card scams, etc.
- The cryptocurrency model because while it tells a story of "trustless" interaction and autonomy, in practice even the most knowledgable techies end up having to outsource trust to developers, firms, and communities. While it tends to be a safe bet to trust a highly-trafficked community GitHub over a random .ru site, (a) it still requires making a trust decision on imperfect information, and (b) non-technical users suffer an agent-principal dilemma when it comes time to make those decisions, which is a prerequisite to actually use crypto-currency. There are many, many shortcomings to the central-banking state currency model; but at least it has a pretty well-defined UX to the average "holder", and some hope of recourse in the event of a scam.
FWIW, browser-based wallets (with or without client-side storage) do exist, and would probably be used more heavily on iOS if Apple were to forbid native wallets. In which case, it's possible the guy who lost his life savings would have gotten scammed by a "trusted" web app instead.
Any reasonable reading of this sentence, while technically it does not explicitly say that it's "completely secure", is that the review process will include security review. It's not without context that this sentence is read, and the history of software tells us what the point of such a review is for protection of the user. Being technically correct is not actually useful when deciding how reasonable people will interpret a piece of marketing material. They are using strong language to give the reader confidence that the apps are safe and they should not be afraid to use them.
Excuse me, they used the words "every one of" and "every app" to describe the purview of their security checks. Is that somehow not absolute enough for you?
As ludicrous as it may be to blame Apple, they have said many times that the cut they take on apps and in-app sales is part of how they keep the platform secure and ensure the privacy of their customers.[0] While it's clear to me that they can't really do that, I don't think we can expect the average purchaser of the iPhone to understand just how far-fetched these claims really are. In my opinion, Apple is giving them a false sense of security that can be very dangerous.
Perhaps if Apple was held responsible for these kinds of expensive mishaps they would be more honest in their marketing. Maybe. And that's kind of the point of this article. :-P
”At their scale” excuses are the worst. It’s one thing that scale will cause a tiny percentage to create a large number of cases. But if it makes the percentage go up, it’s a sign you need to scale back down until you figure out how not to get people hurt. No one forced you to be humongous scale.
What unrealistic promise did Apple make? I am curious when they said the app store is "completely secure" because obviously nothing can be completely secure.
I know they claim it is "the most secure" app store, which I am not sure what they use to back that up, it does seem to be one of the most secure platforms, it has my highest trust but I don't completely trust it.
As others have said I do believe a curated app is is more secure than an un curated one or no app store, but nothing is perfect and there is a trade off for that curation and tight control.
The whole idea behind crypto currencies is that there is no central authority behind it. And so there is no blacklist / whitelist because you need such an authority, trusted by everyone, to create such a list.
All cryptocurrency transfers (between digital wallets) are recorded in a public ledger (the blockchain).
Anybody can read it. But only those with the correct encryption keys to a wallet can write to it (add a record). Once someone steals the encryption key of your wallet A, it can be used to access your wallet and add a record to the public ledger that all the cryptocurrency of wallet A has been transferred to wallet B. This record cannot be changed by anyone.
But since every transaction on the ledger is a public record that anyone can read, one can theoretically track where the cryptocurrency goes from one wallet to another. This can be used to catch a thief by the police. Anyone can create a digital wallet anonymously, but to convert it into real currency you need to provide your real life identity and bank account to a crypto-exchange. This is the point where someone becomes exposed and loses their anonymity, and hence can be identified by the law.
If someone technical enough to have a hardware wallet and "smart" enough to have amassed half a million dollars falls for this scam, I think it tells you more about how much (misplaced) trust they put in Apple rather than how careless they were, but that's just my opinion.
I don't think this is a good argument at all. They'd have to be "technical" enough to write down 13 words when instructed, and they'd have to be "smart" enough to happen to be early.
So basically no technical or smarts are needed to get to this situation. If anything this suggests the person is your fairly average "dumb" user.
A good friend of mine has ~98% of his savings in BTC since 2015 and know quite a bit of other people with high % of their savings in it. For those that can ignore the short term volatility, who have good incomes as safety nets (say FAANG jobs) to weather any storms, those who don't trust their governments and who are relatively young to recover any large losses, it can be an acceptable tradeoff (needless to say, a very profitable one as well).
You know I used to think exactly like this when I was younger, but nowadays, I realize that putting the burden of understanding technology on the user is very unfair. Just because someone is worth half a million dollars doesn't mean they should automatically know how to identify scam apps...
If you want to play the grown-up card, ok: the grown-up thing to do with half a mil would have it be in the hands of a registered investment advisor at a reputable and insured institution, who is actively growing that money for you using reasonable investment principles based on your investment horizon, goals, and comfort level; and not pissing it away on the latest hype cycle. But that is only because I lived through the silver boom & bust, the mortgage bond scam, the junk bond scam, the S&L scam, the first commercial online investment platforms, the dot com bubble, the second mortgage collapse... and Bitcoin* is more of the same.
* I said "Bitcoin" and not "cryptocurrency" intentionally. Because the jury is still own on the latter, but the former most certainly will not be the CC of the future IMHO due to its massive privacy shortcomings, among other things.
It provides an electronic and secure mechanism to store your private keys and sign transactions, while retaining confidence that your private keys will not be compromised while using the device. Think of it like a YubiKey. It’s not all that different.
It also enables you to export those private keys so that you can keep a backup in the event of a hardware failure, because all hardware eventually fails.
It doesn’t lock you into their platform / ecosystem exclusively. It doesn’t prevent you from using that backup elsewhere.
This is called blaming the victim. It takes a lot for someone that got scammed to come forward publicly with their story. And it helps others not get scammed too.
Trezor advertises itself as the most secure way to store bitcoins, yet he lost all his bitcoins. Not sure how you concluded I'm blaming the victim here.
> A person thought he was getting a legitimate Bitcoin wallet app, but turns out it was a fake and he lost his life savings
I guess I'm victim-shaming here, but using mobile apps for large financial arrangements, no matter how trustworthy the app claims to be is a bad move. For this type of stuff you would use a clean computer with no known malware present, and use a privacy-aware browser like Firefox or Brave preferably with `HTTPS Everywhere` addon installed with the EASE feature turned on to avoid plaintext leaks / traffic going over HTTP.
Which is why I said: "for large financial arrangements"
Large transactions need extra special care. You need a trusted device with a trusted OS and a trusted browser, preferably with `EASE` turned on in HTTPS Everywhere so plaintext secrets can't leak out of your machine. You also need to vet the HTTPS Everywhere extension and ensure it came from the official addons site. You would also harden the OS. Using Linux is preferable over Windows 10 since Windows is targeted heavily by malware gangs.
You don’t need to do any of this if you’re using the traditional financial system. The most you need to do is make sure you don’t get tricked into wiring to the wrong address, which is a much lower bar.
I'm not sure that trend holds. Most banking apps let you send tens of thousands in one go. They're very aggressive with the "are you sure?" question in my experience though.
Yes mine let's me put in a limit. I have set it to a low €500 since I rarely do large purchases in webshops.
At the end of the day people are responsible for not doing business with shady stores or people. But the idea that a single QR code can empty my entire account is sobering...
Yes if you are dealing in small amounts that you wouldn't mind losing to fraudulent apps, then do it, but read my previous comment about locked down machines if dealing with very large transactions.
edit: to be clear, I'm not blaming Apple for not stopping these scams, at their scale, it's just practically impossible to stop every scam, but by making their unrealistic promise that everything on the app store is safe, they are misleading people into this false sense of security.
1: https://www.washingtonpost.com/technology/2021/03/30/trezor-...