[acdha]

You might want to consider relative scale: yes, there has been malware in the App Store but the questions you should be asking are how long it stays there, how quickly it’s blocked and existing installs removed, and what level of access it had. Look at the product pages for spyware marketed to distrustful parents and abusive spouses, for example, and notice how much less they can do on something like iOS or ChromeOS compared to a full desktop operating system and you’ll understand why this is discussed as a trade off rather than absolute good/bad terms.

[talldayo]

It's not treated as a trade-off, outside Apple's marketing. Anyone that's seen Apple's service revenue relative to their hardware margins knows the score. If this was a conversation about iPhone malware then I should point out that people are being infected by Pegasus with nothing but first-party Apple software. There are active zero-click exploits with various levels of persistence on the market today; you want to talk about relative scale in a post-Pegasus era? Hell, a post-Snowden era?

You're echoing Apple's own flawed defense. You can't rob someone in one hand and claim to be paying them back with the other. You're either acting altruistically to actually help users, or you're perpetuating a cycle that benefits only the service-owner. With Apple's complete lack of service-based competition I don't think it's absurd to suggest they're intentionally misrepresenting the only App Store option to try and rescue it from certain regulation.

[acdha]

> It's not treated as a trade-off, outside Apple's marketing

It absolute is by anyone working in the field, and it’s not just Apple. A lot of places have been looking at ChromeOS for similar reasons, tons of people are running Kubernetes on trimmed down Linux systems which are far less “serviceable” than traditional servers because it reduces the attack surface massively.

> There are active zero-click exploits with various levels of persistence on the market today; you want to talk about relative scale in a post-Pegasus era?

Yes, actually. Your emotions are clearly strong on this issue but you really want to get some data and analyze it – for example, how long are users left vulnerable for traditional operating systems versus locked down ones or how hard is recovery?

Nobody is saying that there’s a universal optimum here but there’s clearly a trade off which people should consider when deciding what’s better for their situation. If you don’t need to run arbitrary binaries, can meaningfully segregate data between apps, etc. the benefits of breaking with tradition is pretty high and a high percentage of people will never hit a downside.