[tripzilch]

I' an Android (Cyanogenmod) user and agree with your point, this could--and should--be done a lot better.

I am not familiar with iOS and iPhones at all. You state iOS apps only rarely need to be granted permissions, how do they make that work? I can see only three ways that could happen:

Either the app can do most things without asking permissions (bad for the user--there'd be malware). Or the app simply can't ask for permission to do a lot of things (bad for the developer, and ultimately the user--because less functionality). Or it's a combination of the first combined with the iOS App Store's walled-garden quality check approach (bad for everybody, and the biggest reason I got an Android instead of iOS device).

I could be wrong but I'm guessing it's the third option?

I'm going to try to be objective here, crazy how I can just feel that seed of fanboiism in my head, let me just leave it at me being idealistically opposed to the walled garden approach for reasons that have been rehashed on HN for ages now :)

That said, there's also a few practical things the iOS walled-garden App Store could improve upon. First one being the $99 developer fee. I teach kids computerstuff and one time a particularly clever 11-year old needed some help setting up Eclipse, I didn't have a smartphone myself back then, I wasn't sure what he was trying to do, so I just helped him navigate the English menus, install the proper Java things and let him at it. Sure enough, an hour later he proudly showed me his Android phone. "Hello World", it said.

Another thing, this iOS App Store review process, it's done by humans yes? Does it scale? From what I've heard, even though I mostly heard it in the form of complaints, you get rejected by actual humans, yes? That's obviously never going to happen to Google's Play Store. But then again, the Google Play Store isn't quite as deeply engrained into Android as the iOS App Store, you don't need to use it, you can even completely step out of Google's ecosystem and still use Android (though it's hard, a bit like using Linux 15 years ago). Does the iOS App Store also use scanners and automated tests for new applications? I bet they do, do we know what kinds? Like it could test for certain kinds of API calls so the human reviewers know what sort of thing to look for.

One funny thing is, I used to have to explain people what "repositories" are in Linux, what they do, what they're used for and why they're so much cooler than (Windows) having to download .exe installers from all sorts of websites to get your software. Nowadays I can just tell people "it's pretty much like an app store", and they know all they need to know. That Ubuntu Software Centre even looks like an app store, with all the stars and ratings (blegh).

However, the repositories in Linux, are not quite like either the Google Play Store or iOS App Store. They obviously do not have the walled-garden approach, it's entirely open. Linux software from the repositories doesn't need to ask for permission for anything (except sudo). Still, there is no malware in the repositories, at all. I admit I am a little bit vague on how this works too, perhaps I'm missing something obvious, but how do they do that?

[masklinn]

> I could be wrong but I'm guessing it's the third option?

Nah, it's a combination of two things:

1. Applications are granted internet access by default. It's possible to disable cellular access on a per-application basis, but not networking in general

2. Permissions are asked for at point of use with a big allow/deny dialog. This has several consequences

* it's easier for the user to understand why the application would want to e.g. access their contacts

* the user only gets the dialog if they're accessing a feature which claims a need for it, no paying a privacy/permission cost for stuff you don't do

* the more stuff an application wants access to the more scary dialogs they'll prompt, so application developers have tended to not go overboard

Also all permissions can be revoked (or granted) afterwards, aside from cellular they all live in Settings > Privacy, and inside each permission is the list of applications which asked for it, and whether they're allowed or denied access

[tripzilch]

Thanks, that makes sense. Better option than what Android does too, IMO.

Especially if the permissions are also more granular than they are on Android. Otherwise I could imagine an evil app prompting a type of permission in the context of something completely innocuous and reasonable (say, to pre-fill contact data to some input field), only to use that very same permission immediately afterwards for something evil (sending all contacts data to their servers).

[rweichler]

iOS jailbreak dev here.

The way permissions work in iOS is like this:

The app starts out completely sandboxed. No access to any hardware other than speakers and display (and even then, iOS has a layer on top of your canvas for the status bar and system dialogs). No access to the hard disk other than the app's local files. Instead of asking for permissions on app install, the app asks for permissions as you try to use them.

For example if you installed Instagram, you could scroll through the news feed fine but if you wanted to take a picture it would ask you to access the camera as soon as you try to. If you tried to take a video, it'd ask for permission to use the mic. Similarly it would ask for access to your photos as soon as you try to select a picture to upload from your camera roll. If you try import your contacts to find people to follow, it would ask for permission to read your contacts list. If you try to tag your location in a picture it would ask for access to the GPS as soon as you click the check mark. If for some reason Instagram allowed people to make calls, as soon as it tries to make the call you get a pop-up asking to confirm if you want to place the call or not.

> That said, there's also a few practical things the iOS walled-garden App Store could improve upon. First one being the $99 developer fee.

Thankfully there's a huge market for jailbreaks now, so pretty much the latest version of iOS is jailbroken about half the time. (http://iphonedevwiki.net/index.php/Compiling_iOS_application...) It ends up being much easier than Android development.

> Still, there is no malware in the repositories, at all. I admit I am a little bit vague on how this works too, perhaps I'm missing something obvious, but how do they do that?

All of the code on Linux repositories are (is?) open source if I'm not mistaken.

[dec0dedab0de]

Linux software from the repositories doesn't need to ask for permission for anything (except sudo). Still, there is no malware in the repositories, at all. I admit I am a little bit vague on how this works too, perhaps I'm missing something obvious, but how do they do that?

You are simply trusting whoever is running the repository, most of the time this the distro itself, which you already trust.

[tripzilch]

I figured as much. Is it hard to get your software into, say, the Debian repos? (and thereby Ubuntu, etc.)