The worst thing is, people have this belief that Apple is somehow protecting them, so they offload the critical thinking to Apple and lower their own guards. For example, a person thought he was getting a legitimate Bitcoin wallet app, but turns out it was a fake and he lost his life savings [1].
edit: to be clear, I'm not blaming Apple for not stopping these scams, at their scale, it's just practically impossible to stop every scam, but by making their unrealistic promise that everything on the app store is safe, they are misleading people into this false sense of security.
> I'm not blaming Apple for not stopping these scams
Why not? You should blame them. They have positioned themselves as the gatekeepers. Why? To extract profit from application developers. However, such a powerful position also comes with expectations and responsibilities. They should absolutely not be allowed to get away with gross negligence.
We absolutely must blame them every single time they fail to keep malicious software out. They are responsible for that man's losses and should fully indemnify him. Had they not approved that software, it would not have happened.
Nobody cares about their "scale" or how "difficult" it is for them to determine what is and isn't malicious. They have assumed that responsibility by gatekeeping their devices and therefore any failures are directly attributable to them.
Apple's 30% cut suggests to an untrained observer that for every seven hours of coding you do, they could do three hours of verifying that your app is not a scam. What happens instead is, I guess, robo-verifier spends 2 milliseconds. Ka-ching!
I agree, I think they should help him, but I also think it would open a whole can of worms.
The fact is, no matter how much time/energy/effort they spend, they will never eliminate all scams, scams would just become more and more sophisticated. This doesn't mean, they should just give up, but having been through the review process, they are already doing quite a bit.
So that would mean, they will make it much harder for apps to get approved in the store (and it's already a very painful process), so you'd only end up with apps from large developers which is not ideal.
We are seeing a similar dynamic with Youtube which has become rather "ban-happy" as in they don't want to take risks, so would rather ban content than try to reduce false positives, because at a certain scale, you just can't identify content with good precision/recall.
Absolutely. Apple should be afraid of holding the gatekeeper position. Anyone should.
When people can install and use whatever they want, safety becomes their responsibility. They should open up their platform and let people do their own due dilligence. If they assume that responsibility and then neglect it, they absolutely can and should be blamed for any problems.
Something does not have to be perfect to be useful; a filter that throws out 50% or 90% of malicious trash is very useful even if a lot of malicious trash gets through.
The appropriate metric for safety of an app store is not whether you can get attacked, but rather how many users - proportional to all users - get attacked every year.
So why would someone release malware in f-droid, when the user base is not your average joe and would likely know how to counter or detect any attacks?
This is the second person in this thread to think using an open source repo as an example carries weight. There are less users, therefore less malware is released here in the first place and then there’s less load for the malware filters for that that does get through.
Because it's technically the same as GNU/Linux repositories (i.e. relies on community and FLOSS). Therefore, one can expect that when it grows, and average Joe starts using it, there will be no huge inflow of malware in it.
> But we have historically seen issues with those repos haven’t we?
I've been using Linux for at least 10 years and I have never received malicious software from distribution repositories. For some reason, malware just doesn't make it into the repositories.
This is called market penetration. Look around, how many linux “desktop” users do you see? Who would you rather own, a few hundred million devices or a few 10 thousand?
So if we followed this logic, and reversed everything that wasn’t 100% perfect, so you realize how far back in human history we’d be propelling ourselves? There is not a single gov program, law, corp, anything on this planet that is perfect, except maybe the planet itself.
Yes and likewise, car manufacturers should remove seatbelts and airbags. They simply encourage reckless driving, and by giving the false sense of security / assuming the gatekeeper role, they should be liable for any accident.
I don’t think any one of my less technical friends has any belief that the App Store is infallible or even mostly secure. Apple doesn’t advertise it much, and if they did I’d be happy to call that a mistake.
I have no ties, other than owning a few of their devices. I think you should up your prior that there exist people who generally think this is ok.
I think about 0 out of the first 100 people I know that I think of have heard any version of those claims (maybe 5 now since a few read HN). It’s probably not even a top 10,000 trafficked page on their site.
Do you have any ties against apple or for a competitor?
Car manufacturers are going to face the liability issues when they try to sell "self driving" cars. Volvo has for example ack'ed this in public years ago.
You absolutely cannot, unless you have an open ECU to begin with. Typically this is only sporty type cheap cars (evo, wrx). But even if you were to take on such and endeavor the difficulty of such a task and the knowledge requirement will scare off the unexperienced
Flashing your car's ECU is illegal. Or more specifically, federal and state laws make it illegal to operate an automobile on the open road or highway after you've altered a vehicle's emission control devices (which includes the ECU).
The Apple review process is not in any way equivalent or even similar to seat belts and airbags. Not even the government can be fully blamed for bad drivers since people don't actually need a driver's license in order to drive.
Punishing companies for adding protections to their products is an insanely backwards incentive. May as well turn off sandboxing, and lock screens. If they ever break, it’d be a liability!
Nah. If you're gonna set yourself up as the ultimate arbiter of what I can run on my device, you are absolutely to blame for any harm that comes as a result.
Protections? Encryption is protection. Address space randomization is protection. This Apple review process? This is just humans failing to do what's expected of them. Also known as negligence.
there’s a lot of faulting apple here, when you point out it’s a “humans failing”. Does this mean you understand the process completely and you can do better?
I think what Apple _could_ do is insure that there is a real person that can be held accountable by law enforcement in the users jurisdiction. That way a user has some legal recourse in the event they are wronged.
Nobody wants Apple to be judge and jury, we have judges and juries for that, but it would be nice if they could tell us who to go after when we have to.
If they can't do that, I don't think its unreasonable for us to ask Apple to be responsible any losses, then let Apple seek compensation for their losses from the app publisher.
The real solution I see would be to charge money for listing apps in the store. And not small money, but significant, non-refundable fees. Enough to actually check and verify the software by competent humans and also just to make scams more expensive (you would need to pay $5-10k upfront, like Google requires for certain Gmail apps).
