Ahh the app store. It's just like the internet, except the websites are mini apps, and a mega corporation gets to control whats on it. And takes 30% of everything you make. Brilliant.
Compared to a website, where you get to keep 100% of zero?
Users will pay for apps (not much, as a rule, but something), but will not pay for web sites. Third-party advertisers might pay, if you're lucky, and if you don't mind treating your users as a commodity, but the users themselves will not.
How many people would you say subscribe to something they pay for online? For example news? The pool of subscribers for magazines and news is an ever shrinking pie. I know of no one in the last three jobs that maintains a subscription that’s under under age 40.
Netflix (and other similar platforms), Amazon Prime, Twitch subscriptions.
Those are only 3 examples a ton of people pay for.
If you provide a good service, you will get subscribers. News have been available for free for decades thanks to OTA TV broadcasts. That's why people don't pay for it.
Niche journalism needs to have subscriptions since they can have way less views and people looking for news on that niche are ready to pay.
Flappy Bird didn’t make money from selling the app though. The example actually hurts your argument. Flappy Bird and many sites make money the same way - ads.
What makes you (and others) think that citing three (or even half a dozen) examples constitutes some kind of refutation of the general rule?
There are somewhere over a billion web sites, dude. The number of those that are profitable with a subscription model (as opposed to being supported by advertising, or not being profitable at all) is a rounding error -- in the fourth or fifth decimal place.
Here are some of the online services that I subscribe to, delivered over the web: Github, AWS, pinboard.in, spotify, ancestry.com
Content/news is a terrible example since there is an oversupply of poor quality content driven by providers who believe content supports their advertising revenue rather than the other way round.
The BBC is fully funded by the government (i.e. the taxpayer). NPR claims they are minimally funded by the government but sure does fight hard to keep that supposed 2%. But the main point is that someone else had to pay for what you espouse as free.
This feels like kind of an aside - do those under 40s you know readily pay for news apps, but not for web subscriptions? If not it's not really related to the issue at hand.
The only way people would pay for web sites in the extent they pay for apps is if it’s as convenient. I don’t want to log in to get the paid benefits for example. I don’t want to enter my cc details to pay the subscription if it could be avoided by “the store” already knowing it, and so on.
In the end reality is that I just pass on buying subscriptions and would probably prefer buying subscriber access to a website if they made an app facade for the site that handled payment and login. The UX of web sites and subscriptions is that bad.
The app stores you mentioned are inextricably to their respective operating systems. The problems with the Play Store are a compromise I'm willing to deal with so I can easily install apps using alternative app stores or none at all.
The store is their way to control their ecosystem, has nothing to do with the OS. This effort is a power-play against decentralized apps that threaten the centralized platform model.
Yes, but my point is that the Play Store inherently allows for competition and limit's Google's control because they chose to develop it on a platform that allows for competing app stores and sideloading. Regardless of Google's choices in managing the Play Store, that stark difference between Google's approach and Apple's approach remains.
> (4.5) Alternative Stores. You may not use Google Play to distribute or make available any Product which has a purpose that facilitates the distribution of software applications and games for use on Android devices outside of Google Play.
You have no chance of bootstrapping an alternative store outside of Google Play. Sideloading APKs is not how users get software on Android.
Amazon failed hard with their attempt, and they pumped tons of money into it by paying developers to give away their apps for free; that, and they shipped hardware that has their store preloaded. Still didn't even make a dent.
The problem isn't that the vetted app store exists. It is that the vetted app store controlled by the device manufacturer is the only way you are allowed to install applications
iPhone users (like myself) need to look no further than the Mac to see what a better alternative might be. The Mac only allows App Store or signed apps to be installed by default. However this setting can be toggled to allow any apps for those who need that. You can also toggle it to allow only vetted App Store apps if that’s what you prefer.
Apple could keep the default to what it is on the iPhone right now, but should at least allow signed apps from other stores as a non-default option, even if they don’t allow unsigned apps at all.
My point being I knew that before I bought my iPhones/iPad. I actively like there being the one well kept store where things are verified and that apps can only be installed through. Granted not everyone will feel this way and I guess Android offers them more freedom in this respect.
You might enjoy F-Droid then. All apps are built from source from public repositories, with known malicious libraries stripped, with a broad definition of "malicious" (tracking and advertising). Also everything's free, in both senses. No need to wall up the garden.
This is not a matter of saying that a bad thing is good just because the counterpart is worse, I think that the dialog have to go a bit beyond that point. We lost control of the communication channels for the internet, it was meant to be free. This is the important topic.
Why can't we have the best of both worlds? Apps that have been manually checked or curated can be marked as "Trusted/Certified" (similar to WHQL certified drivers), while others can be marked as "Untrusted/Use at your own risk".
Well, there is advantages in Android approach too: as far I remember in App Store there is no emulators thanks to the stricter policies of Apple, while Play Store have genuine emulators for tons of gaming consoles. And you can also sideload apps without needing of jailbreak, allowing the use of interesting apps that for some reason is not allowed in Play Store (for example, NewPipe, a alternative YouTube client with tons of extra features).
