Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
App Store Stopped 1.6 Million 'Risky' and 'Untrustworthy' Apps From Defrauding Users, Says Apple
- Thread starter MacRumors
- Start date
- Sort by reaction score
Patching ... all OS's have that issue. What does that have to really do with the App Store issue?
Vector will change but is that a firm, plant it here, do not move or change reason not to allow sideloading?
No.
Still not seeing the danger in this activity that makes iOS unique.
You won’t.
Once #iOSNeedsMoreMalware is a core battle cry, anything that doesn’t increase the amount of malware on iOS doesn’t make sense anymore.Still doesn’t give you the keys, though. Those are still “obscured”. Obscurity is still a critical piece of any security methodology.
I'd like to know as well. Reading the article as is, looks impressive, but it reeks of the same claims from 3rd party anti-virus software vendors.
It's not difficult to vet apps on the Google Play store. That said, I hardly download apps these days. Maybe a few rewards apps here and there on my Android phone. On iOS, I downloaded Pcalc since I'm shocked it no longer comes with a calculator app. All the rest have been Apple Arcade fare. On both, most of the apps I download are digital board games, which get talked about a lot on niche communities.
You brought up ios being fragile and I pointed out the obvious with windows and asked it it was fragile as well...considering Microsoft has been doing this for a long time.
Well it's one of a laundry list of reasons. These reasons are floating around the boards.
It's unique in the amount of money that is generated by the app store, thus making ios a golden target with nefarious minds, imo, doing the best they can to scam the customers.
Based on what?
Say the numbers are accurate, what percentage is Apple actually catching?
What is caught by bot vs human?
Nice numbers but this is more of a feel good marketing type publication.
Well, I for one, feel good that Apple is at least doing something. They will not catch everything, but stopping "risk" and "untrustworthy" apps, seems like a win-win.
I asked if it was more fragile than other OS's.
True
1. Target for Apple wanting to preserve as is.
2. Target for shady devs
3. Target as the current item of interest
Personally I see 3 being of shorter term high interest duration.
1 & 2 looks to be business as usual.
"If iOS is that fragile, Apple has some serious design issues."--is not a question...it's a supposition. Which is why I made the comment about Windows.
Last edited:
So what you're implying is that a developer will create an app so frakking awesome people would be willing to abandon the security of Apple's AppStore just for that app? I dunno. I'm a huge sideloading fan, but it had better be the holy grail or the forbidden fruits of apps. For me it's mostly the forbidden fruits (old versions of apps and root level firewall). The PlayStore doesn't have those.
Third party appstore could also lead to boutique appstores that sells only certain types of apps: games, productivity and so on. Unless they want to fail, they'll curate their appstores to a higher standard than the we carry every style AppStore. The only 3rd party appstore I'd be interested in would be an XDA [developers] appstore that sells apps to tinker with my android phone.🤓
Far fetched? Quoting Sentinel Labs: "Software supply-chain attacks have gone from a rare occurrence to a highly desirable approach for attackers to ‘fish with dynamite’ in an attempt to infect entire user populations at once. In the case of CrateDepression, the targeting interest in cloud software build environments suggests that the attackers could attempt to leverage these infections for larger scale supply-chain attacks."
For me sideloading on Android has been predominately legacy apps and apps that the Play Store won't host.
Thats kind of the point however. Because most consumers don't know the difference they can easily fall for a less desirable App Store when there are many to choose from. Apple makes the process mindless and simple. No need to find other stores. No need to research if a store is safe. The App Store is just there and less knowledgeable users know exactly what to do with it.
Its only power users that want multiple app stores because they want to use apps that may be questionable or that Apple deemed either unsafe or a less than optimal alternative to what they already provide.
Most of the users you describe would never in a million years touch the kind of apps that could only be found on 3rd party app stores. They likely wouldn't even know those apps exist or how to go about finding those apps unless they were tricked into it by ads on websites.
There is zero benefit to 99% of consumers to have multiple app stores. Zero.
One of the biggest gripes I have heard from people over the years that would jailbreak their phones was game emulators which Apple bans. For very good reason. Its illegal to share games via emulators unless the games are open source. As an app developer myself I'm happy Apple cracks down on this illegal activity. 3rd party stores will also likely share cracked iOS apps and games and make it harder for Apple to crack down on this illegal activity.
