Happen how? I can't understand what you're trying to say. You don't expect to ever find a trojan or you can't believe they covered the story?
I realize this is a signature, but it makes zero sense. It's like asking if anyone uses a browser cache directory. It's not for you to use, it's for the program to use, in this case for iTunes to store smaller resolution versions of pictures for a device that can only display so much resolution and has limited storage capacity (e.g. an iPod Touch for example). A better question might be why Apple puts a cache directory in the middle of photo directories where it's in the way if you store photos by directory, but then they dont' expect you to do that either. They expect you to let it compact everything into one database file for iPhoto which is stupid, IMO since a single file corruption could destroy them all, but then not everything Apple does makes sense.
I'm not arguing for pirated software, but what you just said is beyond absurd and applies to all software that isn't a registered developer with Apple (i.e. much shareware, etc.). How do I know if Handbrake or XBMC is "safe" to install? I didn't get them from the App store... OMG! It simply MUST be malware!
In other words, using Apple's registered developer checks as a substitute for a malware checker isn't the best idea. BTW, "modified <> malware" either. My legit KOTOR2 game has been modified to restore content that was left out and a malware checker on Windows picked it up for the very reason you gave. It's modified. Yeah, but that doesn't automatically make it malware. There have been numerous registered developers that have had their software revoked for breaking Apple's developer rules so I wouldn't 100% count on a program not doing something it's not supposed to (like logging your personal information) JUST because it's available on Apple's App Store either. That's NOT a reliable method because it's only removed from the store if Apple themselves know about the hidden code.
Frankly, I see the words "stupid" flying around a lot in your post with a lot of flawed logic, IMO. Criminal (i.e. morals/ethics) and stupid (not smart) are two entirely different things. Most of the hackers out there wreaking havoc in the news are criminals, but they're anything but stupid and using such a label seems to be more for its insulting nature rather than any kind of accuracy on your part. Frankly, as I said above, you're implying anyone who installs ANY software that isn't recognized by Apple as a registered developer is "stupid" since that's the scenario you're implying which as I've indicated above does not just apply to pirated software. If you don't want to use XBMC or Handbrake or whatever, don't, but that doesn't make users who do stupid. You need a better method to find malware than Apple's developer program, IMO.
I don't think what you're talking about is Gatekeeper, but the disk verifier checking a DMG file for any type of corruption. You can usually skip that if you don't want to wait (i.e. I've never had a corrupt DMG in the past decade yet). I've seen it take 20 minutes to open a DMG that is very very large for that reason. Skipping the CRC verification avoids that delay if you can't wait. It has nothing to do with Gatekeeper, which only checks for ONE thing and that is an Apple developer signature. THAT only takes a moment and it does it when you RUN the program for the first time, not when you open the DMG archive.
