Comment by dzhiurgis
8 days ago
I'd much rather Apple allow running something like this (open source) myself rather than use their "just trust me bro" store.
8 days ago
I'd much rather Apple allow running something like this (open source) myself rather than use their "just trust me bro" store.
[dead]
I've never understood this argument. Apple spends billions of dollars vetting their store for high quality apps. You can't even verify the build you get off Github was compiled from the same posted source.
As much as people want to be "leet" and run 3rd party software, it's inherently insecure and that's why Apple shuts it down.
They shut it down because 30%.
There was a version of Apple at a point in time where I agree with your rhetoric. They have completely lost credibility to uphold that position IMO.
Apple definitely does not spend billions guaranteeing "quality". To prove my point, where does Apple even define what they consider "quality"? How can you quantify such an aubjecrive and ambiguous term?
They spend billions paying out the 70% they don't pocket.
Heck, They don't even adhere to their own HIG nor let us revert to past (objectively higher quality) versions of iOS.
Also, the store is fulfilled with _billions_ of shitty apps.
The 30% also covers refunds, legal stuff (not stuff IN your app, but regarding the sale of it), taxes, GDPR and much more. The infrastructure running the app store probably also isn't cheap.
I'm not saying Apple doesn't profit from it, but they're not just pocketing every penny.
As for "quality", they mostly check that your app isn't using unauthorized APIs, or doing other scetchy stuff, like leeching all of your data. They couldn't care less if your app is bad, thats' between you and your potential users.
Does it work ? apparently so. Apple catches around 2 million apps every year that are rejected for those reasons. Android has about the same amount of apps, but there they're caught by Kaspersky (and others) after they're published.
That doesn't mean that malware isn't making its way through the App Store review, the damage will be somewhat limited if it can't use private APIs.
I should add that here in the EU, where we’ve had 3rd party app stores for over a year, nobody uses them. The absolutely biggest one, Epic Games, has attracted about 29 million users across both iOS and Android, out of a population of 450 million.
3 replies →
> You can't even verify the build you get off Github was compiled from the same posted source
Sure you can: build it and check the hash. If the maintainer prepared for such a check ahead of time it can be as simple as:
A pinky promise from a corporation can never be more trustworthy than something that we can all verify locally.
Of course there's still the should-you-trust-this-code part of the problem, but at least bad guys in that case must operate in public view, which is--once again--a stronger deterrent to shenanigans than anything that happens behind closed doors at Apple.
OP was referring to apps downloaded from the app store.
you can't get a build hash from a downloaded app to then compare to a source build.
This might sound crazy but some people want the freedom to use their belongings however they want instead of having artificial child locks placed on them by trillion dollar corporate daddies.
But, sadly, as evidenced by apple’s share price, not enough people.
3 replies →
> You can't even verify the build you get off Github was compiled from the same posted source.
You don't need to because you compile it from source yourself
You obviously build it yourself.
IMO ultimate solution is for Apple to curate some sort open source store where they vet the source and builds "in public".
> Apple spends billions of dollars vetting their store for high quality apps.
Rofl. And citation needed.