It's that how many viruses and pieces of malware get around? The user is tricked into installing something and then it goes bad?
Isn't that how most every exploit and virus seen on Android work?
Is that how the problem apps found in the jailbreak app stores for the iPhone work?
Isn't this exact restriction why the worst we've seen on iOS (despite MASSIVE deployment numbers) is social engineering attacks?
I know many people hate the restrictions, but the App Store on iOS has a pretty amazing track record for security (in regard to problem code). Basically the worst we've seen is apps abusing system APIs to get more information than they should and those have been closed relatively fast. No worms, no viruses.
> Isn't that how most every exploit and virus seen on Android work?
Actually, no. Stagefright was about exploiting holes in the parsing of malformed media files (no installation required). Tons of other vulnerabilities were of the form "thing that shouldn't be accessible via JavaScript in the browser/WebView is".
Not that there isn't malware that spreads via installation, but Google's "Verify Apps" service (for sideloaded apps) has been quite effective:
You're not wrong, but don't those same arguments apply to every other device and platform?
Obviously if you prevented people from running non-Microsoft approved binary code on Windows, we'd see a staggering reduction in the amount of malware activity. Is that something you'd endorse?
I consider desktops different than phones. My phone is an appliance for me. I would be pissed if they tried to do it to OS X.
I wrote that as a counter to the 'Windows / OS X does it without issue' line of argument. There are issues. They may be relatively minor (OS X) or very bad (Windows XP), but there is no free lunch.
It's that how many viruses and pieces of malware get around? The user is tricked into installing something and then it goes bad?
Isn't that how most every exploit and virus seen on Android work?
Is that how the problem apps found in the jailbreak app stores for the iPhone work?
Isn't this exact restriction why the worst we've seen on iOS (despite MASSIVE deployment numbers) is social engineering attacks?
I know many people hate the restrictions, but the App Store on iOS has a pretty amazing track record for security (in regard to problem code). Basically the worst we've seen is apps abusing system APIs to get more information than they should and those have been closed relatively fast. No worms, no viruses.