I wonder how many Home Depot customers go on to kill people with wrenches compared to how many iPhone & Android rooters/jailbreakers go on to pirate apps? And no, I'm not talking about the average HN'er - rather every Uncle Dick in my family who doesn't know sh*t about tech but is only too happy to tell me about all the 'free' apps he's downloaded now that he jailbreaked his crummy iPhone.
Sorry - it's a question that's worth asking. If everyone was assaulting each other with wrenches, we'd declare martial law - the constitution isn't a suicide pact. If Android is the hottest smartphone OS in the US right now (and it is), why are the app attachment rates so low?
As a console game developer whose friends have developed iOS and Android apps that have seen huge download and play numbers (as measured by leaderboard submissions) but have seen almost no purchases, I have zero interest in developing for either platform.
Don't compare Apples with oranges. Android and iOS have roughly the same amount of malware and similar app sandboxes that neuters malware unless the user is utterly braindead and granted the app all kinds of unnecessary permissions.
Regardless, just like it's possible to leave your gun out and get shot by your own child, it should also be possible to infect your own device with malware if you don't care about safety.
Stop infantilizing people and let them make their own choices.
The problem with piracy on android is how EASY it is to pull it off. On the iPhone, you have to jailbreak your phone, a step which many consumers are weary of doing in fear of bricking their phone, after this, they also have to find a cracked .ipa to download/install. On android, you simply need to buy an app, copy to SD, return it and viola! free app. Based on stats of my paid android app, there are about 3x as many pirated users as users who actually paid for it =(
To be clear, most of the alternative app stores here are so bad you’d never want them near your phone. They do things like slip spyware into apks and ask for broad permissions for extra stuff an App Store should never do, like “help you back up your text messages.” (This was in 2014 anyway, haven’t touched an android since)
Choice is good, but there’s something to be said for a locked-down ecosystem protecting consumers from bad actors. Not sure how to split the difference. I run linux on PC but have an iPhone because it needs to just work.
Interesting and seemingly well researched article. That said, there are a handful of things are are phandroidy about it, perhaps too much so.
1. Android is fragmented as ever OEM has their own flavour and most devices do not get upgraded to the latest version by the OEMs. This is a problem for consumers and developers.
2. High-end premium marketshare is owned by Apple.
3. Most instanced of malware targeting iOS is targeting jailbroken devices. Android malware doesn't seem to care whether you rooted your device or not.
4. App quality on Andoird still suffers, more so in some categories than others. It feels that developers feel/think that Android users do not expect as much polish as iOS users since they are more used to sub par apps.
This is just getting worse and worse. I'm not going to bash Android specifically, because iOS does get some exploits, but seriously we need to have a more locked down system that allows the user to only install the apps that are downloaded from a app store, that runs the apps in a container and doesn't allow special access to forbidden parts of the system. Of course if the user doesn't like it and wants freedom to use any apps, as well to be open to security risks that come with it, they MUST be allowed to do that, but don't make that the default option on billions of devices...
Well it's far easier to have better overall software quality when you have a closed ecosystem with even the hardware and drivers designed by yourself. You need to implement and support only your own use cases with all loose ends cut.
For me the choice is simple. Android allows piracy out of the box and lets you do some pretty advanced power user stuff (e.g. system-wide VPN ad blocking) without rooting, iOS requires a jailbreak to do literally anything. Android will run any browser, iOS is Safari only. Android is open source, iOS is a closed proprietary black box. iOS also does other absolutely ludicrous things, like ATS blocking fetch and xhr requests over HTTP with no way to disable it. It's like it comes with always-on parental controls out of the factory. I'm the admin of my device, not fucking Tim Apple.
Android may be a buggy duct taped amalgamation of random hardware and software, but that's a direct result of it being open and no worse than the average linux machine.
I almost did run down to Walgreens to buy one when I heard about it. I thought, "Android is open source, it should be fun to hack right? How bad can it be?" It seems the answer is really really bad. Much of it reminds me of my original Phillips Windows CE 1.0 device I had. Glad I didn't go and buy one.
Its bad when a device that was never supposed to run Android (the iPhone) can be hacked to run it better than a device that was designed for it.
I have mixed feelings about this. I'm exactly the type of person who used to jailbreak my iPhone to run Cydia, and I used to build my own custom Android ROMs and spend hours on XDA-Developers before that. Now though, I appreciate how locked down iPhones are, and I keep it as locked down via Apple Configurator as possible, because the mobile web and mobile application space are fraught with peril. The vast majority of mobile apps are net-negative experiences unless it's a companion app to an in-person service (e.g. restaurant/airline/hotel/bank), and even those are often risky. If you look at the Android ecosystem, the Google Play Store is basically a ghetto where the lowest common denominator criminal gangs operate malware at scale with impunity, and Apple has been a haven away from this.
