Apple Wages Battle To Keep App Store Malware-Free

alphadogg writes: Apple is facing growing challenges keeping suspicious mobile applications out of its App Store marketplace. Over the last two months, researchers have found thousands of apps that could have potentially stolen data from iOS devices. Apple has removed some of affected apps since it was alerted by security companies. But the problems threaten to taint the App Store's years-long reputation as being high quality and malware free.

Ignoring the Elephant in the Room

[damn_registrars]

They can't really say they are 100% committed to protecting peoples' privacy when they keep pushing out the facebook app - which is of course dedicated to encouraging people to give up as much of their personal information as possible.

Re:Ignoring the Elephant in the Room

[kuzb]

Such Hypocrisy is shared by most large companies. As much as I don't like Apple, they are hardly unique in this. I'd be more worried about their continued human rights violations that they repeatedly claim they've dealt with.

Re:Ignoring the Elephant in the Room

[AK+Marc]

What's funny is that so many here don't like Apple that they hold it to a higher standard. Nike has been linked to many more human rights violations they blatantly ignore, and Apple's big sin is that they build in China (like everyone else, but it's somehow worse for Apple).

The suicide rate at Foxconn is less than an average American High School. Until a US president is brought up on crimes against humanity for NCLB, it seems a bit silly to condemn Apple.

Re:Ignoring the Elephant in the Room

[MobileTatsu-NJG]

Why is this marked Troll? The human rights violations aren't ever mentioned around here unless Apple is under scrutiny. In fact, the hubub around here died down after made some changes, only for it to reoccur a couple of years later. Perhaps if it really were about human rights and not about dinging Apple's PR, the heat would have stayed on, other companies would be following suit, and Apple wouldn't feel comfy enough to let it happen again.

Re:Ignoring the Elephant in the Room

[rsborg]

They can't really say they are 100% committed to protecting peoples' privacy when they keep pushing out the facebook app - which is of course dedicated to encouraging people to give up as much of their personal information as possible.

Yeah I know I'm feeding the troll here, but Facebook is not integrated into the OS or even distributed as a default app.

There is a difference between systems that take personal information from you and ones where you willingly give it away.

The Facebook app hasn't touched any of my devices, and now with content blockers in iOS, I won't even be giving them my ad cookies either when I inadvertently visit a site that has their Like button or other trackers.

Re:Ignoring the Elephant in the Room

[kuzb]

Apple often goes to great lengths to try to make us believe that they've fixed the problem. I'm not suggesting Apple is better or worse than those other companies, only that it's a more important issue than what goes on in their app store.

Re:Ignoring the Elephant in the Room

...and yet...

http://www.chinalaborwatch.org...

Re:Ignoring the Elephant in the Room

Got any more excuses?

I suppose you think people shouldn't complain about things like government corruption because it could be worse in some other place.

Re:Ignoring the Elephant in the Room

[davester666]

Well, there a LOT of people who really really want to broadcast their every moment via Facebook. So, people are CHOOSING to give up their privacy in exchange for, well, who knows what they get out of it.

You don't have to use the built-in Facebook/Twitter/whatever support or use any of the facebook/twitter/instagram apps from their store, if you don't want to.

And if you don't, I know, this is incredibly hard to believe, but, NONE of your information is sent to Facebook/Twitter/Instagram/whatever.

I don't have a Facebook account [well, not one I created, supposedly Facebook has helpfully started my account without me, ready and waiting for when I may be too incapacitated by alcohol to understand what I am doing and actually sign up] and I am confident that Apple is not sending data to Facebook from my phone. And now, with iOS9, I can install adblockers to hopefully kill FB's/Twitters/Googles various trackers/"analytics services"/ads to at least slow down how fast they are building my profile.

Re:Ignoring the Elephant in the Room

[davester666]

No, they have never claimed to have 'fixed' the problem, because it is a problem that is unlikely to fixed anytime soon in China. What they do claim is that they have taken concrete steps to reduce the likelyhood of it happening, both by paying more money for services and by penalties for contract violations [which supposedly include things like workers hours/conditions/no child labor].

Re:Ignoring the Elephant in the Room

The lengths fanboy trash go to protect Apple's crappy business practices is amazing.

Re:Ignoring the Elephant in the Room

[Dog-Cow]

Do you also find daylight to be amazing?

