Comment by realusername
3 months ago
> Are they admitting that their app sandboxing is so weak that a malicious app can exfil data from other unaffiliated apps?
It's not news, both iOS and Android sandboxing are Swiss cheese compared to a browser.
People should only install apps from trusted publishers (and not everything from the store is trusted as the store just gors very basic checks)
browsers are really not much better. on an absolute level, I definitely agree they're better (e.g. they have per-url and only-after-click permissions for some things), but they've all got huge gaps still once you start touching extensions. and beyond that it remains to be seen, since OS-level permissions are significantly broader-possibility than in-browser due to being able to touch far more sensitive data.