Yeah uh, I don't think they were attacking the Apple App Store specifically, the comment would read exact same if it were Google who removed the app. But sure, go ahead and knee-jerk defend your favorite corporation, that adds to the discussion.
What are you arguing here? Why do some people always have to use the, "Well, at least we don't do what that other guy is doing!" (non)argument? Why can't we make arguments for or against what a single company has decided to do? Doesn't that make so much more sense?
Which internet are you on that requires 30% of all made on it? If news is any indicator the vast majority of people have no interest in paying for and even reading the content - the headline will suffice.
Curation has its merits, for example not nearly as many trojaned clones. Ransomware does not exist. Ahhh users, bless them. The public daily demonstrates a lack of interest in owning and operating a well maintained and updatable/ed device.
I'm not sure why anyone argues against Apple's 30% cut like this. It's app developers who make the determination whether the cost is worth the benefit.
As you point out, there are alternatives. Why do you think developers have massively and overwhelmingly opted-in?
Exactly, similarly, I'm not sure why anyone argues against the troll watching the bridge. It's the travelers who make the determination whether the price is worth crossing the bridge.
After all, there are alternatives to bridges, why do the travelers opt to pay the fee?
Are there? Really? No, they're not. No one who isn't in tech is going to install F-droid. Few people will uninstall untrusted sources, or even know what that is. Fewer Apple users than ever jailbreak their phones.
For over 90% of the market, no, there are no alternatives (other than a mobile website). Due to the non-standard nature of ARM and SoC/binary drivers, we don't even have a real alternative OS for old Android devices that's universal like most Linux distros on the PC in the 90s (although PostmarketOS is making some huge strides in this area).
30% is an insane cut. Bandcamp sells music with a 15% cut, literally half of Amazon/Google/Apple. I always prefer it because I know the band gets more money and I get a higher quality version of the song without a patent encumbered codec (FLAC and OGG downloads are supported).
But no, there are no real alternatives. AppStore/Play are bastardizations of the software repo concept from Linux.
If Google Play was a real package managers, it'd keep standardize shared jar files across apps (dependencies to reduce massive app size) either by mirroring maven repos and signing dependencies or creating their own system, and they'd also allow for easily adding 3rd party app trees.
Both Apple and Google are closed walled gardens, where everything you need has to be contained in your bloated package, and where their corporate overlords get final approval of what is in and out.
Not if you want to build a secure system which runs on an iPhone, there aren't. JavaScript crypto is fundamentally insecure; the only secure option is a native client.
Unfortunately, as others have already mentioned, this is not as easy as "it's app developers who make the determination whether the cost is worth the benefit". Depending on your business, having an iOS app is not something you can choose.
Talking about my own experience, once we've made clear that In-App Purchase wasn't a fit for us as we already had our own payment system (we are a SaaS business), things got way more difficult to us. As you can imagine (but I didn't at the time), our app would be in review for weeks sometimes, we started to see arbitrary denials and a lot of "issues" not present on their guidelines started to be identified on our apps.
If there is one thing that I'm now sure is that, if you decide to not play their game (even though following their rules) there will be retaliation.
And how much does it cost to build and maintain your own domain, storage, delivery/updates infrastructure and billing system? Oh, and how about marketing for your app?
Sure getting featured helps, just like if a fashion designer has a celebrity photographed in their clothes, they will probably see a temporary bump in sales.
Getting featured on the App Store is one time, possibly incredibly beneficial, event, but it is not a marketing plan.
Ask developers how much difference being made a featured app makes to sales. Apple recently radically redesigned the App Store so that it could more effectively promote apps.
And the incentive/risk tradeoff is too much in favour of the former for optimistic entrepreneurs to ever think they'll be affected by something like this.
"except the websites are mini apps, and a mega corporation gets to control whats on it"
There is more to it.
Using apps instead of websites we're killing the whole concept of making information and services available using a standard protocol. That's like going back over 30 years, even before gopher.
Then there is the cloud->mainframe similarity, with data and services being moved somewhere into the net where the user has no control over his/her own data, and the whole email/usenet->social media migration which puts private and public communications in the hands of corporations having no intention of guaranteeing interoperability with competing systems.
Basically the industry screwed 40+ years of IT development, not just in a technical way, but they did it behind shiny graphics and animated emoticons, so nobody really cares.
The problem wasn't that we didn't have decentralized solutions since the 1960s -- it was that we've never figured out a way to make hosting your own environment as easy / cheap as using an externally managed one.
Not every user is smart. That's why there is a necessity for centralized/trusted solution. I wouldn't sleep well if I knew my mom could install a malware by mistake on appstore. Unfortunately, life is not this simple and every path there's a toll.
> Using apps instead of websites we're killing the whole concept of making information and services available using a standard protocol
I think the interesting thing to note here is that for most end users a standard protocol is not nearly as appealing as a standard user interface. Like how most iOS apps follow common navigation paradigms, so users don't need to spend time learning each new one. And how people tend to prefer buying things on Amazon instead of any random webshop. And how WeChat has almost become a little web of its own with custom chat UIs for e.g. ordering pizza. If open software for consumers is ever to stop being beaten by these walled gardens, it needs to get a ton more UX people involved and focus on the end user UX, not just the technical implementation.
