Hacker News new | ask | show | jobs
by evgen 3114 days ago
You can use alternate Apple app stores, and the fact that limited access and curation of available apps does not in fact weaken security but enhances it is self-evident by comparing the Apple app store with the cesspool that is the Play store and sideloaded apps. You can disagree with the policy all you want, but trying to argue that it has not improved user security just makes you look deluded.
1 comments
cageface 3114 days ago
It has zero effect on security if you leave the switch to enable it off. If you want to stay in Apple's walled garden it's a no-op.
link
evgen 3114 days ago
Given how easy it is to convince people to try to run Javascript in the browser console, just click this link in your email to find out if you won the lottery you didn't enter, or do other dumb things that none of us can believe actually work, the fact that there is no off switch is a major win for the security of the vast majority of Apple users. If you want to help people then create the open-source replacement for these apps and teach them to compile it and sideload it themselves.
link
lallysingh 3114 days ago
.. just transfer your money here? If users are so stupid, protections won't help.
link
johncolanduoni 3114 days ago
Many people understand the seriousness of transferring money. Fewer understand the seriousness of installing random stuff. There’s a reason pop up ads mostly promise to clean your computer, not transfer money to your account if you give them the number.
link
eropple 3114 days ago
When I worked for a medical software company, we deployed to all our customers through an enterprise distribution source. They went to a web page we sent them via email, clicked a thing, and that was that.

To that end, 'evgen's post is extremely important to consider when it comes to malware and phishing. We could do that, and we were the "good guys"--opening it up even further would terrify me.

link
cageface 3114 days ago
Enterprise config for iOS should have the option of disabling this on the device. Doesn't mean ordinary end users shouldn't have the choice if they want it.
link
eropple 3114 days ago
I think maybe we're not on the same wavelength here: we were provisioning to end user devices, through this. Doctors had iPhones? Here you go, just click this link and now we can install anything we want. Nobody asked if it was legit, they just clicked.

Making this worse would be an Android-level disaster for end user safety.

link