I went through a lot of effort to switch my elderly parents into the Apple ecosystem, and since doing so I have been able to have a lot less support required and to sleep easy at night. With sideloading coming, I am not longer certain that their devices are safe and they won't be tricked into putting malware on the device.
As an aside, it occurs to me that if I did have an iPhone, in-so much as Apple is able to realistically control, I'm not allowed to watch porn or download torrents on my own damn device. Obviously that's not broadly true because of the web and esoteric workarounds, but because the one true app store is the only one, and Apple is the arbiter of what goes in there, I would have Ned Flanders staring in my window at all times. The main difference on Android for these specific cases, is that the Play store doesn't ban torrent clients, and I can install any apk I want. The OS enforces a certain amount of security granularity, and I hope that improves, but I'm not subject to Google's opinion if I don't want to be. Does this not seem ridiculous to people who go with iOS?
Edit: To be clear, I'm not complaining about my real constraints, because I've already and always voted with my wallet and not bought an iPhone. They're very nice hardware though.
What's the going rate for an Android vuln? The FBI paid ~$1M for an iOS one. Android has a lot more malware, unpatched old installs, etc., and there are myriad ways to attack email and web accounts, so my guess is the marketplace for iOS is on a whole different level.
Illegal things are harder to do on phones because the app stores act as enforcers in a way that desktop OS vendors don’t. Most people don’t sideload or jailbreak.
Android's hardware is extremely fractured with the majority of the devices sold being cheap and missing the good features, including hardware security.
Apple's phones are more homogeneous. Certainly a larger percentage of Apple users have a Secure Enclave than Android users do.
These type of stories are up voted without being read because, despite intimations that iOS users are hipsters, the real hipsters are people who use Android because of some imaginary freedom. Most Android users don't care about fake hipster stances and just want a cheap phone. They are not willing to pay for security and they have none as any moderately talented hacker can own an Android easily even if the user only uses apps from Google's walled garden due to carrier foolishness. Pretty sad to see HN so taken in by this nonsense.
While I admire the hacker spirit behind this, and can definitely respect that people want working firmwares on perfectly good hardware...
What these people will eventually discover is that, unlike Android, which was based on open-source from the get-go, they will meet the wall where they will find issues they simply cannot solve.
They should look into porting Android to iPhones instead.
- Worried about Google? Android is bad. Google collects your data.
- Worried about the government? Since Google must obey warrants for your data, Android is bad.
- Worried about malicious third parties? Since Google has failed to patch even the Pixel line for KRACK until the December update... yeah, Android is bad. And malware through the Play Store that hits large numbers of devices is quite common.
To be clear: I greatly dislike iPhones. But Apple controls their store with a quality approval methodology, they patch all of the devices on their platform promptly going back a number of years, their business model is not built around data mining, and their privacy features have frustrated and irritated the government.
I dislike the iPhone, but if you want privacy and security, you should get an iPhone.
Android's system security design is inferior to that of iOS.
But, iOS's superiority (a) derives in significant part from Apple's total control over the hardware platform†, and (b) comes at the cost of a lot of user control tradeoffs that nerds like us tend to hate.
Really, to suggest that Android's security is at parity with Apple's, you'd have to be arguing that Apple does a terrible job at exploiting their inherent advantages of control over hardware and control over what's allowed to run on the platform. Apple does not do a terrible job at those things.
† Yes, Google controls some of their hardware, but they have an ongoing support requirement for a lot of hardware they have no control over at all, and will have that requirement forever, which limits their options.
Yes because most people really care about root access. Are you really saying that the current state of PCs and Android to a lesser extent with viruses, ransomware, etc is better for the average user?
I download things silly nilly on iOS because I trust the sandbox. I won’t download random crap on my computer.
Apple has less than 20% of the mobile phone market.
I don’t believe you’re arguing in good faith because you ignore my responses and keep repeating the same demands for data. Is there any data in the universe that could wobble your staunch view a little bit? What would that data look like? I digress.
I use both platforms daily. I’ve been working on smartphones since they’ve existed. I live and breathe them. Android has some great upsides, but security is definitely not one of them. Six years ago at a previous employer we had cardboard boxes full of completely bricked android phones from the Triada Trojan.[0]
I have never seen anything like that on an iPhone. I can’t even recall witnessing a bricked iPhone (sans hw failure), but I won’t deny the possibility.
Sorry - it's a question that's worth asking. If everyone was assaulting each other with wrenches, we'd declare martial law - the constitution isn't a suicide pact. If Android is the hottest smartphone OS in the US right now (and it is), why are the app attachment rates so low?
As a console game developer whose friends have developed iOS and Android apps that have seen huge download and play numbers (as measured by leaderboard submissions) but have seen almost no purchases, I have zero interest in developing for either platform.
reply