IMHO I think you've hit the nail on the head. iOS main attraction for many users I know is the simplicity. You can complain all day about Apple's guidelines and iron fist enforcement, and I'd occasionally agree with you too, probably many times. Simple fact is though that outside the walled garden everyone complains about is a jungle of terrible UX, laggy interfaces, slow loading web pages dumping megabytes of trackers and advertising through a connection you're paying for.
I'm not saying the App Store is perfect, not by a country mile is it. I'm just saying if you compare it to the Play store, and the wider Internet, holy moly do walled gardens look nice.
And branding. If an user downloads your app he puts an icon with your logo on his phone screen, possibly near other people watching. That doesn't happen when he taps on a browser icon.
Not to mention that he also executes your code on his phone, code that almost always will ask for full access to media and contacts to be installed.
"I think the interesting thing to note here is that for most end users a standard protocol is not nearly as appealing as a standard user interface."
That is very true too. I often wondered what would have happened had someone created say 10 years ago an email client with strict protocol compatibility but employing an higher abstraction layer where discussions/attaches are managed automatically just like in a Whatsapp chat (chat -> mail list) using a similar UI.
Probably most users would have rejected the idea because they had no intention to learn a new thing nobody was using. So, back to square one.
Ahh the race track. It's just like the highway, except the roads are smaller and a corporation gets to control who drives on it. And they make you pay to use it. Brilliant.
It's supposedly more secure than the normal internet.
But ya figure for a large company of creative geniuses they could figure out how to democratize security so that the whole system isn't wholly owned and controlled by a single entity.
"Telegram has risen in popularity thanks to its focus on advanced security features and the ability to hold secret conversations with end-to-end encryption. ... Telegram was forced to create a team of moderators in Indonesia to remove “terrorist-related content” after the Indonesian government threatened to ban the messaging app."
Note that 1 to 1 chats are also not encrypted by default. It must be manually enabled - and once enabled you can only access the chat on a single device.
Secure communication is not possible on iOS because Apple does not permit it.
This is an accurate statement. Apple demands that Telegram be able to monitor and block "inappropriate" content. Therefor, secure communication is impossible on iOS.
Apple has further demanded that developers of communications services spy on their users by "monitoring" them. Tell me again how Apple supposedly respects privacy?
Yes there are, Telegram issue has got nothing to do with end-to-end encryption. Whatsapp and Signal are end-to-end for example and available on the app store.
Every social network has a "weird" subset. "Weird facebook" is circularly-referencing visual memes. Weird Telegram is people who mix their Deleuze and Bataille and come up with something like the Andy Kaufmann version of witchcraft mysticism.
I've never tried/installed Telegram but thought it was just a messaging app - not a social network. Now I'm /almost/ curious enough to try it.... but I can't install it now.
Pictures from birthdays and everyday life to aunts/uncles and grandparents etc.
Many also use it for social/professional groups (again many-to-many) where it offers simplicity but also includes moderation features in "supergroups" that can have up to 100 000 users.
Lately I've also joined a few channels. Channels are one-to-many (or rather: one or a few-to-many)
As for why Telegram it is super easy to use, it seems well aligned with my interests in that it's owner already lost his previous company to authorities and seems obsessed with preventing that from happening again.
That said: if your life or professional life depends on strong crypto I'd think twice or more as certain bright and leading cryptographers seems to distrust/hate it.
(Anyone who needs that should think carefully anyways but Signal seems to be a good option that is also aligned with the users interests.
WhatsApp is often recommended as well and they also seem to have solid crypto but I actively avoid them as they've broken too many promises already and also has a owner that is not aligned with my interests.)
Yes. You can have persistent channels with up to 100000 members which operate more or less like an individual chat. The program has separate notification settings for group chats, allows pinning of messages, etc. Content is shared the same way, you can integrate bots pretty easily into channels, and so on. Just search online for channels or browse through this list: https://tchannels.me
It's pretty handy, and how deep you go is up to you.
> Telegram has risen in popularity thanks to its focus on advanced security features and the ability to hold secret conversations with end-to-end encryption.
Isn't this wrong? I thought Telegram was famous for decrypting messages in transit.
Following all of the negative press Signal has gotten recently, I feel it's unethical to let a Telegram post pass without a reminder that they don't even bother to encrypt group chats, and that there is still no proof whatsoever that their protocol is secure.
> Following all of the negative press Signal has gotten about security flaws
Sorry, what? Can you show me where Signal has been implicated in flaws? There are some stories about security agencies bypassing Signal, but that is true on any hardware platform you didn't wire-wrap yourself.
> “The good news is that in Signal the attack is very difficult to execute,” Green noted. “The reason is that in order to add someone to your group, I need to know the group ID. Since the group ID is a random 128-bit number (and is never revealed to non-group-members or even the server) that pretty much blocks the attack. The main exception to this is former group members, who already know the group ID — and can now add themselves back to the group with impunity.”
