Hacker News new | ask | show | jobs
by NateEag 1568 days ago
I think iOS devices are much more secure than a Linux desktop.

Any iOS device that has not been registered with Apple for use on a dev team or rooted can run only built-in apps and ones instslled from the iOS Store.

That means it can only run apps explicitly approved by Apple.

Sure, Safari has had some zero days, as has iOS generally, but as Heartbleed, Shellshock, and Log4Shell have shown, open source is not magical fairy dust that makes things secure.

Overall, my bet's on the team at Apple being better at securing their systems than the random collection of individuals and overworked maintainers that have assembled the parts in a modern Linux desktop.
2 comments
kuschku 1567 days ago
> Any iOS device that has not been registered with Apple for use on a dev team or rooted can run only built-in apps and ones instslled from the iOS Store.

Can't you run any app you want if you install it through XCode for up to 7 days, even without registering as developer?

I thought that's how several of the unofficial iOS AppStores for apps that break the rules of the regular sandbox work

link
NateEag 1567 days ago
I've never heard of this ability. Do you have a link describing it?

I've been maintaining an iOS app generation framework at $DAYJOB, and I've never found a way to run Xcode builds on physical devices short of actually registering the device with Apple for that purpose.

If there's a way to work around it, I'd be shocked and delighted.

link
kuschku 1567 days ago
I believe I was thinking of https://github.com/rileytestut/AltStore, but I’m not sure if that’s the exact project (I don’t use iOS, so I don’t keep all of the details in mind)

Quoting their FAQ:

Why do you need my Apple ID?

Apple allows anyone with an Apple ID to install apps they’ve built themselves onto their devices for testing. AltStore uses your Apple ID to communicate with Apple's servers on your behalf and perform the necessary steps to prepare your account for installing apps onto your device.

Why does it say my apps will expire in 7 days?

Unfortunately, apps that have been installed using non-developer Apple IDs (in other words, Apple IDs not tied to a $99/year Apple developer account) are only valid for 7 days, at which point they will no longer open. To compensate for this, AltStore will periodically attempt to refresh your apps in the background, and you can always manually refresh your apps from within AltStore.

link
NateEag 1564 days ago
Wow, this is fascinating. I do not recall hearing of this workaround before.

Thanks!

link
upofadown 1568 days ago
IMessage had a remote code execution that could entirely take over the phone...

>Heartbleed, Shellshock, and Log4Shell ...

... are all irrelevant to desktop Linux...

link
amatecha 1567 days ago
Did you hear about "PwnKit"? Just a month ago one of the most serious security flaws in Linux (affecting nearly all distributions) was disclosed and it had been present since 2009. https://www.bleepingcomputer.com/news/security/linux-system-...

(btw Heartbleed affected Linux desktop OSes such as Debian, Mint, Ubuntu, RHEL, etc.)

link