Re:Ignoring the Elephant in the Room

[AK+Marc]

Excuses? I'm excusing nothing, just pointing out your double-standard.

I suppose you think people shouldn't complain about things like government corruption because it could be worse in some other place.

No, you have it backwards. The hypocrisy is when we criticize everyone else, yet are no better, not when we criticize ourselves when someone else is worse. Can't you even make a basic analogy?

Re:Ignoring the Elephant in the Room

[drinkypoo]

What's funny is that so many here don't like Apple that they hold it to a higher standard.

Wrong. People don't like Apple because it is not meeting the same standard as others: It pockets more of the money that it makes through slave labor than others do. Therefore, it can better afford to pay people a living wage, and therefore its behavior is actually more repugnant than that of other corporations.

Re:Ignoring the Elephant in the Room

"The suicide rate at Foxconn is less than an average American High School."
Compare it to a GM factory or some other American blue-collared industry and you'll see that for all the "prevention" Foxconn is truly dangerous. Also, I'd like to point out that there's no study on the long term effects of those work conditions, which can't possibly be good when short term they cause so many deaths.

And lastly ... Apple makes hardware and software, nice but no longer extraordinary. It sells a brand, an image, that's its biggest and most important asset and ... best target for critics.

Personally, I don't care one way or another about Apple vs other companies or Foxconn vs others. They're not held at gunpoint to work, they always have choices, not good ones mind you, but choices nonetheless. (seems like a snarky comment, but I've had to make similar choices several times and I always chose health over money.)

Re:Ignoring the Elephant in the Room

[phil.swansborough]

Well at least it is since they installed the nets outside the windows.

Re:Ignoring the Elephant in the Room

You are an idiot. What you wrote is since other companies do evil, we shouldn't complain about Apple. You sound like a little kid stamping his foot and whining "it's not fair". Grow up.

You want to know WHY people on Slashdot don't complain about Nike? Because Nike isn't a tech company and nobody here uses their products. There are plenty of complaints flying about not only Apple, but Microsoft, Google, Oracle, HP, Dell, etc. on a daily basis. You are just cherry picking because you feel your beloved corporation of choice can do no wrong. You'd not have said a word if people complained about the behavior of non-Apple companies, and that makes you a hypocrite.

No, you have it backwards. The hypocrisy is when we criticize everyone else, yet are no better, not when we criticize ourselves when someone else is worse. Can't you even make a basic analogy?

Are you honestly trying to imply that people who use Apple products or work with/for Apple don't have anything but glowing praise? Wow, just wow. That's some serious RDF poisoning you've got there, son.

Re:Ignoring the Elephant in the Room

But let me be the first to say this. The Apple dominance era is (slowly) coming to a close. Okay Arstechnica or whatever tech mag will still print a bias reviews of Apple products against say the Nexus 9 by focusing on benchmarks that favor Apple. All the meantime, the screen resolutions of their devices are falling behind, the software (mainly Safari) is falling behind (eg Chrome) and more importantly their critical security exploits being the highest in 2014 then years prior.

I'm not saying their standard is worse than competitors, I'm saying their standard is worse than their former self. It's only downhill from here ...

Re:Ignoring the Elephant in the Room

As a consumer it is YOUR job to clean up your own backyard first. Once you start to take this duty seriously you'll change the way you act as a human being. Without this transition you're just going to be another asshat in a long line of asshats who use "But... but... but.... LOOK AT TEH APPKLEZZZZ!!!!1111!!!!" as an excuse for doing more of the same.
 
You're nothing but a walking excuse for crappy behavior from what I've seen of you. You want everyone else to change even when you're just as much at fault. How American of you.

Re:Ignoring the Elephant in the Room

[trparky]

And meanwhile Android's security track record is the worst it's ever been. Millions of people are still completely exploitable because the particular OEM that made their device doesn't give a shit about their one year old device. God help the people who can't always afford the latest and greatest flagship device and is stuck on some three plus year old device because that's all the prepaid cellular service providers seem to shove down these people's throats.

And as for screen resolutions I don't give a shit about sky high screen resolutions. Can the screen produce a good picture? Can you read the text on the screen? If you have answered "yes" to those three questions then the screen is good enough. Sure, let's pack in a higher resolution screen just for kicks and oh shit... battery life has gone to shit. Hell my main desktop monitor is 1920x1080. It's good enough!