Here, some choice quotes from the OMEMO audit that pertain to the Signal protocol:
"Metadata
The protocol leaks metadata about who is communicating with whom and how much they are communicating. Alice’s request for the server cache leaks to the server that she wants to start a conversation with Bob, as does the PreKeySignalMessage. The plaintext message counters that are included in each SignalMessage make it possible to track the rest of the conversation. Unlike the ratchet used in the Signal Protocol, the regular variant of the Double Ratchet [24] also encrypts the message headers, which would make it possible to avoid tracking of the conversation. It would only make sense to implement this if this information is not leaked already in the transport layer."
"Message authentication
Messages are authenticated by the randomized key, which protects the message integrity from outsiders. However, anyone with access to the key can alter the message, which includes a malicious device. There are a few possible mitigations, each with their advantages and disadvantages. A possible solution would be to authenticate inside the Signal session. By authenticating the payload with the tag of the SignalMessage, the full message is authenticated in such a way that no other device can compromise the integrity. The ciphertext (and not the plaintext) of the payload message should be authenticated, so that the MAC-then-encrypt pattern is applied.8 This solution increases the computational load on the sender side, because the payload needs to be authenticated more than once. When the ciphertext is added as authenticated additional data (AAD) of the Signal message, it would reduce the message size slightly, because no authentication tag is required on the payload. The payload encryption method should then be simplified to a non-authenticated block cipher mode. It will also require some alterations on the Signal library, as the current implementation does not allow the library user to add their own AAD. The payload can also be authenticated by including a hash of the payload ciphertext in the SignalMessage plaintext (and therefore the corresponding encrypted hash in the SignalMessage ciphertext). This would not require changes to the Signal library, but it would increase the size of each <key/> element. This solution is less elegant than the previous, as the hash of the payload ciphertext is sent encrypted, even though the recipient can compute this value themselves. By authenticating a list of all recipient device ids in the tag of the SignalMessage, Bob has a guarantee about which devices Alice has sent the message to. Bob’s client might provide him with a warning if that list includes untrusted devices. This protects him against the specific attack described above, but the protocol remains vulnerable if one of the devices gets compromised by another attack. This solution can be combined with the above solution of authenticating the payload ciphertext with the SignalMessage ciphertext or tag."
"Device linkage
There is no cryptographic link between identities and device keys. In other words, Eve can attach her own device identity key as if it is a resource belonging to Bob and fool Alice into adding it. There is a solution: each device could sign a certificate on each device identity key of the same user. While Eve might fool Alice into thinking that Bob has another device, it is highly unlikely that Bob is tricked into accepting another device as his own. Device identity keys with a certificates that was signed by an already accepted...
Why is Telegram X issued by "Telegram Messenger LLP" while the original Telegram is issued by "Telegram LLC"?
Telegram LLC, which issues the original Telegram app on the App Store has been undergoing litigation with regards to its ownership. It is based out of Russia and a company called UCP with Krelim ties who 'bought' VKontakte has been suing Durov for full Telegram ownership pursuant to VKontakte 'purchase'.
Telegram Messenger LLP however is based in London and seemingly wholly owned by Durov crew. In 2014, Telegram Messenger LLP launched Telegram HD, a separate app from Telegram-LLC-issued-Telegram. Now it is launching Telegram X , another separate app (which was until very recently Challegram, an open source Telegram client, winner of Telegram contest, and purchased by Durov) .
I think the 'moral panic' about crypto is a far more likely political reason. Nobody had heard of Telegram before, now it is where you go to find out what coin is going to the moon next.
Yesterday Facebook took down all crypto-gambling adverts. There is a duty of care to not be the company responsible for making your customers crypto bag-holders. The gig is up with crypto in its current scam incarnation.
You realize you're alleging that Apple is moderating its App Store based on conversations people are having within an app? Given the gravity of your claim, and the fact that there are cryptocurrency-related applications all over the App Store, you really need to think about whether your possibility is more likely. (It isn't.)
Facebook taking down cryptocurrency gambling ads is much different than Apple removing a general purpose instant messenger. You're finding a connection you want to find, I'm guessing based on your knowledge of PnD groups being on Telegram, that being your sole exposure to Telegram, and your opinion on cryptocurrency.
Apple is very conservative with adult content which I consider the far more likely reason, be that buggy image search, some kind of trending view that porn snuck into, that kind of thing.
>> There is a duty of care to not be the company responsible for making your customers crypto bag-holders.
Are you saying that Facebook is responsible to make decisions for us - because all it takes is one advertisement to override the average human's discipline and self control?
Apple would be held liable if someone uses Telegram to coordinate a terrorist attack or if it's used for human trafficking or whatever highly illegal activity it could be used for. Potentially both in the court of law and the court of public opinion; the latter Apple has no control over.
It's just not worth it financially for Apple to assume that liability.
Telegram isn't even responsible for what people send using their service as long as they take reasonable steps towards stopping abuse. Apple has no liability here at all.