But I don’t like that kind of approach, so therefore I would be careful in demanding Apple to fix the problem. Any fix they come up with, would likely cause troubles for small players.
A solution is to make systems secure enough that any user-level code or app either can't do malicious things, or needs to be explicitly granted fine-grained permissions to access a user's resources.
Sandboxing is a step in the right direction, as are various levels of things like code signing and even Windows Defender-esque systems that maintain lists of known malicious apps, authors etc and prevent them from running.
It also helps not to have an easy monetization scheme for malicious actors, either. Making it easy to give them money, and even sign you up for fraudulent subscriptions so you keep giving them money, is a mistake.
An actually user-friendly system would look at the apps that you're making payments with, and ask whether or not you want to keep subscriptions that you don't appear to be using much. This doesn't happen, though, because it is in no one's interests but the users' to help save them money.
And as the article points out, Apple’s marketing coupled with fake ratings and reviews that plague the App Store can “create the perception for the public that they are safe downloading an app or buying a product and engaging in content that other people have found valuable” (emphasis mine)
So, enlighten me, how does another app store increase safety if Apple is writing the APIs used by the other app stores? clearly it doesn’t, it just provides options for more of the same. so then I wonder what the point to all of this is, and the only idea that comes to mind is a bunch of tech savvy android users really want to use iphone but can’t/won’t until there’s additional gatekeepers, err i mean app stores.
We're just rolling our eyes that people actually believe that the full control apple wants over their products has anything to do with security.
It's the most profitable course of action, that's all there is to it.
But to address your question: if apple allowed other stores, they could be significantly more picky about what's allowed on their store. This would consequently increase the security for people only using the official store.
This is obviously a no-go however, as that would be less profitable then the current situation.
I’m still failing to see the hand wavy logic that results in them being more picky if there are more stores. garbage apps (apps providing no real value but are otherwise safe) are not the problem. malware is. so they’re somehow being less picky about malware being on the store yet increasing the quantity of stores will allow them to remove more malware?
also you do understand businesses need to make profit, and keeping their customers happy is definitely the right way to do it in my book. so given your logic here, how do you explain all of the other privacy features apple gives away for free?
I have sympathy for the person in this story, but I think shifting the blame to Apple in this case is ludicrous. I'm still somewhat shaking my head that someone went through all of the trouble of using a hardware wallet, and then entered his key words into the first app he downloaded.
If anything I think this story is just a prime example of why irreversible crypto transactions are an absolute nightmare for the general public. With the banking system this person would likely have recourse, with crypto it's "Whoops, your wallet key words got stolen, sorry, there go your life savings."
The problem isn't that Apple should be responsible and isn't, the problem is Apple is extremely paternalistic but in a way where it gets all the powers but skirts all the responsibilities.
If the responsibility is too impossible (and I'm fine saying that it is), then their paternalism shouldn't be called out and their reputation knocked down a rung or two. Instead, they get to keep a reputation which is far better than the other megacorps'.
> Instead, they get to keep a reputation which is far better than the other megacorps'.
I think this is what having strong marketing gets you. You can see from the defence on HN/Twitter where most people would be fine with Apple having a control over all their devices and aren't afraid of the growing dominance of a single company.
Totally off topic: that phrasing made my brain skip a beat. I've always seen "called out" used to convey confrontation, especially in a public manner like "He called out Apple on Twitter for their paternalism." Turns out a similarly common use is the more general "to bring attention to" in a positive way.
There is a well established principle that retailers bear some responsibility for what they sell. I doubt Home Depot would get away without liability if they sold a dryer that caught on fire and burned down a house if it was found they had acquired the dryer from a dodgy criminal syndicate.
Especially considering there is a review process, and Apple takes a 30% cut.
If it was an open market (no review process), and they just took enough to cover operations and processing fees, I can see them being blameless, but if you are going to review apps, you need to actually review them.
That’s an interesting parallel, while Home Depot buys their product, in a market place it works differently. As of now Amazon for instance bears no responsibility of what happens with the vendor’s product as long as they have plausible deniability (“paperwork looked good”).
That’s exacerbated when products are counterfeits and legit brands get pissed off, but it would got the same for unsafe products as well I’d guess.
Amazon getting their provisions corrected could make a positive precedent for digital goods as well.
I feel like the difference should be that if you are merely providing a market, then the customer must "belong to" to vendor: at bare minimum, the vendor must know who they are; Apple, however, insists that the customer belongs to them, that the vendor will learn nothing about the customer, and that the vendor is merely providing software to Apple under a license that allows Apple to sell copies of it to their customers... they absolutely should have full responsibility for the things they choose to sell in this scenario. Apple also certainly isn't just checking "does the paperwork look good": they are carefully examining the product, vetting it, and then claiming on their website and in all their marketing materials that customers can feel safe using all of the apps they sell because of this curation, for which they take a handsome cut of the profits. It is all simply ridiculous, really.
The issue here is that Apple is facilitating wire fraud, which is extremely illegal in the United States. The bad actors who created that app are committing wire fraud on an Apple platform, which is of course colloquially known as the App Store.
The problem is that if you are associated with a crime committed in the United States in any way (besides being a very distant third-person witness with no associations whatsoever to the individual), and you are not a crime victim or an individual reporting the crime, you are almost always considered to be an _accessory to the crime_ which is a misdemeanor (go to jail for up to 365 days) or felony (go to prison for over 365 days) state level (has parole for prisoners) or federal level (effectively has no parole for prisoners) criminal offense, which the police will arrest you for and charge you with, while the person committing the misdemeanor/felony gets charged with whatever crime they perpetrated.
For example, if your "acquaintance" shoplifts at a store and gets caught, and you don't stop or report them: you will get charged as being an accessory to a crime and you're going to jail.
Also, if you are involved in an altercation in any way, the cop can put everyone involved in handcuffs and charge them, even if you never got physically or verbally violent.
There are also catch-all laws in the US that one can go to prison for, basically for acting in "bad faith" but never actually doing anything else criminally wrong.