Re:Ignoring the Elephant in the Room

[trparky]

Crap... two questions. I wish there was an edit button.

Re:Ignoring the Elephant in the Room

[MobileTatsu-NJG]

Heh. The funny part about that statement is that your fixation on Apple is the only reason you have an interest in any 'crappy business practices'. You think about Apple more than the fanboys do.

Re:Ignoring the Elephant in the Room

[Solandri]

Despite being somewhat anti-Apple, I've always been on Apple's side when stories about "it's" human rights violations come up, specifically for the reasons OP cites. I would never mod it down simply because it favors Apple, and if it gets out of hand I've written posts defending Apple as OP did.

That said, I'm less inclined to go around correcting people when it's brought up in web forums because the general media is biased wildly in Apple's favor. e.g. Did you know one of the main patents in Apple's $1 billion award against Samsung was ruled invalid by the USPTO this summer? Nary a word about it in the general media (I only found out about it by accident a few weeks ago when the story came up while I was searching for who was suing whom for patent infringement). So I figure some biased bad PR is necessary to help balance out the biased good PR Apple normally gets.

Re:Ignoring the Elephant in the Room

You are an idiot. What you wrote is since other companies do evil, we shouldn't complain about Apple.

No, he wrote that, if you are going to complain about and criticize Apple on these issues, you should *also* complain about and criticize the other companies that do so much *worse* than Apple. But you don't.
It's a blatant double standard, but you're so set on getting angry and calling people names that you look right past it.

Re:Ignoring the Elephant in the Room

You're right that Apple doesn't meet the same standard as others. They *exceed* the standard that others are allowed to get by on without complaint.

They have more stringent contractual controls to prevent labor law violations in the same factories everyone else uses. They *publish* the results of their labor audit process every year. Virtually nobody else does.

Their contracts with producers dictate that the workers will be paid at a higher than normal rate. The employees assembling phones for company X one building over don't get that, but nobody complains about it.

That they manage to make more profit off of their products *while* doing what they can to ensure the workers assembling them aren't being taken advantage of is somehow used as a point to presume that it means they *aren't* doing anything, even though they publicly document their efforts (including where those efforts haven't been 100% successful).

It's the double standard of:
Apple is trying to do better, so they have to do even better than they are.
vs
Other companies aren't trying to do better, so they can let things get worse.

Re:Ignoring the Elephant in the Room

[AK+Marc]

"The suicide rate at Foxconn is less than an average American High School."
Compare it to a GM factory or some other American blue-collared industry and you'll see that for all the "prevention" Foxconn is truly dangerous.

Nope. Foxconn's suicide is not higher than US general suicide rates. I used those numbers to not get into a debate about how the Foxconn suicide rate is calculated. That and if that rate was so bad, why aren't we doing more in US schools? We aren't, which means we think that rate is acceptable, unless it's happening at Apple, and we hate Apple.

Re:Ignoring the Elephant in the Room

The suicide rate at Foxconn (5.4 per 100,000: http://www.businessinsider.com/apple-and-dell-investigating-the-foxconn-working-conditions-2010-5) is quite a bit lower than the average US suicide rate (12.6 per 100,000). Unless you're trying to claim GM factory workers are particularly suicide-free (studies published by researcher Steven Stack in the 1980's put blue collar factory worker suicide rates in the US at nearly 3x the average rate for the time [which itself was higher than now], but I can't find modern data) then it's quite safe to say Foxconn employees are less prone to suicide than American blue-collar workers as well.

Re:Ignoring the Elephant in the Room

Not everyone can buy out a small country.

With the profit margins they're generating by offering last year's hardware and last years features while charging this year's prices, they're easily generating a 30-40% profit margin on hardware alone -- not to mention that they can just sit on their asses and charge another 30% on in-store purchases (see dropbox's rates in-app and outside of app for an obvious example).

This is why they are held to higher scrutiny - they branded themselves as a "luxury" product, and as such, their standards should be set much higher. I wouldn't be surprised if Samsung will start getting harassed about it too should they get any bigger.

Re:Ignoring the Elephant in the Room

The funny part is... isn't this what the review process is suppose to be for?

Who cares where the developers are coming from?