Are you sure? ISIS has been coordinating operations and attacks via Telegram for its entire existence, and I don't see a lot of Apple backlash in either of your courts. (Rightly, I believe. Would you go after HTC or Sprint for a phone being used as a detonator?)
I think that's not unlikely or at least, it may be necessary for apps to remove that component from the apps.
Anytime you submit an app to the App Store you have to check a box that asks if you're complying with all necessary encryption export laws. In theory, those laws could change in the future and they just simply won't let you publish apps using strong encryption.
So, to carry your argument to a slightly (but only slightly) more extreme version, doesn't that mean that postal mail could be held liable if someone coordinated a terrorist attack by letter?
So I could you liable (by your own creation argument) for having a car of yours(hypothetically you are a Owner of a car dealer) be used in a hit and run? That does really sound like a world you want to live in mate?
This seems controversial, but my original point stands. If Apple believes they may be liable for providing access to Telegram, then maybe that's why they removed it in the first place.
Y'all are right, there a probably very could counterarguments to that, but I don't think that makes Apple potentially any less liable.
My understanding is that it all comes back to the fact that Durov has upset Putin, so anything that gains traction in Russia must be controlled by someone close to the Kremlin (ie Putin). It's scary but I'd be surprised if any other app didn't suffer a similar fate if it gained a popular following in Russia.
Any open communications network will have inappropriate content, more or less by definition — if not immediately, then once it grows to have a lot of users.
It may have been triggered by one of the sets of "stickers" available as alternatives to emoji. I've browsed through them and while they all seem PG-13 or tamer to me, I can see how someone with sensitivity towards suggestive cartoons would be offended. There are a few with female cartoons showing cleavage, and at least one that is obviously targeted at furries.
Yes but don't they have to be submitted to Telegram for acceptance? That's what it says in the "Stickers" section of Settings. Then again, maybe they accept all submissions by default and depend on the community to self-police.
Anyway, all I ever see are the "trending" ones in the app's interface. I wouldn't know where to look beyond that (and I don't use them so I don't care to look for them anyway).
You can create arbitrary sticker packs all you want from within the Telegram client using one of Telegram's own bots (Stickers, similar to BotFather for creating bot accounts). I've made a few myself. Unless Telegram promotes them in the stickers section, they have to be shared manually after that. Telegram itself does not prevent you from making any sticker pack you want.
Is there something inherently wrong with sticker packs of animal characters or is this the standard internet conflation of furry content and characters (which would include cartoon characters you likely grew up watching) with specifically furry porn? Telegram promotes a lot of sticker packs featuring an animal character or multiple animal characters, and well as fairly risque (to some) packs without animals.
I never said anything was wrong with pictures of animals and I don't think I'm conflating anything. I was referring to the risque pictures of anthropomorphised animals I've seen promoted there, which to me (as a non-furry, so maybe I'm wrong) seems to be targeted at that demographic. Specifically, I've seen two sets in the trending section that have "sexy" cartoon rabbits and foxes with cleavage and other traditionally sexualized human-like features.
Anyway, I don't see anything wrong with it, to each their own. I was just offering a thought about why Apple might censor the app.
Why not remove Chrome, Safari and E-mail clients for inappropriate content too? Why not WhatsApp, Skype or iMessage? Telegram is just a wire, it's up to the users if they want to use it to talk to other users that speak 'inappropriate'.
This is why I will never buy an iPhone (though I don't mind a MacBook as long as root access and legal ways to install Linux have not been locked on them yet) - I want to use the device the way I want, have full control over its filesystem, run the apps I want without all that store bullshit (which hits even harder if you live outside the USA by the way, in synergy with your local government bullshit and with what corporations think about your region market) and decide what is appropriate for me myself.
Today Apple is a fascist organization. Historical fascists did fairly good in eye-candy design and hardware quality too but that's the only good part of them and it's pretty much ruined by so much crazy fascist bullshit to tolerate in exchange.
No fascism here, just a buggy program. All the developer has to do is to follow Apple's rules whereby the user is given the opportunity to control inappropriate content. As was mentioned in the article, the developer expects to fix their filters and resubmit the program.
Nice to know the details, thanks. But anyway, how can a messenger app know what content is going to be inappropriate? What if I call somebody when I am drunk and say something inappropriate - can the telephone app tell this in advance? How is a messenger different?
I still see the original Telegram app on Apple’s AppStore. I’ve been using Telegram app for a couple of months and it matches the same app I have installed. I don’t like waving the “Fake News” flag prematurely, but this seems like an appropriate time to start waving it.
Isn't LibreTaxi based on telegram? My brother expressed an interest in making his own one man cab company and i mentioned alternatives to uber and lyft and one of them was libretaxi. I had no knowledge of what it did or how it worked but we were looking at it literally just the other day and now it is gone. My brother can't use lyft because he doesn't have a good enough car for them and uber doesn't cater to our small town. So scrach libretaxi off too.
161 comments
[ 2.5 ms ] story [ 255 ms ] threadCompared to a website, where you get to keep 100% of zero?
