Comment by kstrauser

First, yes, I totally agree with the premise. I still think there's a big difference between scammy software like you described and flat-out malware. App Store review can identify and reject lots of malicious syscalls. If you get a fake ChatGPT app, it might very well have in-app purchases that don't actually do anything server-side, but it probably won't exfiltrate your email to North Korea.

You're right. It's not "safe" in the sense that things clearly, demonstrably make it through that shouldn't. I do believe those are the exceptions that stand out, though. It doesn't mean that scammers can't still get malware into the store. It does mean they have to work harder for it than most scammers are willing or able to.

By analogy, Fremont, CA isn't "safe". They still have robberies and thefts and assaults and murders. But with a crime rate literally 1/10th that of St. Louis, I'd forgive people for describing it that way.