Re:Ignoring the Elephant in the Room

Any chance the suicide figures are tampered with? Counting a death as something other than suicide. Regardless, it probably should be dealt with anyway.

Re:Ignoring the Elephant in the Room

[MobileTatsu-NJG]

Why even spend the time on that when Foxconn produces parts for many manufactures and not just Apple? I wouldn't mind, but worker safety is a whole different level from PR stemming from a poorly understood patent case. Heck, you could even rake Apple over the coals for letting the violations happen again as recently as this year!

Re:Ignoring the Elephant in the Room

False dichotomy. Just because someone dislikes Apple doesn't mean they have to like Google.

Re:Ignoring the Elephant in the Room

[neoritter]

Well Apple fanboys making excuses for Apple is as sure as the rising and setting of the sun.

Re:Ignoring the Elephant in the Room

As a consumer it is YOUR job to clean up your own backyard first. Once you start to take this duty seriously you'll change the way you act as a human being. Without this transition you're just going to be another asshat in a long line of asshats who use "But... but... but.... LOOK AT TEH APPKLEZZZZ!!!!1111!!!!" as an excuse for doing more of the same.

You're nothing but a walking excuse for crappy behavior from what I've seen of you. You want everyone else to change even when you're just as much at fault. How American of you.

No, Poindexter, as consumers its our job to level the playing field by pushing to regulate big business. While trying ethical alternatives in the market is nice, these aren't problems the market is going to solve on its own. So pack up your libertarian troll game because we're not playing.

Re:Ignoring the Elephant in the Room

Super late reply, but I had to correct this.

The facebook app is not installed by default, but FB is integrated into the OS. There's a special section in the Settings app where you can give your FB login credentials which other apps can make use of system-wide. (Twitter, Flickr, and Vimeo also share in this distinction) I don't know exactly how much access the system gets when logged in this way, because only a complete moron would actually use it this way. OS X has the same thing, by the way.

While I do have the FB app installed on my device, it is effectively firewalled off from the rest of the system, at least as much as iOS allows. It has zero access to my private data (photos, location, contacts, etc), and the login is held only in the app itself, not in the system-wide setting.

Re:Ignoring the Elephant in the Room

[slashdotwannabe]

People do. You're just so fixated on your beloved Apple that you are blind to it.

And yet you provide no evidence to support your assertion...

I call it like I see it. If you can't handle, why don't you go off into a corner and have a cry.

Your need to denigrate those who disagree with you betrays the weakness of your argument.

Re:Ignoring the Elephant in the Room

[slashdotwannabe]

False dichotomy. Just because someone dislikes Apple doesn't mean they have to like Google.

It's only a false dichotomy if you posit that there are viable choices other than iOS and Android. Are you suggesting that Blackberry or Microsoft are viable alternatives? Because the marketplace would disagree with you.

Apps that app other apps get apped!

Apps!

the war on malware

running on proprietary closed source software

so it begins.

Apple Testing ?

[randalware]

Apple doesn't have a QA testing suite/lab for applications ?

Re:Apple Testing ?

Many people here just assume that everyone on slashdot knows this stuff, however I think a full explanation is worthwhile so I'll try to give it.

Software just doesn't work like that. If you do not have the full source code to the software you are trying to verify you really can't know what it does. Even if you do, there are techniques which will mislead experts almost every time. People do try to understand binaries, e.g. in anti-virus companies, however those people may spend weeks or months and basically what they try to do is re-create the source code from manual careful analysis of the binary. Needless to say, this is far to expensive for any of the app stores to do.

In order to bypass something like an app store check, you just need a way to make sure your bad functions aren't active or visible when Apple accepts the app. Check the time and don't activate for two months after you submit the app. Download a logo. Only activate if it's colored red. When Apple tests the app it does nothing bad. When the user runs it later it does bad things. What is there for Apple to test?

Re: Apple Testing ?

[bill_mcgonigle]

Also, until all the apps are rewritten in Swift, any static analysis efforts are fairly easy to bypass. Objective-C is very flexible at runtime - most of the App Store inventory has potential for hosting malware.

Re:Apple Testing ?

IF they do it's certainly not doing very well is it.

Re: Apple Testing ?