Users will pay for apps (not much, as a rule, but something), but will not pay for web sites. Third-party advertisers might pay, if you're lucky, and if you don't mind treating your users as a commodity, but the users themselves will not.
Subscriptions to web-based services don't count as paying for web sites?
Those are only 3 examples a ton of people pay for.
If you provide a good service, you will get subscribers. News have been available for free for decades thanks to OTA TV broadcasts. That's why people don't pay for it.
Niche journalism needs to have subscriptions since they can have way less views and people looking for news on that niche are ready to pay.
Would you pay a subscription for Flappy Bird?
I don't do that on the app store either.
And software was sold way before app stores existed, so what's your point?
I refuse to pay monthly for stuff that shouldn't need backend services.
There are somewhere over a billion web sites, dude. The number of those that are profitable with a subscription model (as opposed to being supported by advertising, or not being profitable at all) is a rounding error -- in the fourth or fifth decimal place.
Content/news is a terrible example since there is an oversupply of poor quality content driven by providers who believe content supports their advertising revenue rather than the other way round.
Love to be able to pay for quality content.
Same with Spotify.
Both models are OK with me.
What I don't wanna pay for is every newspaper wanting a monthly subscribtion either I read something or not.
Not a great example.
In the end reality is that I just pass on buying subscriptions and would probably prefer buying subscriber access to a website if they made an app facade for the site that handled payment and login. The UX of web sites and subscriptions is that bad.
There's more to the Internet than websites. Believe it or not, there are lots of protocols out there, not just HTTP.
We are not much better, sadly. https://floens.github.io/Clover/gp_unavailable.txt
Really?
https://play.google.com/intl/en_us/about/developer-distribut...
> (4.5) Alternative Stores. You may not use Google Play to distribute or make available any Product which has a purpose that facilitates the distribution of software applications and games for use on Android devices outside of Google Play.
You have no chance of bootstrapping an alternative store outside of Google Play. Sideloading APKs is not how users get software on Android. Amazon failed hard with their attempt, and they pumped tons of money into it by paying developers to give away their apps for free; that, and they shipped hardware that has their store preloaded. Still didn't even make a dent.
Apple could keep the default to what it is on the iPhone right now, but should at least allow signed apps from other stores as a non-default option, even if they don’t allow unsigned apps at all.
That makes even less sense.
It's always been Apple vs The Rest Of The World.
Imagine a city where public parks are all bought out by private entities, that is the Internet right now.
We have less and less public space in the digital world and that is not looking good for the future of democracy.
As you point out, there are alternatives. Why do you think developers have massively and overwhelmingly opted-in?
After all, there are alternatives to bridges, why do the travelers opt to pay the fee?
-- Obviously, /s
Are there? Really? No, they're not. No one who isn't in tech is going to install F-droid. Few people will uninstall untrusted sources, or even know what that is. Fewer Apple users than ever jailbreak their phones.
For over 90% of the market, no, there are no alternatives (other than a mobile website). Due to the non-standard nature of ARM and SoC/binary drivers, we don't even have a real alternative OS for old Android devices that's universal like most Linux distros on the PC in the 90s (although PostmarketOS is making some huge strides in this area).
30% is an insane cut. Bandcamp sells music with a 15% cut, literally half of Amazon/Google/Apple. I always prefer it because I know the band gets more money and I get a higher quality version of the song without a patent encumbered codec (FLAC and OGG downloads are supported).
But no, there are no real alternatives. AppStore/Play are bastardizations of the software repo concept from Linux.
If Google Play was a real package managers, it'd keep standardize shared jar files across apps (dependencies to reduce massive app size) either by mirroring maven repos and signing dependencies or creating their own system, and they'd also allow for easily adding 3rd party app trees.
Both Apple and Google are closed walled gardens, where everything you need has to be contained in your bloated package, and where their corporate overlords get final approval of what is in and out.
Not if you want to build a secure system which runs on an iPhone, there aren't. JavaScript crypto is fundamentally insecure; the only secure option is a native client.
Talking about my own experience, once we've made clear that In-App Purchase wasn't a fit for us as we already had our own payment system (we are a SaaS business), things got way more difficult to us. As you can imagine (but I didn't at the time), our app would be in review for weeks sometimes, we started to see arbitrary denials and a lot of "issues" not present on their guidelines started to be identified on our apps.
If there is one thing that I'm now sure is that, if you decide to not play their game (even though following their rules) there will be retaliation.
[1] https://techcrunch.com/2017/10/24/apples-app-of-the-day-feat...
Getting featured on the App Store is one time, possibly incredibly beneficial, event, but it is not a marketing plan.
(1) Load AOL and visit keyword "UBER" to get started requesting a car now!
(2) Type UBER into your web browser location bar then hit control-enter to visit http://UBER.com/ and get started requesting a car now!
(3) Load your app store and search for "UBER" to get started requesting a car now!