As a app developer I don't want to pay fees to multiple stores. I want one store that has 100% of the market. I know where that market is. I only have to pay fees to one store and deal with the legal aspects of that one store.. I don't want to fart around with ten stores to distribute to and maintain. I don't want only 10% market share per store forcing me to utilize more stores to hit closer to that same 100% market share I have now. Multiple 3rd party stores provides absolutely no benefit to developers at all. If a store has a much lower fee I have to question why is it much lower. What corners are they cutting? How stable is their infrastructure? How secure is it? Apple has already reduced the fee to 15% for sales under One million dollars. Its hard to believe a 3rd party store could be less than that and still provide a safe an secure environment or equal quality.
I can tell you 90% of app developers will never earn more than one million on a single app. So the whole 3rd party store argument is driven as mostly a political or vindictive talking point and the handful of larger greedy developers who actually do earn millions from the App Store.
I have zero concern for those developers since they are making great profit off the App Store. A market they would likely never have tapped if it wasn't for iOS and the App Store. If they want higher profits they need to make better apps/games to sell more units. They should not look at the fees to compensate for their under performing expectations. Its the same mentality companies have about taxes. They can't cut it or compete with their flawed business model so they lash out at taxes as a means to earn more money. Instead of actually running a successful business they look to blame others for their failures.
For example Epic which is a profitable company. They are not struggling or hurting because of Apples fees. They happily signed the contracts that they would pay 30%. Its only when their mobile games earned a lot of money that they got greedy and thought they could earn even more profit with no extra effort other than trying to force Apple to lower its fee. Epic is greedy and uses the same App Store concept to milk money from its users. They want to earn even more on their flawed business model of in game content purchases for a free to play game. Apple shouldn't have to alter their business model to compensate for epics stupid one.
No user or consumer on the planet should give a darn what happens with Epic or similar developers. Nothing that happens will chnage the user experience or reduce the price. It just means more money in the pockets of a few people.
Your typical Android phone or tablet already comes with Google Play, so it's not like such consumers would go out of their way to access other app stores that aren't conveniently already there. Exceptions like Samsung having their own store, but I hear that's not malicious (dunno since I've never used it even when I had a couple of their phones). Just not the "go to" store.
My 1+ came with Google Play and the OnePlus Store. They have most of what I use. My other half has Google Play and Galaxy Store. She has never used anything more than GP. Me, I have a couple of others (FDroid, Aurora).
From years of Android interaction, this seems pretty common use - mostly GP.
The point is any website could link users to other app stores and they can side load any apk app file on Android. Thats just not something I think iOS needs. At least no logical necessary need to bo able to do so. I don't feel like any consumer actually benefits from any of that at all. Some consumers fall for the myth that its better but in reality nobody gains any advantage at all from that. It makes 1000x more sense for a website to link to the app on the App Store and let that store handle the transaction, updates, distribution, security and hosting.
I would agree IF the App Store app review and app retirement policy was more flexible. And cut back the push for apps to use in-app / subscription pricing models.
Right now when I compare the two stores, GP and AS, I find the pricing models on the AP to be far more predatory.
And yet in the Epic vs Apple case (Case 4:20-cv-05640-YGR Document 812 Filed 09/10/21)
"A 2020 Nokia report indicates that “in the smartphone sector, the main venue for distributing malware is represented by Trojanized applications,” which trick users into downloading by posing as a popular app"
"A 2020 PurpleSec report confirms that “98% of cyberattacks rely on social engineering.”
"A Nokia report attributes higher malware rates on Android to Trojan apps on third-party app stores.
"the Court finds that centralized distribution through the App Store increases security in the “narrow” sense, primarily by thwarting social engineering attacks."
"App review also protects against scams and other fraud, such as pirated or copycat apps."
"the Court finds that app distribution restrictions increase security in the “broad” sense by allowing Apple to filter fraud, objectionable content, and piracy during app review while imposing heightened requirements for privacy."
These are findings of fact (in the legal sense of the term) in an actual court case involving Apple.
In Case 4:20-cv-05640-YGR Document 812 Filed 09/10/21 the court did acknowledge that "Ex. Expert 11 (Rubin) ¶ 87. Of course, third-party app stores could also have increased security than Apple. For example, a Disney app store would plausibly screen apps more rigorously than Apple. Trial Tr. (Mickens) 2697:12–21."
But the data shows that open access is less secure; if that wasn't true the court wouldn't have ruled that way, QED.
Last edited:
Still the biggest issue I see with those who are crying malware/fraud/etc… is that they are assuming that the solution Apple puts in place is the same as Android and that all the worst we can assume will come out of the woodwork for this.
I disagree.
MacOS is running great.
Android sideload is a design Apple I do not think will adopt.
Why not wait till we see what Apple really comes up with. Then we can dive into the deep end.
I disagree.
MacOS is running great.
Android sideload is a design Apple I do not think will adopt.
Why not wait till we see what Apple really comes up with. Then we can dive into the deep end.