This is why you never talk to the police, ever. They will twist your statements in the wildest ways imaginable. If you get pulled over by the police, you should practice, every single time, saying as little as possible to the officer.
This has never happened to me personally, but, everyone needs to know this: If the police in America start questioning you and it gets into a detailed discussion, you stop right there and say: "No comment: I need to talk to my lawyer first."
> There are also catch-all laws in the US that one can go to prison for, basically for acting in "bad faith" but never actually doing anything else criminally wrong.
As someone who used to be a criminal prosecutor in the US, I would be very interested in seeing citations to whatever statute you are referencing.
As far as being charged as an accessory, you generally need to have known that a crime was or would be occurring, and to have provided some form of assistance. That doesn't need to be direct actions in the act, it could be financial or emotional assistance.
And no one is going to prison over shoplifting unless we're talking about repeat offenders or large amounts of cash. Let alone just happening to know someone who shoplifted and failing to report them.
Having said that, definitely don't talk to the police without a lawyer present.
Of course, but I was responding to the specific claim that Apple "gets 30% for it."
Arguing about the $99/year developer fee is a pointless rabbit hole. You might as well also accuse Apple of selling the developers an iPhone and a Mac for developing the scam app. And then don't forget to accuse the electrical grid operator of selling electricity to the scammers.
Arguing about the $99/year developer fee is a pointless rabbit hole.
No, it isn't - till Apple instituted this practice developers never paid any company for the privilege of creating software and adding value to their platform. Whether the app is free or paid, Apple still makes money when a developer wants to distribute the app on their platform and this acts as another incentive for them to be lax.
You have a serious issue with the concept of scale if you think that Apple, a trillion dollar company, is in any way influenced by a $99/year developer fee. Any possible positive incentive is grossly outstripped by the risk of reputational damage.
Do you seriously think that Apple values the promise of a scammer’s $99 fee recurring next year more then they would value having fewer scams in their store?
They might have think twice if Apple didn't promise to make sure the app store was completely secure. A promise which they realistically can't keep at their scale no matter how hard they try.
Also, this is just one example, the article itself has other ones.
> Apple didn't promise to make sure the app store was completely secure. A promise which they realistically can't keep at their scale no matter how hard they try.
They did. This was literally their defense in Epic lawsuit.
Summarized Apple lawyers said: "We can't offer alternative stores because they would be full of scams which would be bad for users. Our store is curated and safe for users.".
For over a decade, the App Store has proved to be a safe and trusted place to discover and download apps....And a big part of those experiences is ensuring that the apps we offer are held to the highest standards for privacy, security, and content."
The page then says this about security:
"Security for every app.
At every level.
We ensure that apps come from known sources, are free of known malware, and haven’t been tampered with at the time of installation or launch."
And this about trust:
"Apps must adhere to our guidelines.
When you download an app, it should work as promised. Which is why human App Reviewers ensure that the apps on the App Store adhere to our strict app review standards. Our App Store Review Guidelines require apps to be safe, provide a good user experience, comply with our privacy rules, secure devices from malware and threats, and use approved business models."*
Yeah. The man who lost his life savings due to malicious iOS software bearing Apple's signature of approval should directly cite this as evidence that Apple is responsible for his losses. Apple should pay back every last penny, his lawyers and more for good measure.
When has Apple made that promise? Where do they make that promise?
No system is perfect, and when you get the realm of people submitting privileged information to third parties, all bets are always off. There is absolutely no way Apple could make guarantees about that. And they don't. Anywhere.
And no, saying that they review apps isn't a promise that it is "completely secure". That is absurd.
Trying for some security and confidence is a world removed from absolute security. The latter is effectively impossible.
This thread is farce. Anything if it gives people an opportunity to ply their rhetoric. It is a reminder that while HN has some good discussions, it has a lot of people who just want to make stupid arguments based on lies.
"But I thought you said TLS was completely secure? How could someripoffsite.com steal my cash?"
> When has Apple made that promise? Where do they make that promise?
From apple.com/privacy:
"Every one of the more than 1.8 million apps on the App Store is required to follow strict privacy guidelines and report how it uses your data. And every app is rigorously reviewed by a team of experts at Apple."
Your private key is used to sign a transaction transfering your bitcoin to our account. We do not share your private key with anyone and it does not leave your phone.
Privacy and security are not the same thing. Also, an app can follow all the privacy and security guidelines and still use dark patterns to mislead and get something from you that you wouldn’t otherwise give up or outright defraud you. I’m sure Apple makes a good faith attempt at preventing that as well but they can’t catch everything.
The words "strict" and "rigorous" do a lot of heavy lifting in setting user (and market) expectations. We programmers are pre-inclined to think in terms of Boolean logic, but the law frequently splits hairs on qualitative value judgments; there is no simple rubric for what counts as "reckless endangerment" or "gross negligence", for instance.
I think it's a given that no one expects any QA or security process to perform perfectly. But there's some fuzzy line past which Apple's process fails to be "rigorous", and whatever that line is (or should be), courts will inevitably contrast the high expectations set by Apple's marketing with these real-world results when considering claims of negligence, liability, false advertising, anti-competitive behavior, etc.
In my opinion, this anecdote is enough reason for Apple to reject any app that purports to be a cryptocurrency wallet or in any way be a secure mechanism for cryptocurrency. There's no practical way for Apple to prove that any app won't betray the user.
Or in the alternative, Perhaps Apple should create a different tier of app review for any apps which claim to facilitate financial transactions (other than purchases, game currencies and microtransactions). This would encompass all apps for banking, investment and crypto. This tier should require a much higher verification of the developer's identity. The iOS sandbox should be further locked down to limit communication only to whitelisted IPs/domains which must all be under the control of the verified developer. And hey, you know what, let's even require the developer to submit the app in source code form.
