[netcan]

I think you might have trouble really maintaining squeaky cleanliness.

The 'average user' still might want or need Google Voice, Opera, or something she needs for work. She sees it on someone else's phone, she asks how you get it. The tell her: Go to preferences, untick 'allow only app store apps', click OK after scary warning, download app to your PC, follow installation instructions... The iphone just got a bit more difficult. People outside of the top 5% users will be exposed to this stuff, on their phones or on other people if it is available and semi-sanctioned.

Precisely because Apple is heavily censoring and annoying developers in the app store, average users are likely to want non-app-store-apps. Maybe even more on the iPad.

This power user who is a programmer vs average user who log in to facebook via readwriteweb is not really a useful description of the world. Most iPhones are in in between hands.

[tjogin]

> The iphone just got a bit more difficult.

And a bit more dangerous. Malware lies not far down this path.

I think Apple is even more concerned with malware than they are with the difficulty part.

[pyre]

The AppStore approval process does not guarantee that something is not malware. At best it's just a superficial filter. It's like creating a mail filter that puts any email that contains the word 'viagra' into your spam folder and calling it a 'spam filter.'

[tjogin]

Unlike the non-functioning spam-filters you speak of, the AppStore approval process actually has a flawless record of keeping it out.

Now, I'm not saying that's squarely because of the diligence of the reviewers. Most likely, it's just as much or more because there's a paper trail from every app to its publisher, a long with the fact that someone is at least going to make a cursory review of the app before giving it the 'OK'.

One of these, or all three in combination is keeping malware out of the AppStore. Whichever, the end result is that the AppStore review process is stopping malware extremely well.

[pyre]

> Unlike the non-functioning spam-filters you speak of, the AppStore approval process actually has a flawless record of keeping it out.

Those non-functioning spam-filters also kept spam out when all you had to filter on were the words 'real estate,' 'viagra,' and 'cialis.' Lo and behold though, the world does not stagnate and those same filters are woefully inadequate today.

> Most likely, it's just as much or more because there's a paper trail from every app to its publisher

There are marketplaces out there where a person's entire identity (not just their credit card number) are bargained and traded. How closely does Apple monitor the information that is given to them? Does Apple continually pull credit reports on people to make sure that their information does not turn up stolen?

> a long with the fact that someone is at least going to make a cursory review of the app before giving it the 'OK'.

That cursory review means nothing. There are many apps which are nothing more than wrappers around websites. How long does it take to to build an app that is such, but waits for a trigger (at some point after the app is approved and has an installed base) to enabled its malicious features?

None of this even addresses possible zero-day exploits in apps that access external content (email worms, browser exploits, etc). If jail-breakers can run unsigned code on the iPhone, so can someone that exploits an app.

[tjogin]

Fact remains: no malware on AppStore.

[pyre]

Absence of malware does not prove that the AppStore model is superior. It just proves that there is currently no known malware. It is much easier to disprove something (i.e. find malware on the AppStore; therefore the model is flawed) than it is to prove something (i.e. there is no malware on the AppStore; therefore the model is perfect).

[ZeroGravitas]

Flawless record? What about all the ad-supported apps where the new ads suddenly started calling premium phone numbers if you accidentally tapped the ad.

[mechanical_fish]

Unfortunately, that exception kind of proves the rule. Apple left in a loophole - they kind of had to allow apps to link to arbitrary external content without registered authors - and, lo, through the loophole comes malware.

This, alas, is why I'll probably have to keep buying computers instead of just the iPad if I want to run emacs or other user-scriptable apps. To the extent that it is possible, Apple wants every line of code on the phone to be traceable to an author and revokable in case of trouble.

The exception is the web, of course. Apple's browser supports everything; if you want arbitrary power, write one of those web apps we've heard so much about for the last decade! We who aspire to use emacs on iPad now need an HTML5/JS version. It's like being boiled in our own Kool-Aid: people have been claiming for years that web apps can eventually replace all other apps, and now the rubber meets the road.

[ZeroGravitas]

Isn't this the same old DRM/Terrorism loop where every breach of the pointless and/or ineffective restrictions is used as justification for the next round of pointless and/or ineffectual restrictions. And along the way you the honest consumer/citizen lose the ability to modify your device, to reverse engineer, to crack protection for any reason, and various other 21st century civil rights as collateral damage.

[theBobMcCormick]

That makes about as much sense as athletes who believe their winning streak is caused by their "lucky socks" or some such. By that logic, the lack of review process in the Android market has also had a flawless record of keeping out malware.

[pyre]

The issue being that some "Apple unapproved" apps are useful to people outside of the 'top 5%' but not useful to Apple's bottom line.

[netcan]

At the moment Jane never has to have her son help her with her phone the way she does with the PC. She knows how to do everything, even if she never does it. Even without any direct bottom line issues (eg avoid voip takeover), I think this might be enough to motivate Apple.

[tensor]

Somehow mac laptops remain functional and malware free despite not being locked down by apple. They've remained this way for many, many years. I'm not sure how much more real world evidence you need that this argument is not good.

The truth is that Apple does it to maintaing market control on their software, not for some altruistic "malware prevention" goal.