[Dutch+Gun]

Exactly. Apple is screwed by the original iOS design, in which they assumed the apps were all trusted first party, so didn't bother to put in a robust permissions system to differentiate API calls from trusted vs untrusted sources. Using Objective-C, with it's flexible runtime calls based on strings, it's trivial to bypass restrictions and gain access to APIs that you're not supposed to have. That is, calls made to app-facing APIs need to call internal APIs, and there's no way to practically prevent apps from calling those internal APIs directly and getting more data than they should.

That being said, Apple has one significant advantage, in that it only takes *one* report to remove all similar malware from any number of apps (assuming it's a library), as there's a single, authoritative source to check against. That's in contrast to PC, server, or router malware with can sit infecting a machine in near perpetuity, even if it's known by the world at large. Of course, that's like detecting a minefield by watching your soldiers blow up as they march across the field. Sucks to be the guy who got blown up, but at least everyone else is safe.

Re: Apple Testing ?

[angel'o'sphere]

Using Objective-C, with it's flexible runtime calls based on strings, it's trivial to bypass restrictions and gain access to APIs that you're not supposed to have.
You are simplifying to much.
Just because Objective-C is based on message passing does not mean you can bypass anything.
But if you have some examples how to manipulate API calls, that would be interesting.

Re: Apple Testing ?

Were you listening to this weeks Security Now? Because if so, Steve totally got it wrong on the innards of Objective-C...

Re: Apple Testing ?

[david_thornley]

Every time I bring up certain apps, I'm asked if I want to let them do X (mostly use my location). It would seem that there is a permissions system there.

Re:Apple Testing ?

[macs4all]

IF they do it's certainly not doing very well is it.

Ahem.

Even if you read the TFS, you will see that they said that there is a "Potential" that some Apps could be "configured" to steal data.

Theoretical Exploit: Not a realized one. BIG difference!

And of course, no explanation of how Apps could be "configured" in said manner.

And if you actually break the rules and at least read SOME of TFA, you will see this most important factoid:

"While the apps were not stealing data, security experts said it would have been trivial for attackers to configure them to do so. "

And then the article goes on to harp about XCodeGhost; with vastly inflated numbers of supposedly "infected" Apps, and after the originator of the Tainted XCode download already apologized.

And then, TFA focuses on MobiSage SDK, which appears to be an Ad-Insertion function that even the security firm FireEye said didn't appear to be doing anything malicious. But yet, FireEye took it upon themselves to label MobiSage "High Risk" (based on the fact that it appeared to be nothing more than an ad-insertion framework, right?).

So, ONCE AGAIN this is nothing more than a clickbait rehash of month-old FUD. Pure and simple. Thanks, Slashdot.

And I would say that either the "Permissions System" is either not really being challenged afterall, OR that it IS working just fine...

How about

You start by killing the numerous clones of popular apps. Although you wouldn't be able to claim the billion plus apps in your catalogue then it would be closer to 100.

Our Mal (Apple) Or Your Mal

A recent money line for Apple is to "Snitch" on App Store "Customers".

Under Apple's "New" Psychology, every App Store Subscriber is "Tainted" and an "Enemy" and Must Be Punished!

"Punished." Apple App Store Subscribers will see their credit and debit cards depleted within 128 hrs. All money and monetary instruments become ownership of Apple, Mr. Tim Cook of course.

Good luck with that

[JustAnotherOldGuy]

Apple Wages Battle To Keep App Store Malware-Free.......and they'll lose.

There are a million malicious programmers versus what, a few dozen app testers and some automated code-checking tools?

Yeah, good luck with that. They'll never keep the App Store free of malware. I'm calling this one right now, Apple will lose.

Re:Good luck with that

They're doing better than the average Slashtard who moans about Apple all day.

Re:Good luck with that

[JustAnotherOldGuy]

They're doing better than the average Slashtard who moans about Apple all day.

Yes, but the day is still young.

They deserve this

[Jazoray]

The store is the only guardian on the entire iOS operating system. it's a single point of failure. If the user had complete access to his device, this wouldn't be a problem.

Re: They deserve this

Oh, you mean like on Windows or Android... Where there's NO malware whatsoever?

No, the reality is malware is unavoidable... the only thing we can do is take a shower after the shit hits the fan and gets sprayed all over us... no matter which platform we are on.