I remember the early of days of Bitcoin, when Apple was rejecting wallet apps by default. I was honestly surprised that they relented: from consumer safety, to regulatory concerns, to 30% protectionism, they have every incentive (from their walled-garden/theme-park philosophy) to categorically ban on-device wallets.
> There's no practical way for Apple to prove that any app won't betray the user.
This is honestly a fundamental problem with both the App Review model, and the very concept of cryptocurrency (which for the record, I'm positively inclined towards, both technologically and ideologically):
- The Review model because the developer doesn't actually submit code, and static analysis tools can only go so far. Even if Apple started requiring source (opening many thorny IP liability issues), no reviewer can realistically audit every line. Even then, the mere fact WebViews are trivially common means a developer (or a malicious hacker) can always swap out the web backend with phishing attacks, credit card scams, etc.
- The cryptocurrency model because while it tells a story of "trustless" interaction and autonomy, in practice even the most knowledgable techies end up having to outsource trust to developers, firms, and communities. While it tends to be a safe bet to trust a highly-trafficked community GitHub over a random .ru site, (a) it still requires making a trust decision on imperfect information, and (b) non-technical users suffer an agent-principal dilemma when it comes time to make those decisions, which is a prerequisite to actually use crypto-currency. There are many, many shortcomings to the central-banking state currency model; but at least it has a pretty well-defined UX to the average "holder", and some hope of recourse in the event of a scam.
FWIW, browser-based wallets (with or without client-side storage) do exist, and would probably be used more heavily on iOS if Apple were to forbid native wallets. In which case, it's possible the guy who lost his life savings would have gotten scammed by a "trusted" web app instead.
Any reasonable reading of this sentence, while technically it does not explicitly say that it's "completely secure", is that the review process will include security review. It's not without context that this sentence is read, and the history of software tells us what the point of such a review is for protection of the user. Being technically correct is not actually useful when deciding how reasonable people will interpret a piece of marketing material. They are using strong language to give the reader confidence that the apps are safe and they should not be afraid to use them.
Excuse me, they used the words "every one of" and "every app" to describe the purview of their security checks. Is that somehow not absolute enough for you?
As ludicrous as it may be to blame Apple, they have said many times that the cut they take on apps and in-app sales is part of how they keep the platform secure and ensure the privacy of their customers.[0] While it's clear to me that they can't really do that, I don't think we can expect the average purchaser of the iPhone to understand just how far-fetched these claims really are. In my opinion, Apple is giving them a false sense of security that can be very dangerous.
Perhaps if Apple was held responsible for these kinds of expensive mishaps they would be more honest in their marketing. Maybe. And that's kind of the point of this article. :-P
”At their scale” excuses are the worst. It’s one thing that scale will cause a tiny percentage to create a large number of cases. But if it makes the percentage go up, it’s a sign you need to scale back down until you figure out how not to get people hurt. No one forced you to be humongous scale.
What unrealistic promise did Apple make? I am curious when they said the app store is "completely secure" because obviously nothing can be completely secure.
I know they claim it is "the most secure" app store, which I am not sure what they use to back that up, it does seem to be one of the most secure platforms, it has my highest trust but I don't completely trust it.
As others have said I do believe a curated app is is more secure than an un curated one or no app store, but nothing is perfect and there is a trade off for that curation and tight control.
The whole idea behind crypto currencies is that there is no central authority behind it. And so there is no blacklist / whitelist because you need such an authority, trusted by everyone, to create such a list.
All cryptocurrency transfers (between digital wallets) are recorded in a public ledger (the blockchain).
Anybody can read it. But only those with the correct encryption keys to a wallet can write to it (add a record). Once someone steals the encryption key of your wallet A, it can be used to access your wallet and add a record to the public ledger that all the cryptocurrency of wallet A has been transferred to wallet B. This record cannot be changed by anyone.
But since every transaction on the ledger is a public record that anyone can read, one can theoretically track where the cryptocurrency goes from one wallet to another. This can be used to catch a thief by the police. Anyone can create a digital wallet anonymously, but to convert it into real currency you need to provide your real life identity and bank account to a crypto-exchange. This is the point where someone becomes exposed and loses their anonymity, and hence can be identified by the law.
If someone technical enough to have a hardware wallet and "smart" enough to have amassed half a million dollars falls for this scam, I think it tells you more about how much (misplaced) trust they put in Apple rather than how careless they were, but that's just my opinion.
I don't think this is a good argument at all. They'd have to be "technical" enough to write down 13 words when instructed, and they'd have to be "smart" enough to happen to be early.
So basically no technical or smarts are needed to get to this situation. If anything this suggests the person is your fairly average "dumb" user.
A good friend of mine has ~98% of his savings in BTC since 2015 and know quite a bit of other people with high % of their savings in it. For those that can ignore the short term volatility, who have good incomes as safety nets (say FAANG jobs) to weather any storms, those who don't trust their governments and who are relatively young to recover any large losses, it can be an acceptable tradeoff (needless to say, a very profitable one as well).
You know I used to think exactly like this when I was younger, but nowadays, I realize that putting the burden of understanding technology on the user is very unfair. Just because someone is worth half a million dollars doesn't mean they should automatically know how to identify scam apps...
If you want to play the grown-up card, ok: the grown-up thing to do with half a mil would have it be in the hands of a registered investment advisor at a reputable and insured institution, who is actively growing that money for you using reasonable investment principles based on your investment horizon, goals, and comfort level; and not pissing it away on the latest hype cycle. But that is only because I lived through the silver boom & bust, the mortgage bond scam, the junk bond scam, the S&L scam, the first commercial online investment platforms, the dot com bubble, the second mortgage collapse... and Bitcoin* is more of the same.
* I said "Bitcoin" and not "cryptocurrency" intentionally. Because the jury is still own on the latter, but the former most certainly will not be the CC of the future IMHO due to its massive privacy shortcomings, among other things.
It provides an electronic and secure mechanism to store your private keys and sign transactions, while retaining confidence that your private keys will not be compromised while using the device. Think of it like a YubiKey. It’s not all that different.
