[xyzzy_plugh]

I doubt it, otherwise we'd see this in Android. And while it does happen of course, it's vanishingly rare. Anecdotally I have plenty of friends and family who are neither technically proficient nor well educated and they seem to be doing just fine.

Instead it's a boon, especially for folks like myself who use a fair amount of software from alternative stores/installers.

[judge2020]

As far as I know, Android also doesn't have the same level of privacy requirements and permission prompts to show the user. Facebook et al. don't have much of a reason to push a third-party app store.

In addition, exploitation might be transparent to the user, i.e. a botnet that runs in the background[0] or replacing ads in other apps to steal their revenue[1]. People use iOS and recommend it to their friends/family because of its simplicity and the built-in safeguards the App Store provides, since installing a sideloaded app is a much more involved process.

0: https://cyble.com/blog/daam-android-botnet-being-distributed...

1: https://www.theverge.com/2019/7/10/20688885/agent-smith-andr...

[dns_snek]

Thankfully iOS users don't have to worry about any of that because Apple uses state of the art sandboxing that stops apps from stealing your data. I don't know what kind of safeguards you think the app store provides, but most of them are either provided by the OS itself, which would also apply to sideloaded apps, or they don't exist at all.

[danShumway]

> but most of them are either provided by the OS itself

It's tricky. Some of them are provided by the OS, some of them are not, my (possibly incomplete) understanding is that some are enforced by analyzing the submitted apps to know what they will request and not by blocking anything at runtime? I could be describing that incorrectly.

I would argue that permissions should be part of the OS itself and should work on every app regardless of where it came from, but there are people who know a lot more than I do about what specifically Apple is doing who have told me that's more complicated, and... :shrug: maybe they're right, maybe they're wrong, I don't know enough to argue with them about it.

Web browsers seem to be able to do this sandboxing at runtime just fine, so I don't really know why iOS is so heckin special, but it's not my area of expertise, I just know that there are apparently (?) some permissions that wouldn't work outside of the store.

[plorkyeran]

Facebook doesn't need a secondary app store on Android to bypass the default one's privacy rules because the default one isn't stopping them from doing what they want to do in the first place.