Re:They deserve this

It would be an even bigger problem then. Why? Because the average user will gladly sign away all that complete access to any app that asks for it. It MIGHT give an edge to those few that have a slight idea of what they are doing, but they are a few percent, at the most.

Re:They deserve this

++

Yeah - I prefer my cars to come with the hood welded shut. Have never owned an Apple, and ain't gonna.

Re:They deserve this

[david_thornley]

Which is why Windows never had any malware (at least until Vista on, when they tried to make it harder to control the computer), and most Android devices have no malware problem, right?

Re:Toad rays from my anus

[sexconker]

ALL GLORY TO HYPNOTOAD

Why should they?

Most suckers got infected by choice. Let them have it and let Darwin get the rest done.

Walled Garden

[Big+Hairy+Ian]

Personally I'd rather risk infection than be restricted to what Apple says I can do

There's some other things they should focus on!

[AbRASiON]

Before I start, yes I'm an Android guy - but, I do have an iphone and ipad.

How.the.fuck do Apple fans justify that shitty app store? The search is OUTRIGHT BROKEN. It's BROKEN! There's so many fake / spam / SEO'd bullshit apps which come up when you search for something, it's fucking incredible.

It literally doesn't find the app I'm looking for, over 50% of the time.
I mean, I'm cool with tech companies not being perfect but this is the "Ever flawless" Apple who always get things right...? It's fundamentally broken.
I don't even care that the spam exists! so what? But at least fix the algorithm so when I search for "extremely well known app X" it actually returns a result of the "extremely well known app X" I'm looking for.

While I'm railing on them, one more thing* why in all that is !@#%$ing holy, can I not remotely install apps on my iphone / ipad from my PC? Yeah yeah, I'm an Android guy, I mentioned that,...
How can the Google Play store have had this for 3 years+ and third party Android app installers have had it for 5 years. FIVE YEARS.

I'm sitting on my PC for example, reading slashdot, someone says "hey blah blah is a brilliant app on my ipad, it really solved XYZ" I should be able to open a new tab, go to the app store, find the app and click "install to ipad"
It's nearly 2016. How is this fucking missing?
Worst part is, you ask this, even politely and Apple fans will tell you how "wrong you are" for wanting it. (I'm expecting at least a mixed / logical reaction on this site)

Outright crazy, poor design, backwards thinking. These are good features. It's nuts.

* Jesus I wish slashdot was still highly relevant, there might be a miniscule chance of an Apple person actually reading the post and fixing this idiocy.

Re:There's some other things they should focus on!

[rainer_d]

Settings -> iTunes & App Stores (on your iDevice)

There's setting for
"Automatic updates"

You can enable it for Music, Apps, Books and Updates.
It doesn't work by default if you're not on WiFi - but you can enable it, if you don't have bandwidth limitation.

I didn't know where this setting was, so I searched for "App" in the settings.

Re:There's some other things they should focus on!

[AbRASiON]

I think you're misunderstanding me or ..... I explained poorly.
I want the ability to REMOTELY install apps to my iPad, sitting on the coffee table downstairs or even on my desk at work while I'm at home, simply by going to the app store website, logging in to my itunes / app store account and clicking 'install' on whatever app.
It should then prompt me, "which Apple device?", of the "Apple devices registered on this account"

This is how it works on the Google Play store, it might even be 4 years, not 3.

Re:There's some other things they should focus on!

"While I'm railing on them, one more thing* why in all that is !@#%$ing holy, can I not remotely install apps on my iphone / ipad from my PC?"

I imagine Google's array of patents on remotely installing phone apps probably has something to do with it.

Re:There's some other things they should focus on!

I just went into iTunes, downloaded an app to my PC and within 30 seconds it was loading on my iOS devices.

True, it doesn't allow me to select which one, but that would be nice.

Working in an IT department where we have all three varieties (Android, Blackberry and iOS), I see the strengths and weaknesses of each. It annoys me when I see blanket classification of people just because they prefer Apple products.

I know about and can admit the shortcomings of my preferred device. I don't treat Android or Blackberry users with the disdain I see constantly heaped on Apple users (especially here).

After almost thirty years in this industry, the "my computer can beat up your computer" gets old.

Re:There's some other things they should focus on!

You *can* remotely install apps onto your iPad, and have been able to do so for years.
1) Enable wi-fi syncing on your devices (if you haven't already).
2) Buy the app in iTunes.
3) Select the device in iTunes.
4) Drag the app onto one of the pages of your device.
5) Sync the device.

