[theBobMcCormick]

I'd actually be O.K. with the restrictions in the App store if there was any non-jailbreak method of loading apps outside the app store. That would allow you to install things like Google Voice, Opera, or whatever if you the user want to, while still providing a squeaky clean simplified view to the average user.

For example, on an Android phone, by default you can only install apps from the Android Market. However, by checking one checkbox in the phone's preferences, you can install non-market apps. Those might be apps you upload using the Android developer tools (if you're a dev), or you can download and install apps from a website, or you can use a third party market (like SlideMe).

[netcan]

I think you might have trouble really maintaining squeaky cleanliness.

The 'average user' still might want or need Google Voice, Opera, or something she needs for work. She sees it on someone else's phone, she asks how you get it. The tell her: Go to preferences, untick 'allow only app store apps', click OK after scary warning, download app to your PC, follow installation instructions... The iphone just got a bit more difficult. People outside of the top 5% users will be exposed to this stuff, on their phones or on other people if it is available and semi-sanctioned.

Precisely because Apple is heavily censoring and annoying developers in the app store, average users are likely to want non-app-store-apps. Maybe even more on the iPad.

This power user who is a programmer vs average user who log in to facebook via readwriteweb is not really a useful description of the world. Most iPhones are in in between hands.

[tjogin]

> The iphone just got a bit more difficult.

And a bit more dangerous. Malware lies not far down this path.

I think Apple is even more concerned with malware than they are with the difficulty part.

[pyre]

The AppStore approval process does not guarantee that something is not malware. At best it's just a superficial filter. It's like creating a mail filter that puts any email that contains the word 'viagra' into your spam folder and calling it a 'spam filter.'

[tjogin]

Unlike the non-functioning spam-filters you speak of, the AppStore approval process actually has a flawless record of keeping it out.

Now, I'm not saying that's squarely because of the diligence of the reviewers. Most likely, it's just as much or more because there's a paper trail from every app to its publisher, a long with the fact that someone is at least going to make a cursory review of the app before giving it the 'OK'.

One of these, or all three in combination is keeping malware out of the AppStore. Whichever, the end result is that the AppStore review process is stopping malware extremely well.

[pyre]

> Unlike the non-functioning spam-filters you speak of, the AppStore approval process actually has a flawless record of keeping it out.

Those non-functioning spam-filters also kept spam out when all you had to filter on were the words 'real estate,' 'viagra,' and 'cialis.' Lo and behold though, the world does not stagnate and those same filters are woefully inadequate today.

> Most likely, it's just as much or more because there's a paper trail from every app to its publisher

There are marketplaces out there where a person's entire identity (not just their credit card number) are bargained and traded. How closely does Apple monitor the information that is given to them? Does Apple continually pull credit reports on people to make sure that their information does not turn up stolen?

> a long with the fact that someone is at least going to make a cursory review of the app before giving it the 'OK'.

That cursory review means nothing. There are many apps which are nothing more than wrappers around websites. How long does it take to to build an app that is such, but waits for a trigger (at some point after the app is approved and has an installed base) to enabled its malicious features?

None of this even addresses possible zero-day exploits in apps that access external content (email worms, browser exploits, etc). If jail-breakers can run unsigned code on the iPhone, so can someone that exploits an app.

[tjogin]

Fact remains: no malware on AppStore.

[ZeroGravitas]

Flawless record? What about all the ad-supported apps where the new ads suddenly started calling premium phone numbers if you accidentally tapped the ad.

[mechanical_fish]

Unfortunately, that exception kind of proves the rule. Apple left in a loophole - they kind of had to allow apps to link to arbitrary external content without registered authors - and, lo, through the loophole comes malware.

This, alas, is why I'll probably have to keep buying computers instead of just the iPad if I want to run emacs or other user-scriptable apps. To the extent that it is possible, Apple wants every line of code on the phone to be traceable to an author and revokable in case of trouble.

The exception is the web, of course. Apple's browser supports everything; if you want arbitrary power, write one of those web apps we've heard so much about for the last decade! We who aspire to use emacs on iPad now need an HTML5/JS version. It's like being boiled in our own Kool-Aid: people have been claiming for years that web apps can eventually replace all other apps, and now the rubber meets the road.

[theBobMcCormick]

That makes about as much sense as athletes who believe their winning streak is caused by their "lucky socks" or some such. By that logic, the lack of review process in the Android market has also had a flawless record of keeping out malware.

[pyre]

The issue being that some "Apple unapproved" apps are useful to people outside of the 'top 5%' but not useful to Apple's bottom line.

[netcan]

At the moment Jane never has to have her son help her with her phone the way she does with the PC. She knows how to do everything, even if she never does it. Even without any direct bottom line issues (eg avoid voip takeover), I think this might be enough to motivate Apple.

[tensor]

Somehow mac laptops remain functional and malware free despite not being locked down by apple. They've remained this way for many, many years. I'm not sure how much more real world evidence you need that this argument is not good.

The truth is that Apple does it to maintaing market control on their software, not for some altruistic "malware prevention" goal.