Hacker News new | ask | show | jobs
by lukifer 5347 days ago
Though there have been many disturbing trends in the evolution of the App Store(s), this one is actually quite mild, if not welcome. Honestly, it's always unsettled me a little that any software can just start arbitrarily scribbling bits to the hard drive. (The system folder is protected, but my data isn't.) The concern is only a little about malware, and mostly about buggy code.

All the sandbox requires is that apps only have access to files when the user initiates the action. And unlike most App Store policies, you're also allowed to request specific exceptions as needed by your app, and I'm expecting they'll actually be reasonable about it. [1] This creates more work for developers, but I think overall these changes will help keep users' data safe.

As also mentioned in this thread, these changes have big implications for inter-app communication. But sandboxing doesn't take the capability away; it just requires devs to do more work, again in the name of user security. There will be a big usability hit on apps which don't see regular updates, and apps whose developers neglect to update this aspect of their apps. But the same capabilities will exist, and eventually most apps will catch up to the new norms.

[1] Although if Apple starts making stupid rejections and standing by them, then I take it all back.
3 comments
benatkin 5347 days ago
> Although if Apple starts making stupid rejections and standing by them, then I take it all back.

That's a given.

link
ugh 5347 days ago
Apple typically didn’t stand by stupid rejections. They made them, didn’t stand by them.
link
benatkin 5347 days ago
We shouldn't have to embarrass a company before we get access to a useful application.
link
betterth 5347 days ago
We shouldn't have to have a degree in CS and our own testing platform just to see if an application is safe, relatively bug free and isn't going to jack all of our data.
link
WayneDB 5346 days ago
Has any application ever "jacked" all of your data? Is the app store really going to debug apps for everyone?

How do over a billion PCs run Windows when there's no app store doing this for them??

link
frankus 5346 days ago
(Not sure if this is a troll or not, but I'll bite)

"Is the app store really going to debug apps for everyone?"

No, but obvious problems will be detected, and sandboxing will significantly control the damage a poorly-debugged app can do.

"How do over a billion PCs run Windows when there's no app store doing this for them??"

The perception (and in the pre-Vista era, the reality) of running Windows is that you need to be extremely careful about what you download (or even which websites you visit) or you risk data loss, your system becoming unstable, or involuntarily joining a someone's distributed computing experiment.

What Apple was trying to achieve with their app stores (and to a very large degree has achieved) is to allow unsophisticated users to fearlessly experiment with third-party software.

link
ugh 5347 days ago
That’s one valid way of seeing it. I don’t share it. But a nice derail you did there.
link
seanalltogether 5347 days ago
[1] They are only handing out temporary exceptions

http://developer.apple.com/library/mac/#documentation/Miscel...

link
idspispopd 5347 days ago
You're quite right, while malware is a threat often the biggest issues come from unforeseen bugs. Users with a long memory may remember the iTunes 2 update fiasco. where Apple's own update script was responsible for wiping user data.

The below link explained the error, and how it only occurred on certain volumes: http://www.xlr8yourmac.com/OSX/itunes2_erased_drives.html

link