It also enables you to export those private keys so that you can keep a backup in the event of a hardware failure, because all hardware eventually fails.
It doesn’t lock you into their platform / ecosystem exclusively. It doesn’t prevent you from using that backup elsewhere.
This is called blaming the victim. It takes a lot for someone that got scammed to come forward publicly with their story. And it helps others not get scammed too.
Trezor advertises itself as the most secure way to store bitcoins, yet he lost all his bitcoins. Not sure how you concluded I'm blaming the victim here.
> A person thought he was getting a legitimate Bitcoin wallet app, but turns out it was a fake and he lost his life savings
I guess I'm victim-shaming here, but using mobile apps for large financial arrangements, no matter how trustworthy the app claims to be is a bad move. For this type of stuff you would use a clean computer with no known malware present, and use a privacy-aware browser like Firefox or Brave preferably with `HTTPS Everywhere` addon installed with the EASE feature turned on to avoid plaintext leaks / traffic going over HTTP.
Which is why I said: "for large financial arrangements"
Large transactions need extra special care. You need a trusted device with a trusted OS and a trusted browser, preferably with `EASE` turned on in HTTPS Everywhere so plaintext secrets can't leak out of your machine. You also need to vet the HTTPS Everywhere extension and ensure it came from the official addons site. You would also harden the OS. Using Linux is preferable over Windows 10 since Windows is targeted heavily by malware gangs.
You don’t need to do any of this if you’re using the traditional financial system. The most you need to do is make sure you don’t get tricked into wiring to the wrong address, which is a much lower bar.
I'm not sure that trend holds. Most banking apps let you send tens of thousands in one go. They're very aggressive with the "are you sure?" question in my experience though.
Yes mine let's me put in a limit. I have set it to a low €500 since I rarely do large purchases in webshops.
At the end of the day people are responsible for not doing business with shady stores or people. But the idea that a single QR code can empty my entire account is sobering...
Yes if you are dealing in small amounts that you wouldn't mind losing to fraudulent apps, then do it, but read my previous comment about locked down machines if dealing with very large transactions.
"For over a decade, the App Store has proved to be a safe and trusted place to discover and download apps."
"Every day, moderators review worldwide App Store charts for quality and accuracy.”
"Dedicated to trust and safety.”
"Apps must adhere to our guidelines.”
"From more videos to rankings and reviews, there are loads of ways to help you pick the app that’s right for you.”
"ensuring that the apps we offer are held to the highest standards for privacy, security, and content. Because we offer nearly two million apps — and we want you to feel good about using every single one of them."
"When you download an app, it should work as promised. Which is why human App Reviewers ensure that the apps on the App Store adhere to our strict app review standards. Our App Store Review Guidelines require apps to be safe, provide a good user experience, comply with our privacy rules, secure devices from malware and threats, and use approved business models."
Apple themselves seem to be intentionally breaking the App Store at times. From the article:
> Apple used to have a button [1], just under the ratings and reviews section in the App Store, that said “report a problem,” which allowed users to report inappropriate apps. Based on discussions among Apple customers on Apple’s own website [2], the feature was removed some time around 2016.
Why would they remove the ability for people to easily report apps?
>Why would they remove the ability for people to easily report apps?
Presumably for a reason. I don't work at Apple, so to spitball some possibilities:
* The "report a problem" button was being misused and had worse signal than other metrics Apple added.
* Legal or Public Relations pressed to remove the button because only a portion of reports were actioned (possibly because of the above point) and it was causing legal/reputational damage.
Not sure about other newer "force-touch" devices but on my iPhone 6s (which is running the latest iOS 14.6), I am able to force touch a review and get a "Report concern" option along with "Helpful"/"Not-helpful":
> Why would they remove the ability for people to easily report apps?
Reasons could be:
- nobody uses that button
- people use the button, but mostly not for its intended purpose.
I would guess a fairly generic “report a problem” button would attract lots of messages of type 2. I can see people complain there about missing features, ask support questions, etc. I would bet that, to many, it wasn’t clear that button let you send a message to Apple.
This stuff happens despite the tight control, not because of it. If it was uncurated, it would be a cesspool like the Google play store (or ...shudder... the "competing" stores).
Having a paid app that reads QR codes is not necessarily a scam.
The article admits that 2/3 of the apps they reported were taken down.
The article claims: "If consumers were to have access to alternative app stores or other methods of distributing software, Apple would be a lot more likely to take this problem more seriously"
Yet then says: "Apple isn’t the only company that struggles with this issue: They’re also on Google’s Play Store, which is available on its Android mobile operating system. But unlike Apple, Google doesn’t claim that its Play Store is curated."
...so lack of competing stores or presence of (imperfect) curation is not the cause, because Google did not even begin to attempt to solve this problem. Play store apps, unless proven otherwise, are generally malware you carry with yourself every day, with potential access to everything in your device because the OS is nowhere near locked down compared to Apple counterpart. Hell, most Android devices ship with undeletable malware from vendors etc.
Apple model is broken, but it is the least broken out there. Instead of admitting that, article tries to be a hit piece trying to make the Apple model look worse for the ongoing trial.
The article is arguing that the veneer of safety implied by Apple (above and beyond other stores) might make users more susceptible to fraud because they are more likely to believe the apps are all safe. They might be more cautious with other stores that don't offer that protection. Whether this leads to more actual cases of fraud would require a real study to be done.
The reason I disagree with this argument is that it boils down to "tons of scams are better than a few sophisticated scams because users are more wary."
Users themselves have various levels of sophistication, and unsophisticated scams have plenty of victims.
The only reason I disagree with your disagreement is because Apple is making money here, and they have every incentive to turn the other cheek. Their entire business model is based on driving user interaction and spending, so I don't think they're the most trustworthy party to audit the App Store. That would be like if we let the President decide which news channels were allowed to broadcast at the beginning of their term.
If we restrict Apple's incentives to be purely monetary, then we have to wonder if the reputational damage is less than their cut of users being scammed.
