I dunno if I just haven’t kept up with the arguments on this but they’ve brought up a couple points I’ve never heard before:
Since Apple signs the app, they can modify the app at the behest of a government.
Though unlikely, I understand this point as creating the potential for a MITM attack. Surprised I hadn’t thought of, nor heard this before.
So, say Apple counters with “we would sooner pull the app, rather than modify it…” it leads to the fact that their App Store monopoly prevents users from installing secure communication apps that the App Store’s potentially host government would not allow.
E.g. vpn-type apps to get out of China’s GFW.
That gives… I’ll say “Linux kernel based devices” to including the niche phones, an edge for allowing the option, but not the obligation, to install something out of band.
Users don’t have to do this. They can feel free to CHOOSE to live in walled garden land, in fact most do. I know I do (I’m on iOS).
I hate to bring the crypto world into this, but there was a phrase used to disparage Robinhood’s initial crypto support.
“Not your keys, not your crypto”
I think the spirit of that idea can sort of sum up most of these security objections pretty well.
> The deeper problem is that Apple has created a framework that encourages surveillance capitalism. Developers who finance their apps by monetizing user data do not have to pay any fees or commissions whatsoever. Meta, for example, can distribute WhatsApp through the App Store without paying a single cent, while apps with a privacy-friendly business model are forced to pay up.
This I totally agree with. The rest is just a belief that Santa Claus will bring a pony for Christmas, and the DMA just doesn't go that far.
> When users download Threema for Android from the Threema Shop, they only have to place a certain level of trust in us, the service provider, not in any third party. The app they download is signed by us, which allows them to verify beyond a doubt that it hasn’t been tampered with by anyone and that it behaves as intended.
> When iOS users download an app from the App Store, on the other hand, they receive a file that’s signed by Apple. iOS developers can’t sign their own apps. As a result, it cannot be ruled out that Apple alters an app after its developer submitted it. For example, Apple might make specific modifications to certain apps in some countries at the request of the respective government.
And Threema or FooCorp or whoever might make modifications at the request of their investors; or whoever they sell their app to might do it, like we see with the Chrome store. The fact is I inherently trust Apple more than I trust Threema or FooCorp, it’s why I personally bought an iPhone.
But it's the about the number of people in that chain. In addition to trusting Threema or FooCorp, because of the app store, you also have to trust Apple not to mess with it. It would be better by not having to trust everyone along the chain by just having a shorter chain.
[+] [-] atlas_hugged|2 years ago|reply
Since Apple signs the app, they can modify the app at the behest of a government. Though unlikely, I understand this point as creating the potential for a MITM attack. Surprised I hadn’t thought of, nor heard this before.
So, say Apple counters with “we would sooner pull the app, rather than modify it…” it leads to the fact that their App Store monopoly prevents users from installing secure communication apps that the App Store’s potentially host government would not allow.
E.g. vpn-type apps to get out of China’s GFW.
That gives… I’ll say “Linux kernel based devices” to including the niche phones, an edge for allowing the option, but not the obligation, to install something out of band.
Users don’t have to do this. They can feel free to CHOOSE to live in walled garden land, in fact most do. I know I do (I’m on iOS).
I hate to bring the crypto world into this, but there was a phrase used to disparage Robinhood’s initial crypto support.
“Not your keys, not your crypto”
I think the spirit of that idea can sort of sum up most of these security objections pretty well.
If I’m not allowed control, it isn’t mine.
[+] [-] Kon-Peki|2 years ago|reply
This I totally agree with. The rest is just a belief that Santa Claus will bring a pony for Christmas, and the DMA just doesn't go that far.
[+] [-] nozzlegear|2 years ago|reply
> When iOS users download an app from the App Store, on the other hand, they receive a file that’s signed by Apple. iOS developers can’t sign their own apps. As a result, it cannot be ruled out that Apple alters an app after its developer submitted it. For example, Apple might make specific modifications to certain apps in some countries at the request of the respective government.
And Threema or FooCorp or whoever might make modifications at the request of their investors; or whoever they sell their app to might do it, like we see with the Chrome store. The fact is I inherently trust Apple more than I trust Threema or FooCorp, it’s why I personally bought an iPhone.
[+] [-] fragmede|2 years ago|reply
[+] [-] syrrim|2 years ago|reply