There is more to it. Using apps instead of websites we're killing the whole concept of making information and services available using a standard protocol. That's like going back over 30 years, even before gopher. Then there is the cloud->mainframe similarity, with data and services being moved somewhere into the net where the user has no control over his/her own data, and the whole email/usenet->social media migration which puts private and public communications in the hands of corporations having no intention of guaranteeing interoperability with competing systems.
Basically the industry screwed 40+ years of IT development, not just in a technical way, but they did it behind shiny graphics and animated emoticons, so nobody really cares.
I think the interesting thing to note here is that for most end users a standard protocol is not nearly as appealing as a standard user interface. Like how most iOS apps follow common navigation paradigms, so users don't need to spend time learning each new one. And how people tend to prefer buying things on Amazon instead of any random webshop. And how WeChat has almost become a little web of its own with custom chat UIs for e.g. ordering pizza. If open software for consumers is ever to stop being beaten by these walled gardens, it needs to get a ton more UX people involved and focus on the end user UX, not just the technical implementation.
I'm not saying the App Store is perfect, not by a country mile is it. I'm just saying if you compare it to the Play store, and the wider Internet, holy moly do walled gardens look nice.
That is very true too. I often wondered what would have happened had someone created say 10 years ago an email client with strict protocol compatibility but employing an higher abstraction layer where discussions/attaches are managed automatically just like in a Whatsapp chat (chat -> mail list) using a similar UI. Probably most users would have rejected the idea because they had no intention to learn a new thing nobody was using. So, back to square one.
But ya figure for a large company of creative geniuses they could figure out how to democratize security so that the whole system isn't wholly owned and controlled by a single entity.
Wait, how does that work?
This is an accurate statement. Apple demands that Telegram be able to monitor and block "inappropriate" content. Therefor, secure communication is impossible on iOS.
Apple has further demanded that developers of communications services spy on their users by "monitoring" them. Tell me again how Apple supposedly respects privacy?
It's kinda ironic since Apple refused to break encryption on their own devices for the FBI.
Signal, WhatsApp and Wire are all available on iOS and end to end encrypted.
Other commenter is wrong.
Explain Signal then, otherwise citation needed.
WhatsApp, Signal, Wire...
I mean, it's awesome.
Telegram is a messaging app with group chat you can join and others where you're invited to. And bots of varying utility.
Pictures from birthdays and everyday life to aunts/uncles and grandparents etc.
Many also use it for social/professional groups (again many-to-many) where it offers simplicity but also includes moderation features in "supergroups" that can have up to 100 000 users.
Lately I've also joined a few channels. Channels are one-to-many (or rather: one or a few-to-many)
As for why Telegram it is super easy to use, it seems well aligned with my interests in that it's owner already lost his previous company to authorities and seems obsessed with preventing that from happening again.
That said: if your life or professional life depends on strong crypto I'd think twice or more as certain bright and leading cryptographers seems to distrust/hate it.
(Anyone who needs that should think carefully anyways but Signal seems to be a good option that is also aligned with the users interests.
WhatsApp is often recommended as well and they also seem to have solid crypto but I actively avoid them as they've broken too many promises already and also has a owner that is not aligned with my interests.)
https://telegram.me/ebanistika
depressed bear image
RHIZOME
It's pretty handy, and how deep you go is up to you.
> Telegram has risen in popularity thanks to its focus on advanced security features and the ability to hold secret conversations with end-to-end encryption.
Isn't this wrong? I thought Telegram was famous for decrypting messages in transit.
But it's a still valuable privacy-oriented app.
Sorry, what? Can you show me where Signal has been implicated in flaws? There are some stories about security agencies bypassing Signal, but that is true on any hardware platform you didn't wire-wrap yourself.
I was referring to the recently re-discovered paper about group chats (e.g. https://www.helpnetsecurity.com/2018/01/11/whatsapp-signal-g... paper here: https://eprint.iacr.org/2017/713.pdf)
Sounds like making a mountain out of a molehill.
https://conversations.im/omemo/audit.pdf
Tells you everything you want to know about Signal. Or read the secushare comparison page:
http://secushare.org/comparison
Here, some choice quotes from the OMEMO audit that pertain to the Signal protocol:
"Metadata
The protocol leaks metadata about who is communicating with whom and how much they are communicating. Alice’s request for the server cache leaks to the server that she wants to start a conversation with Bob, as does the PreKeySignalMessage. The plaintext message counters that are included in each SignalMessage make it possible to track the rest of the conversation. Unlike the ratchet used in the Signal Protocol, the regular variant of the Double Ratchet [24] also encrypts the message headers, which would make it possible to avoid tracking of the conversation. It would only make sense to implement this if this information is not leaked already in the transport layer."
