> In a world where malware is increasingly a problem
I don't see that as the case. There is malware out there in torrent land, sure. But if you acquire software from reputable sources (like a paid app store, referral from a friend, heard about it on a forum like HN, package repository), malware just isn't a concern.
If you put malware on an app store, the world will notice, its rating will tank, and people will stop downloading it. Reputation is the sandbox.
It's funny , for years Apple were all like "Macs can't get viruses!" now they're saying "we need app store lock in too prevent malware!".
I guess there's a distinction to be made between actual malware and software that co-installs crap (Ask toolbar etc) but often end users do not see that difference.
Besides, if something has passed app store verification then surely Apple are happy that it is not malware? Therefor they can be somewhat more lenient with sandboxing restrictions?
>Besides, if something has passed app store verification then surely Apple are happy that it is not malware?
I'm not so sure. What is their process for verifying that an app is not or does not contain malware? If it's simply to run the software and see what it does then they can really only verify that apps aren't immediately misbehaving. What if the app is set to do its misdeeds after the 100th time it is run, or after being installed for a month? There is really only so much a reviewer can do in order to push an app out within a reasonable time frame.
Sandboxing in a way is just as much protection from liability for Apple as it is protection from malware for its users.
>Besides, if something has passed app store verification then surely Apple are happy that it is not malware? Therefor they can be somewhat more lenient with sandboxing restrictions?
It's about minimizing the attack vectors. Sure, Acrobat, for example, is not malware and could be sold in the App Store. But there are tons of viruses and malware that targets holes in Acrobat. If Acrobat was also sandboxed, they could not do much harm.
>It's funny , for years Apple were all like "Macs can't get viruses!" now they're saying "we need app store lock in too prevent malware!".
Yeah, it's funny because:
1) Apple never said that explicitly.
2) It was (and still is true), i.e not that Macs could not technically get viruses, but that they had got no viruses, with the exception of some lame trojans. In all, a minuscule number of OS X Macs were ever affected by anything in the last 12 years, and even those clicked and installed it themselves.
3) All other naysayers, ignoring the practical lack of any real viruses on the platform, pushed for more protection and security measures.
Yes, they did. "Macs are safe and don't get PC viruses" to an expert means "it is possible that attack vectors still exist", but to the general public means "no viruses".
The very next sentence was "a Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers".
Which it wasn't.
As for custom viruses targeting OS X, none had been seen in the wild for a decade (only some trojans did exist). So the general public's assumptions "Macs are safe" was grounded in pragmatic reality.
That something is theoretically possible (e.g a meteor hitting my house) doesn't make it a real threat.
Now, one could argue that an OS X virus is not only theoretically possible but, unlike the meteor example, also easily achievable.
But still, something being both theoretically possible and easily achievable doesn't make it a real threat.
E.g a neighbour setting my house on fire. I'd rather start worrying about it when it starts happening frequently (instead of never).
I don't see that as the case. There is malware out there
in torrent land, sure. But if you acquire software from
reputable sources (like a paid app store, referral from
a friend, heard about it on a forum like HN, package
repository), malware just isn't a concern.
Are you kidding me? Have you missed the large number of browser-based vulnerabilities, from Flashback and MacDefender, to the huge number of vulnerabilities the latest Safari fixed?
Would having a sandboxed app store help with any of these? The point I think he's making is that a curated app store isn't going to be a significant malware source.
I don't think that was his whole point. He's speaking in much broader terms in his first paragraph, which is what I quoted. He does make mention of reputation and the app store specifically in the second paragraph.
Right, but if a malicious JPEG exploits a code execution vulnerability in libjpeg, a malicious Web page exploits a WebKit vulnerability, or a malicious certificate exploits a bug in OpenSSL, proper sandboxing can do a great deal to mitigate the damage. Thus if "most" applications on OS X are sandboxed, the platform and its applications become less attractive targets for those exploiting what are often cross-application, cross-platform vulnerabilities.
Sandboxing is not restricted to the App Store, by the way.
"malware just isn't a concern." - beg to differ. The fiasco over Path (of which I continue to be an avid user) shows that Malware is an issue even in the iOS store. Sandboxing, and absolute limitations over what data any given application has access to, is the future for OS X applications.
Wow. You should get out and talk to the person on the street and what they think about this.
The only reason your sources are "safe" is because they are not the popular ones.
Malware goes after the high volume targets. If your OS has 2% of the market, yes, your binary packages are probably relatively safe.
But the situation is different for the Microsft's, the Google's (Chrome will no doubt be targeted as it gets more popular) and, eventually, the Apple's.
Apple was always safe because it was not the OS of choice for most of the population. It was niche. If you haven't noticed that is changing.
It's funny because some of the stuff I'm working on is, by design, "sandboxed", but I never think of this as it's most valuable "feature".
Sometimes we do not see the obvious. I'm sure in my case I'm missing something, and I think in yours too. Malware is ++huge problem. And there's no solution on the horizon. If your OS relies on people outside the OS developers contributing "apps", which users prefer to download and install as opposed to reading code and compiling themselves, then your "app store" is vulnerable.
A friend of mine recently got a virus. The kind that starts emailing all your contacts. I've seen this happen to family and friends repeatedly over the years. Nothing has improved.
When I mentioned it to him, his comment to me was along the lines of "Yeah, it was especially difficult to deal with because it was a Mac."
It's not easy to get at the innards of anything Apple makes, expecially these days when they are trying as hard as ever to prevent you from understanding how it works. If something goes wrong, you're fsck'ed. Unless of course "Customer Service" can help you. But when you become the next MS, there is no such thing. Customer Service, the human kind, does not scale.
I don't see that as the case. There is malware out there in torrent land, sure. But if you acquire software from reputable sources (like a paid app store, referral from a friend, heard about it on a forum like HN, package repository), malware just isn't a concern.
If you put malware on an app store, the world will notice, its rating will tank, and people will stop downloading it. Reputation is the sandbox.