I would argue that the reputational damage is worth more, strictly monetarily. Apple is an incredibly valuable brand, estimated in the hundereds of billions of dollars[0], and they are understandably protective of it. If <2% of the top 1000 apps are scams (from the article), and Apple periodically catches scams and helps unwind them (2/3rds of the apps the Post reported were removed), I don't think Apple is making all that much money here. Remember that Apple does't keep its 30% cut when a transaction is refunded.
The reputational damage is worth more only if there is reputational damage to begin with.
There may have been some smaller isolated stories in the past, but the truth about App Store scams is really only now coming to light - and so Apple’s calculus might be changing.
I don’t think it’s unreasonable for Apple to know who is publishing apps and making money off them in order to facilitate law and order in cases of flagrant illegal activity such as this, and for users to assume there is accountability that deters the behavior.
> Play store apps, unless proven otherwise, are generally malware you carry with yourself every day, with potential access to everything in your device because the OS is nowhere near locked down compared to Apple counterpart.
I'm sorry but this is complete bullshit. Your data on Android appears to be about a decade old.
But seriously, Apple postures for control. They have a death grip on our industry, and it's up to the DOJ and legal system to rend it asunder.
Apple does not deserve to have a singular App store with tight controls. It's not their right. And they've proven the sort of anticompetitive antics they choose to take when they have such power.
> Apple model is broken, but it is the least broken out there.
This would almost be true if users weren't forced to use the App Store to install native apps in the first place. If I had a choice to use a store like F-Droid on my iPhone, I wouldn't be complaining. However, being forced to use a broken system is still a complaint, even if it's marginally more secure than it's competitors.
You're forced to use the least broken system... if you choose to do so. Apple is only making you use it to the extent that you decided to pay money to Apple instead of an Android manufacturer with that alternative option.
Then go use android? apple isn't the only phone & store combo out there and allowing 2rd party app stores takes away a lot of the value prop - there is a reason i like having the non tech literate and susceptible to scams in my life use iphones. its not perfect but it's sure better than the play store.
That's a strawman. I'm not criticizing Android here, we're talking about Apple's responsibility to the consumer. As someone who owns several Apple devices, I can truly and honestly say that my life would be unequivocally better if I could install custom IPAs to my phone.
Furthermore, Apple trusts the user to decide if Facebook can steal their data: why can't they trust the user to install third party apps? If they don't effectively communicate the danger beforehand, that's their failure. Otherwise, Apple is just locking off functionality to me, which is insulting considering I pay a premium for their devices that I expect to be recouped on the software side of things. That's their business model, if you don't like it then you should argue with them, not me.
They don't trust their users to not install pirated apps. It's part of their revenue scheme - if you could install third party IPAs, you could download cracked versions of Apple Arcade apps or apps that bypass the in-app purchase system and don't give apple their 30% cut of digital content. It's the same reason Xbox and Sony restrict you to their stores, Apple's revenue model is just set up to extract more money overall instead of 99% on the backend like consoles do.
Just to be clear about your argument, you’re saying that’s a bad thing? Is it wrong for a company to protect revenue—and remember 70% of revenue goes to the developer—from loss due to piracy?
There are plenty of valid reasons to object to Apple’s revenue model, but the avoidance of piracy seems like a bridge too far.
I'm saying that's how it is, I agree with you on that Apple should be allowed to do this to protect their revenue model, even if it comes at the expense of users not being able to run unsigned code/other app stores on iOS.
> it would be a cesspool like the Google play store
I would suggest you use an Android smartphone from the last 5 years before making a comment like this.
I use both iOS and Android devices on a regular basis and both the App Store and Play Store are cesspools. I would go even further and say that the App Store is more obnoxious in that it serves me a half page ad whenever I search for an app.
At least on Android, I have the choice to not use the Play Store. That is not even possible when I use iOS.
> Play store apps, unless proven otherwise, are generally malware you carry with yourself every day, with potential access to everything in your device because the OS is nowhere near locked down compared to Apple counterpart.
Do you have a single fact to back this up, or did you just read it from Apple's marketing?
To be honest, there is not really competition to Google Play in its own niche, but within the FOSS sphere, stuff on F-Droid/IzzyOnDroid is on the whole almost always good quality.
I guess they need to scale the team to meet the demand of apps. Adding headcount reduces profit but the benefit to brand image should compensate enough.
When you're promised no scams and 1.8% of apps are scams (which is way higher if you search for niche things, especially stuff that isn't allowed) then yes that's "teeming with scams."
>This stuff happens despite the tight control, not because of it.
The question isn't weather or not happens, it's weather it's worth the enormous sacrifice of personal computing:
No self hosting dev environments
The dev environments you can find are pretty terrible (often in weird ways you don't notice until you've spent a day working around them.)
Apple decides moderation rules for every chat service with push notifications on the platform. They kick you off the platform if you're not up to their standards.
An extension to the last one is that Apple is able to (and does!) silence political ideas on the platform they don't like. They've gone as far as censoring Xscreensaver on iOS because they don't like the political thoughts people might have watching it. This is a major threat to democracy weather you currently agree with their positions or not.
No innovation is allowed. Want to try a WIMP style GUI? Nope, Apple will kick you off. Even if you don't explicitly violate the rules odd looking GUIs are sometimes assumed to use private APIs and can result in a rejection.
There are many (probably infinitely) more major sacrifices but I'm tired of listing them.
> but it is the least broken out there.
No! Debian and F-droid work extremely well, the difference here is that the community is maintaining the repo and they require everything be done out in the open.
They've distorted our free market into "Apple's market".
They tax ingress to 50% of Americans and don't let you establish a relationship with your customers. Beyond that, they make you dance through hoops to build and deploy software.
It's a travesty that they won.
If this continues, businesses will be paying Apple for customers brought to them by Apple iCar.
Apple's problem with claiming their 30% tax is to do with maintaining quality of the appstore is how comically small amounts of money they spend policing the appstore. At some point one of these lawsuits is going to have to establish how much they really spend, I would be amazed if they were spending 0.001% of revenue on it.