"Message authentication
Messages are authenticated by the randomized key, which protects the message integrity from outsiders. However, anyone with access to the key can alter the message, which includes a malicious device. There are a few possible mitigations, each with their advantages and disadvantages. A possible solution would be to authenticate inside the Signal session. By authenticating the payload with the tag of the SignalMessage, the full message is authenticated in such a way that no other device can compromise the integrity. The ciphertext (and not the plaintext) of the payload message should be authenticated, so that the MAC-then-encrypt pattern is applied.8 This solution increases the computational load on the sender side, because the payload needs to be authenticated more than once. When the ciphertext is added as authenticated additional data (AAD) of the Signal message, it would reduce the message size slightly, because no authentication tag is required on the payload. The payload encryption method should then be simplified to a non-authenticated block cipher mode. It will also require some alterations on the Signal library, as the current implementation does not allow the library user to add their own AAD. The payload can also be authenticated by including a hash of the payload ciphertext in the SignalMessage plaintext (and therefore the corresponding encrypted hash in the SignalMessage ciphertext). This would not require changes to the Signal library, but it would increase the size of each <key/> element. This solution is less elegant than the previous, as the hash of the payload ciphertext is sent encrypted, even though the recipient can compute this value themselves. By authenticating a list of all recipient device ids in the tag of the SignalMessage, Bob has a guarantee about which devices Alice has sent the message to. Bob’s client might provide him with a warning if that list includes untrusted devices. This protects him against the specific attack described above, but the protocol remains vulnerable if one of the devices gets compromised by another attack. This solution can be combined with the above solution of authenticating the payload ciphertext with the SignalMessage ciphertext or tag."
"Device linkage
There is no cryptographic link between identities and device keys. In other words, Eve can attach her own device identity key as if it is a resource belonging to Bob and fool Alice into adding it. There is a solution: each device could sign a certificate on each device identity key of the same user. While Eve might fool Alice into thinking that Bob has another device, it is highly unlikely that Bob is tricked into accepting another device as his own. Device identity keys with a certificates that was signed by an already accepted...
Why is Telegram X issued by "Telegram Messenger LLP" while the original Telegram is issued by "Telegram LLC"?
Telegram LLC, which issues the original Telegram app on the App Store has been undergoing litigation with regards to its ownership. It is based out of Russia and a company called UCP with Krelim ties who 'bought' VKontakte has been suing Durov for full Telegram ownership pursuant to VKontakte 'purchase'.
Telegram Messenger LLP however is based in London and seemingly wholly owned by Durov crew. In 2014, Telegram Messenger LLP launched Telegram HD, a separate app from Telegram-LLC-issued-Telegram. Now it is launching Telegram X , another separate app (which was until very recently Challegram, an open source Telegram client, winner of Telegram contest, and purchased by Durov) .
Draw your own conclusions.
EDITED for clarity and details
https://themoscowtimes.com/articles/the-telegram-lawsuits-ex...
http://www.ewdn.com/2014/07/29/pavel-durov-has-cloned-telegr...
https://rusletter.com/articles/ucp_requires_to_recognize_tel...
http://www.frandroid.com/android/applications/securite-appli...
Yesterday Facebook took down all crypto-gambling adverts. There is a duty of care to not be the company responsible for making your customers crypto bag-holders. The gig is up with crypto in its current scam incarnation.
Facebook taking down cryptocurrency gambling ads is much different than Apple removing a general purpose instant messenger. You're finding a connection you want to find, I'm guessing based on your knowledge of PnD groups being on Telegram, that being your sole exposure to Telegram, and your opinion on cryptocurrency.
Apple is very conservative with adult content which I consider the far more likely reason, be that buggy image search, some kind of trending view that porn snuck into, that kind of thing.
Are you saying that Facebook is responsible to make decisions for us - because all it takes is one advertisement to override the average human's discipline and self control?
The advertisements are just what they sell. As the platform owners, they can do a lot more in terms of information curation.
It's just not worth it financially for Apple to assume that liability.
Telegram isn't even responsible for what people send using their service as long as they take reasonable steps towards stopping abuse. Apple has no liability here at all.
Apple got sued for encryption-related reasons. In theory these types of lawsuit don't stop after one time.
Anytime you submit an app to the App Store you have to check a box that asks if you're complying with all necessary encryption export laws. In theory, those laws could change in the future and they just simply won't let you publish apps using strong encryption.
Think about what you're suggesting.
Y'all are right, there a probably very could counterarguments to that, but I don't think that makes Apple potentially any less liable.
What next, automatic voice censorship? That's technically feasible now.
Yes. The manual from 1984 is being followed in an uncanny fashion.
Anyway, all I ever see are the "trending" ones in the app's interface. I wouldn't know where to look beyond that (and I don't use them so I don't care to look for them anyway).
Anyway, I don't see anything wrong with it, to each their own. I was just offering a thought about why Apple might censor the app.
This is why I will never buy an iPhone (though I don't mind a MacBook as long as root access and legal ways to install Linux have not been locked on them yet) - I want to use the device the way I want, have full control over its filesystem, run the apps I want without all that store bullshit (which hits even harder if you live outside the USA by the way, in synergy with your local government bullshit and with what corporations think about your region market) and decide what is appropriate for me myself.
Today Apple is a fascist organization. Historical fascists did fairly good in eye-candy design and hardware quality too but that's the only good part of them and it's pretty much ruined by so much crazy fascist bullshit to tolerate in exchange.