I absolutely detest this idea of third party app stores. Please tell me why this is a good idea when literally your entire life and its contents are contained in this palm sized device.
Do you really want sideloading of apps that asks average joes for ransomware?
We already have another sandbox - browsers. And you're seeing problems with extensions, popups, .dmg downloads and .exe virus scans, etc. So much so that browsers are constantly fighting against attacks for 20 years.
> We already have another sandbox - browsers. And you're seeing problems with extensions, popups, .dmg downloads and .exe virus scans, etc. So much so that browsers are constantly fighting against attacks for 20 years.
They are, and, if you look around, they're winning: billions of people use Windows, MacOS and desktop Linux, safely, to do all manner of things. Billions of people use the web, which involves all kinds of code from all kinds of places - none of which is held hostage by a single absurdly valuable corporation - and, judging by the continuing success of that platform, I would say it's doing pretty well.
You know what's terrifying? This argument is terrifying. So, you brought up the web … assuming iOS continues to be what it is, and eventually people just stop bothering to make websites: is that okay? Is that what we want?
I actually want a phone with absolutely no app store. Just browser is fine. Given the amount of information it holds, adding any kind of apps that allow system wide access is horrifying to me. Since we don't have such phones, the next best thing is a store run by a company that can have security staff, highly paid security engineers and a whole bunch of people trying to make it secure than some reddit group that wants to distribute apps to billions of people. For that, as I said, just use a browser.
App store reviewers are not the people you should be trusting to make your phone secure. They can and do make mistakes, because their job is to go through a checklist, look for things they don't like, and maybe run some analysis tools that other people wrote. (I'm guessing, of course: this process is completely invisible to the general public). The people who should be making your iPhone secure are the developers at Apple who are improving how apps are sandboxed, catching and fixing security vulnerabilities throughout the OS, sometimes even with open source code and published CVE entries.
If we have so little faith in those developers that we believe the last line of defence - the App Store reviewers - are the thing holding us back from disaster, then we definitely should not be using iPhones.
App store reviews are executing the policies and tools that security engineers built. Whether it is a human checking these policies or automated scripts doing it, the point is that the policies governing those filtering processes are conceptualized, written and developed by experts that know what they're doing and they get paid a handsome amount [250k USD and upwards]. You're also switching from AppStore to the whole device. The device is secure because of things like T2 chip and billions that probably went into making it possible.
It's really obvious to me which is more secure - a 2 trillion dollar company with vested interest and one of the key selling points, that is privacy; or ... literally anything else.
I absolutely detest this idea of third party app stores. Please tell me why this is a good idea when literally your entire life and its contents are contained in this palm sized device.
Do you really want sideloading of apps that asks average joes for ransomware?
We already have another sandbox - browsers. And you're seeing problems with extensions, popups, .dmg downloads and .exe virus scans, etc. So much so that browsers are constantly fighting against attacks for 20 years.