A former colleague of mine put out an iPhone battery extender app as a joke and surprisingly people paid for the app and wrote reviews claiming that this app extended their battery life when the app did nothing other than show couple of graphics. I was amused at the stupidity of the whole thing and I believe he pulled down the app after sometime but the App Store review process is a joke.
In my eyes the trouble with the App Store is discovery is purely via curated lists and search. The problem with surfacing via each of these two methods is the user has to put trust into the system that what is being displayed is reputable and trustworthy. Apple unfortunately has shown that they prioritize monetary return over best-fit for content, which leads to scams like this. Let’s deep dive into the issues with the two formats they display info in.
Curated-list discovery (versus algorithmic discovery such as “top of the week”) tell the user that these apps have been hand selected by Apple for being quality apps. In general though it turns out that these lists are more often lists of apps that make Apple significant amounts of money, changing what Apple is incentivized to display. Take for example the only way they allow discovery of highly rated apps - the “Everyone’s Favorites (highly rated apps)” list: https://i.imgur.com/7D2hvwO.jpg. The top spot is held by Tinder, which currently has a 3.8/5 rating. This list very clearly isn’t a list of highly rated apps, only highly used / large money makers for Apple. We see clearly that Apple prioritizes monetary return over accurate results.
Search is another example of this. Most search algorithms are black boxes - inputs go in, results come out that we expect to be able to trust. Searching for “Samsung” should bring up apps from Samsung, but instead they return mostly free third party apps with IAP up sells rather than the official apps.
Overall the App Store is designed for monetary return, not safety or user trust. Until Apple decides that the long term image / trustworthiness of the App Store is more important than short term gain, I don’t see these issues changing.
If you've spent anywhere near 10 minutes on the app store, you can tell that outside of top charting apps, app store is filled with shit just as playstore is. From overall nonfunctional quickly made pos to blatant copyright infringement evil shit. Fine, I get it it's hard to curate, but let's not pretend then it actually is curated overall. So, Apple, either do what Nintendo did when they started with NES and come hard on QA or stop pretending.
If you bought a product from Walmart that was not only unsafe, but actively trying to scam you - people would sue Walmart.
The claim that 'every app is reviewed for security' should be a giant liability problem.
The store model is a huge winfall of profits precisely because they don't have to do any of this.
Realistically, if we use brick-and-mortar as a reference ... it might very well be that if you want to do something 'commercial' on a platform, literally using Apple's payment infrastructure, there's probably going to actually have to be more rigorous insight. This will cost Apple a lot, and probably cost sellers a lot as well, I can see it costing $X dollars for the review process then $Y for every upgrade, possibly Z days delay in payments and possibly esceleating % whitheld given market size, until AAA+ confidence rating.
All of the ugly things we see in regular finance exist basically for this reason (i.e. VISA chargebacks, bank freezes, paypal holds) etc. etc..
A lot of profits are raised by ignoring these realities.
That’s unclear. A couple of things to consider, both of which are helping scammers currently:
- A lot of users let their guard down because they blindly trust Apple’s marketing, and scammers take advantage of that.
- The fake ratings and reviews are making this even worse by leading people to believe other people have found some of these scams valuable.
I can see how a more trustworthy ratings system and a more honest marketing of the App Store for what it really is, could lead to fewer scams, even if Apple doesn’t control the App Review process so tightly - or doesn’t control it all.
> A lot of users let their guard down because they blindly trust Apple’s marketing, and scammers take advantage of that.
This is the "a lot of scammers are better than a few sophisticated scammers" argument, which I disagree with. Users themselves have varying levels of sophistication (unsophisticated scams work just fine on some people), and there are other mechanisms like chargebacks which can unwind damage after the fact.
> The fake ratings and reviews are making this even worse by leading people to believe other people have found some of these scams valuable.
I have no insight into how well Apple is doing combating fake reviews, but no anti-abuse system is perfect. There is the same question here: would things be worse if Apple didn't police reviews at all.
The App Store is broken but it is the least broken of the app stores.
Not only is the App Store broken, Apple themselves seem to be intentionally breaking it at times. From the article:
> Apple used to have a button, just under the ratings and reviews section in the App Store, that said “report a problem,” which allowed users to report inappropriate apps. Based on discussions among Apple customers on Apple’s own website, the feature was removed some time around 2016.
Why would they remove the ability for people to easily report apps?
It's called government regulation, with true actionable penalties for not enforcing legal mandates. The laws should be enforceable even for open-source type App Stores, and operations that cannot follow the laws should not be available in those countries. Countries must have control over their territories, regardless of whether it is in the physical or virtual world.
If you "created" the equivalent in real life, in a 3D physical, brick-and-mortar sense, the law would generally be strictly enforced, and you would be able to get away with far less. That is, unless you are FAANG, which lobbies the US government--and other governments around the world for laws that give them an extremely huge "competitive advantage" over startups and mom-and-pop type establishments, along with allowing them to be "in compliance" but not adhering to the actual "spirit of the law". The actual spirit of the law is what the purpose of the law is in the first place. It is about affording people inherent rights.
The European Union has halfway decent laws on paper at best, that are extremely poorly enforced. Also, FAANG always finds a way to evade a penalty, anywhere in the world. The EU needs to step up its game, and I think they will, but of course, it will never be quite enough.
Apple asks us to relinquish some of our most essential freedoms in exchange for the promise of safety. If they’re not providing that safety it’s a rotten bargain.
I'd argue that if they can't prove the safety, you're getting ripped off. Apple can point their finger at every third party under the sun, but at the end of the day PRISM and the CCP has it's respective index fingers on their iCloud servers, quietly (and happily) siphoning information from a "completely secure" (unaudited) system.
I'm boggled that Apple lets apps charge a weekly amount for features that have no appearance of new content each week, like a newspaper or magazine would.
This seems like the simplest thing to fix right away.