I'm sorry if you can't go to a *web page*, and have it install applications on your iPad, but that's a *huge* vector for security issues.

Re:There's some other things they should focus on!

I just went into iTunes, downloaded an app to my PC...

You have to use iTunes to download an app, that's not what AbRASiON meant:

I should be able to open a new tab, go to the app store, find the app and click "install to ipad"

Re:There's some other things they should focus on!

[david_thornley]

So, you want the capability to remotely load apps onto your iPad? Are you sure you'll remain the only one with that capability?

You can buy apps from your computer, and then you can sync. Assuming you like to keep some sort of backup, you'll be syncing periodically anyway. What's wrong with that?

Re:There's some other things they should focus on!

[AbRASiON]

You seem to be diverting the topic to security arguments. If the Apple app store login is secure enough to have my real name, payment info, it's secure enough to distribute applications to my ipad - just how it works on Google Play now.

As for itunes sync style, nope not a chance. That's a very poor system and I don't think anyone uses itunes anymore now that they don't have to. (The cloud backups on iphone / ipad work exceptionally)

Regardless even if I did want to do that, I'd still need the ipad in my apt near the itunes enabled PC. As it stands, my mom who doesn't know too much about using these kind of things, can have me remotely install stuff to her Android phone, 100 miles away in about 2 minutes.
It's nearly 2016.

Re:There's some other things they should focus on!

[radarskiy]

"You have to use iTunes to download an app"
It looks like that because the App Store is not a website and the interface is in iTunes, but downloading to the device does not require connecting the device to the computer with iTunes in any way.

Re:There's some other things they should focus on!

[radarskiy]

The only part which the App Store cannot do is selecting specific devices. Any enabled device will download the new app and devices not enabled will not download it.

Re:There's some other things they should focus on!

[david_thornley]

If you're discussing why you can't, security is the reason. Apple makes considerably different security tradeoffs than Android, and that is one thing to consider when deciding what to get.

just bullshit

for anything that you search for there are 200 knock off Chinese apps.
They'll never clean up their shit, it keeps feeding to marketing that they have X more apps than anyone else.

Re:just bullshit

[macs4all]

for anything that you search for there are 200 knock off Chinese apps. They'll never clean up their shit, it keeps feeding to marketing that they have X more apps than anyone else.

And how, pray tell, do you think the Google Play Store makes the same claims?

So...app vetting is and always was BS, then?

[xxxJonBoyxxx]

>> problems threaten to taint the App Store's years-long reputation as being high quality and malware free

So, we can agree that Apple's application vetting process is and always was bullshit, right?

Re:So...app vetting is and always was BS, then?

[cjmnews]

Due to their original design and the use of Objective C, yes.

Their screening process consists of scanning code for using "undocumented" system calls that are restricted for Apple's use only.
Obfuscate those system call strings and you have now bypassed the screening process (ala: XcodeGhost)
Too bad they can't stop it, until they move every app to Swift (now you know why they created a new language).
Even if they could crack every system call string alteration an app could do, the app could request the system call string from a server, and execute it on the fly and get around the scan.

There is probably more to the screening process, but I am doubting there is much more to it.

Re:So...app vetting is and always was BS, then?

So they're trying to work around the Halting Problem.. Good luck with that.

Anti-Virus

So Apple does not run a simple anti-virus scan on the apps that are available for upload. Ridiculous.

Droid does what iDon't: app apps in an app

[tepples]

Since when can you app apps in an iPad app? I thought only Android could do that.

If that happens, *iOS is dying

[tepples]

You start by killing the numerous clones of popular apps.

Then Apple would have to kill itself, as iOS is based on FreeBSD, and *BSD is a clone of UNIX.

Then don't make a damn Turing machine

[tepples]

The way to work around the halting problem is to build a machine that is useful yet less capable than a Turing machine. One example of such a machine is a linear bounded automaton, which is a Turing machine that never moves the pointer past the end of the input. An LBA recognizes context-sensitive languages, and it is equivalent in power to a physical computer, which has limited memory. Halting is solved on an LBA, by making a universal LBA twice as long as the original and running two copies of the program in a tortoise-hare configuration to detect infinite loops.