Well, and it's probably all being coded or rebadged by an overseas sweatshop so there's bound to be more spyware in the app store than drops of water in a rainstorm.
Having read the article, I'm sure that iOS has similar spyware. The App Store is spyware by this definition. I would be pleasantly surprised if Apple didn't collect this information on OS X as well. (Although obviously it applies to the app store there as well.)
Almost every app in the App Store, per Apple's guidelines, has tons of spyware in it. Apple asserts that you agreed to this experience when you accepted the TOS of the App Store.
It's impossible to use an iPhone with any popular apps and not be constantly spied on. Insofar as Apple's business model is to make the (full of spyware) App Store successful, it's Apple's business model to spy on you.
But isn't it the reason malicious actors buy legit apps made by small shops to insert what at best is adware/spyware into something that is useful and made a name for itself already?
Or make useless copycats, as Kosta Eleftheriou proved already is a way of choice in the iOS App Store.
The more likely scenario in the long run is that Apple is forced to allow alternative App stores, which will probably be riddled with malware and spyware.
The only thing Apple's control of the app store achieves at this point is keeping out blatant malware. Maybe that alone is worth it but scams and cheap clones abound.
They've improved user security, but the amount of garbage to sift through is terrible.
From my POV, it's like complaining that the seat belt left a bruise after an automotive collision; IOW, missing the bigger picture. I can sort my own garbage, thanks (and that's not to say that you're not right about the quality in app stores). It's easy, and if I screw it up then I've just got a garbage binary taking up space that is otherwise harmless.
But what I grow increasingly tired of is wondering if bad actors have found new ways to make my life difficult before I install that random app. Download from an app store, the app might be garbage, but at least I can be confident that it won't trash my machine. Servers, my dev machine? Sure, I'm willing to put up with a little more rigamorole for more control, etc. But my phone? I don't want to put up with that crap, vetting everything binary that goes on the box. I just want to tap and download, and if the quality of the app sucks, then fixing that is a long-press away.
I know of at least two security researchers that got malware into Apple's App Store.
Given the review process, the odds may be longer that a particular app is malware, but given the size of the store I think it is virtually certain there is still some undetected malware in it.
reply