[mcny]

I still think developers should not be able to upload binary blobs to the store. The store should prescribe an official set of tools and build options. Developers should be required to upload their source code and build instructions.

The store will then build the application binaries based on provided instructions, run tests to make sure the application meets store criteria, and publish it if everything looks good. Perhaps there will need to be some manual intervention when necessary but we should be able to automate things more as we see more use cases.

That and the client "store" should be decoupled from the server store and users should be able to add/remove server stores as they see fit.

[takluyver]

I would generally agree, but this puts a lot of trust in whoever is running the store: if Google/Amazon/Microsoft/Apple build and sign every application, they can quietly modify the code. It wouldn't necessarily be easy for even the developer to know that this was happening.

[johannes1234321]

why should they make it so complicated? Apple or Google can manipulate the operating system. No need to manipulate individual apps.

[takluyver]

That's broadly true, but I suspect it's a bit more difficult, at least on Android. Updating the operating system involves the company making the device (at least it used to, I'm not sure if that is changing), and it's much slower to roll out than an app update. I don't know if the extra bits like 'Google Play Services' have the necessary access to e.g. read private data from a messaging app.

As the OP is pointing out, the simple alignment of one platform with one app store is also a bit blurred. Neither Google nor Amazon control Windows. You can install the Amazon store on other Android devices. No doubt Samsung (and some other manufacturers) are trying to do their own marketplaces. And it's conceivable that in the future, they're forced to allow more competition (e.g. something like Steam for phones).