I'm boggled that the US government lets Apple rake in 30% for commerce on the app store, despite it being only one of two games in town for commerce.
It'd be like only having two options for cars (Ford and Tesla), and forcing restaurants, stores, etc. to pay 30% of their gross revenue to Tesla for their having brought you.
It's truly bizarro world.
Make no pretense. This isn't about protecting consumers, this is about Apple's control. They want to install toll booths onto every road to reaching Americans, and they're defending it like Omaha beach. No browsers, no runtimes, no relationship with your customers.
(I swear to god if I hear the "but Nintendo" argument again... These aren't toys. Apple captured 50% of ingress to US customers and their commerce, and they tightly control and tax it. Illegal af.)
This discussion is definitely about Apple's monopoly on Ios app distribution. If Apple were to let others distribute apps on the platform, people wouldn't complain as much about their broken store. They'd just use the store that they liked better.
That is not what the parent said. If there were more stores, then there would be more consumer options to choose a more trustworthy store from (like F-droid).
Of course, that wouldn't be good for Apple: Apple would inevitably have to throw out some of the legit apps in the course of QA and weather more criticism; Apple would lose that revenue and their vig; and Apple would no longer have as many apps in the app store.
Like Amazon, Apple has demonstrated that they prefer that some of their customers get fleeced, as long as they get their cut.
"1 million apps and untold billions in revenue, but only 2% of the top apps are scammy... you can figure out which ones, because we didn't bother.."
I got scammed too. I got an app for $14/week for some LG / Samsung screen sharing. We were in hotel and I wanted to stream something to TV in the hotel room so I quickly downloaded it. Wine did not help :( The app was charging me for one month. But then it disappeared from the store.
One problem is this weekly schedule: people do not check cc statements on weekly schedule. Also they should sent an iMessage a couple of days before the change.
I get an email receipt each time I get charged by an app, and I believe I even get a “trial expiring soon” email before something starts charging me.
The few times I’ve accidentally left a subscription running I’ve been able to go to reportaproblem.apple.com and ask for a refund and each time it’s worked without any drama.
You're forgetting that Apple makes money every time you spend it. They aren't going to stop serving you drinks inside their casino, and they're certainly not going to warn you before you fleece their pockets again.
So there's this "Wrong Button!"[0] in the app store that just plays a "Wrong" sound clip when you click it. And also it has 5 different ads on the screen, an unskippable ad on opening the app that forces open Safari to view another ad, and a "Share" function presumably so they can bombard your friends with ads too.
Now I thought this was crappy, and I wanted the "Wrong" sound clip as said by Trump, so last week for fun I made a Wrong button that has no ads, plays the actual "Wrong" clip from Trump, and costs $1 as a one-time payment.
I got rejected, because the functionality was too minimal, and they said that I should add features. Hmm. It feels like their approval process is pretty inconsistent, kinda arbitrary. I kinda want to write back to them to figure out what exactly the existing "Wrong Button!" app has that I'm missing, like is ads mandatory? But also I feel like it's not worth my time. Frustrating.
I see what you're getting at. For me, this was a small toy, and websites have maintenance costs while this has none, and that's the tradeoff I prefer at the moment.
I remember how one person spent just a little time and uncovered one scam after another. It wasn’t even necessary to dig deep in every case (e.g. sometimes it was just “look at top grossing charts”). That is why almost any excuse Apple gives is just not good enough: clearly if Apple had even one person working on this full-time, they should have caught this. Who cares about fancy analysis tools or machine learning until they can catch the big, obvious stuff?
We also know from trial documents that they decided ~500ish people was enough to review the millions of apps and app revisions in existence. I don’t even have to do the math and I know that is nowhere near sufficient. Apple clearly is either clueless about this, or does not care, and either one of those is a huge problem. It also means that almost everything they claim about the security of the App Store itself is not true (rather, a substantial portion of the security comes from the OS and device, not necessarily the review).
> Simon Willison, a software engineer and a former iOS developer [...] owns a Samsung television and went to the App Store on his phone to install the accompanying Samsung remote control app called “SmartThings.” An app called “Smart Things” popped up, claiming to be a remote for Samsung televisions. Willison paid $19 for the app. It turns out the app was pretending to the be the genuine Samsung product. His mistake, he says, was an “assumption that the App Store review process was good,” he said. “I held Apple in higher regard than I did Samsung.”
A iOS developer pays $19 for a remote control app on the App Store and defaults to blaming Samsung. Steve Jobs should get a posthumous award for how well his reality distortion field has held up after his death.
I've met quite a number of developers that somehow barely have the skills of my grandma using a PC outside of their daily development tasks. Ive seen multiple help desk tickets back in my help desk days where developers got someone to email saying their PC was broken when it was just turned off.
My point being a developer does not necessarily make this person somehow less susceptible to app store scams.
Hello, I'm that developer. I'm pretty savvy! That's why I agreed to be interviewed for this piece - I wanted to help make the case that even highly sophisticated users can be taken in by this stuff.
Like many comments are saying, policing these even more is not an easy challenge, so to say “don’t trust Apple” isn’t really the right attitude IMO.
But… what I think would be nice to see from Apple is better visibility into those ratings and reviews so users have more to go on than a single number.
Will that alone prevent these from happening? probably not, but this isn’t a fight that can be won with a single battle/weapon.
It sounds to me as if Apple is doing a relatively good job.
The article didn’t give total volume numbers, but 48M USD seems like a drop in the bucket. Only 2% of top 1000 apps? I’d love to see the numbers but I doubt the Play store is even in that ballpark.
Like everyone, I would love to see a world where no one gets scammed. Unfortunately there are humans involved so ¯\_(ツ)_/¯
"[N]early two million apps" and almost all of them are total junk because no one adheres to Apple's Human Interface Guidelines[1]. It's a sea of garbage. Real quality operation you run, Schiller. Every time I browse the App Store I feel like I'm walking through a bazaar. No coherency. No taste. Nordstrom my behind.
