[AussieWog93]

>when Google spot it, they can unilaterally remove it.

Microsoft can achieve the same goal already through Windows Defender. My app was recently flagged as a trojan (false positive) and it would be wiped from users' computers before they could even run it.

>they also have the ability to remove it from devices where it was already installed.

That Microsoft can't do, but I'm not really sure that it's a good thing...

>The app store model probably also delivers security updates to legitimate apps more effectively than every developer managing their own distribution.

Citation needed there.

[colejohnson66]

That last one (the “citation needed”) is solved by stores that have auto-updaters. When a store isn’t used, it’s up to the app developer to provide a notification of an update being available, and many don’t do that.

Linux’s package manages show that quite well. I can update (almost) all my packages with a simple command. On Windows, if Inkscape has a security vulnerability that an update fixes, I'm not informed of this unless I follow the development or use an RSS feed of sorts.

[takluyver]

Agreed. Of course it's possible in theory for every developer to have their own secure, reliable auto-update mechanism. But it's not easy - the docs of The Update Framework describe some of the challenges.

If every app handles its own updates, that also means that either you've got N background auto-updaters running, or the check has to wait until you run the software - and potentially get exploited by a hole patched in the update it's just downloading.