> it's the OS. It's the OS that requires apps to get permission before accessing my location, it's the OS that isolates apps from each other, it's the OS that provides an easy way to install/uninstall packages.
Sorry, you're just wrong. Only by analyzing the apps can Apple enforce several policies that many folks think contribute to users' security.
The prohibition against dynamic code, lying about the reason that an app needs a certain permission, and all the trust and safety policies are all stuff an OS can't do.
> The prohibition against dynamic code, lying about the reason that an app needs a certain permission, and all the trust and safety policies are all stuff an OS can't do.
It _is_ something a community of people empowered to control their devices can organize and achieve, but we were stripped of this capability when a small set of private concerns unilaterally locked us out. They just told us that they were the only ones they trusted to manage security, and everyone apparently believed them. The state of personal privacy has gotten unimaginably worse since. Not even the world's largest organizations can manage to fight, much less anticipate, the world's worth of bad actors.
It's not impossible according to the laws of physics or anything, but is there a real world example of a non-profit community run repository of software similar in scale to the App Store, with similar guarantees of quality and security that the App Store provides?
F-Droid [1] has a squeaky clean track record when it comes to malware [2]. Might be mostly just because the number of users is relatively low. Quality of course varies wildly, but that's to be expected.
[2] According to the Wikipedia article there were (are?) some old unmaintained apps using vulnerable native libraries but that's not intentional malware and every app store has apps with vulnerabilities of some sort.
> Only by analyzing the apps can Apple enforce several policies
Or they could secure the runtime and quit giving developers dangerous entitlements in the first place. Make no mistake, Apple doesn't need the App Store to develop meaningful security for their users. The Mac is living proof.
Without those entitlements, they would get slammed for being anticompetitive by not allowing 3rd party devs the privilege of building the things they want to build on the platform.
Fine by me. If Apple can't develop safe APIs for themselves, they shouldn't be allowed an unfair advantage through unsafe channels. Secure the runtime, and everyone is happy and you're inherently better-defended against attackers.
The Apple Watch is more secure than an iPhone. I don't think anyone would use that as reasoning to justify the same security model on iOS or Mac though.
At some point, the diminishing returns of "muh security" do obviate positive and pro-consumer change.
Sorry, you're just wrong. Only by analyzing the apps can Apple enforce several policies that many folks think contribute to users' security.
The prohibition against dynamic code, lying about the reason that an app needs a certain permission, and all the trust and safety policies are all stuff an OS can't do.