I wonder sometimes if there is some way that you can have an open store, but keep out malware. Or does keeping out malware always entail some sort of app review process? If it does, then, yeah I would much rather have the closed, app reviewed store than the open one. Getting a virus on my computer somehow doesn't seem as bad as getting a 'virus' on my phone. That's just me though.
If it does, then, yeah I would much rather have the closed, app reviewed store than the open one.
I wouldn't object to a stronger review process for the Android market, specifically because Android allows the option of installing apps from outside the market.
Getting a virus on my computer somehow doesn't seem as bad as getting a 'virus' on my phone.
That seems to be the general feeling, but it doesn't make a lot of sense. Your computer is at least as likely to have sensitive information on it as your phone, and is more likely to have stuff like business and financial information. I'd really like somebody to ask Apple "since it's so important to remove any possibility of malware, how can you justify continuing to allow Macs to run software from any random source"?
>With the malicious apps installed, the developer was able to gain access to the customer’s IMEI and IMSI, product ID, model, partner, language, country, and userID. In a statement released by Google, they said it’s believed that only the IMEI was compromised.
Number one, who cares.
Number two, they were revoked and remote deleted.
Number three, nothing about Apple's process actually ensures that this can't or doesn't happen. It may have some affect, but there have been mistakes made in Apple's store as well.
I don't find the conclusion to be appropriate. "Most people just want to feel safe."?
"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety."
Number three, nothing about Apple's process actually ensures that this can't or doesn't happen. It may have some affect, but there have been mistakes made in Apple's store as well.
We really don't know the specifics of Apple's process so you really can't say that. Also the author makes the point that he can't think of a malicious app that made it into Apple's app store and I agree with him on that. I can't think of anything either. If you can think of one than you should tell us otherwise you shouldn't say Apple's made similar mistakes.
The situation is not unlike Apple's desktop platforms. Yes, OS X has a good security model (Unix style), but it's not impenetrable, as has been proven over and over again at events like pwn2own, yet there has never been a significant outbreak of OS X malware. The answer to the "why" question isn't clear.
Considering Apple has removed apps after the fact for learning they had functionality they did not desire to be available (Camera+ using volume control for other things, or Yelp's special feature that was turned on via gestures or shaking or somesuch), there is 0 reason to believe they will catch outright malicious software.
Meh, it’s only a phone and Apple is no government. I wouldn’t want my government to be run by Apple – and luckily they don’t. I’m ok with buying their phones. I’m more than happy to give up that particular freedom for that particular comfortableness and as long as there are viable alternatives – as long as iPhones aren’t the only smart phones I can buy – I see nothing whatsoever wrong with that position.
But that’s rather beside the point. I think it is important that both Apple and Google have infrastructure in place to stop malware from ever reaching their stores and to remove it if it does. One of the reasons why Google I/O and Apple’s WWDC were both sold out within less than a day is that people love apps on mobile devices and I’m willing to speculate that the reasons for that are that apps are easy to install and delete, cheap and you can trust them. That last point is important. Malware is rare to non-existing in app stores, people consequently don’t have to think before installing (as they have to when downloading software from the web). They don’t have to fear software (as many do on the web).
I agree with the fact that Apple made a smart move by controlling submissions to the App Store, but I think some responsibility lies in the owners hands in the case of Android. Too many download apps and never once look at the permissions involved before installing. For example if a ringtone app asked for geolocation, something is probably fishy.
To me, it's less about the protected app store and more about the fact that the protected app store is the only way to get apps on your iOS device. Allow sideloading, and suddenly the protected app store is not really an issue.
While I don't agree with the author in regards to the app store Apple's restricting installs to the App store is a valid security measure. Allow side loading and there's literally no way to secure the device any longer (which is why PCs have so much trouble)
As long as it goes by the Android model (turned off by default and made clear that once activated that sideloading can be dangerous and warranty voiding), what wrong with that? Isn't it a person's personal decision whether they want to prioritize security?
This is a straw man argument. Apple's rarely been criticized for a restriction that safeguarded the user. In fact, most of the criticism of the review process isn't criticism of an individual restriction at all but criticism of the fact that Apple doesn't publish its policies. So you don't know what you are and are not allowed to do.
As for Google being open doesn't mean you have to be reckless. Nothing about doing a basic security check contradicts a policy of letting every legitimate app into the store.
The Google store is closed to malware the same way the Apple store is. Both stores have automated software to check for malware before approval, and both stores have mechanisms to remove malware afterwards. Apple's checks are more thorough and have humans in the loop, but neither are infallible.
14 comments
[ 3.0 ms ] story [ 36.3 ms ] threadI wouldn't object to a stronger review process for the Android market, specifically because Android allows the option of installing apps from outside the market.
Getting a virus on my computer somehow doesn't seem as bad as getting a 'virus' on my phone.
That seems to be the general feeling, but it doesn't make a lot of sense. Your computer is at least as likely to have sensitive information on it as your phone, and is more likely to have stuff like business and financial information. I'd really like somebody to ask Apple "since it's so important to remove any possibility of malware, how can you justify continuing to allow Macs to run software from any random source"?
Number one, who cares.
Number two, they were revoked and remote deleted.
Number three, nothing about Apple's process actually ensures that this can't or doesn't happen. It may have some affect, but there have been mistakes made in Apple's store as well.
I don't find the conclusion to be appropriate. "Most people just want to feel safe."?
"They who can give up essential liberty to obtain a little temporary safety, deserve neither liberty nor safety."
We really don't know the specifics of Apple's process so you really can't say that. Also the author makes the point that he can't think of a malicious app that made it into Apple's app store and I agree with him on that. I can't think of anything either. If you can think of one than you should tell us otherwise you shouldn't say Apple's made similar mistakes.
But that’s rather beside the point. I think it is important that both Apple and Google have infrastructure in place to stop malware from ever reaching their stores and to remove it if it does. One of the reasons why Google I/O and Apple’s WWDC were both sold out within less than a day is that people love apps on mobile devices and I’m willing to speculate that the reasons for that are that apps are easy to install and delete, cheap and you can trust them. That last point is important. Malware is rare to non-existing in app stores, people consequently don’t have to think before installing (as they have to when downloading software from the web). They don’t have to fear software (as many do on the web).
As for Google being open doesn't mean you have to be reckless. Nothing about doing a basic security check contradicts a policy of letting every legitimate app into the store.