Calamander

Of all the different strategies Apple has to increase sales and revenue, this is the best. 

DAalseth said:

Considering the poor search results full of literally made up data, wrong references, and garbage that these ChatBot search engines have produced, with little sign of any improvement, I don’t understand why everyone is in such a rush to implement them. 

I don't think you've ever used ChatGPT

jimh2 said:

@thrang Excellent points about the rest of us being compromised by the schmuck who lets a side loaded App run sweep up their contacts. I can hardly wait for the unsolicited texts, emails and maybe even snail mail. Nothing like being collateral damage to something you had nothing to do with. For the naysayers think about Tik Tok releasing their app to side load where they can do anything they see fit. If there are complaints about privacy now wait until the side loads start.

You're using MacOS what's the difference?

You have friends with Android phones, yes? Do they constantly send you emails? Lol. Give up on your addiction to worry, your life will be better. 

gadgetcanadav2 said:

Maybe Apple should create a separate sandbox on iOS for all sideloaded apps with default no access to any services. Create a separate ecosystem that can’t screw up everything else. Also would Apple be forced to provide all the programming libraries snd support to sideloaded apps? I would give them zero support and no access to the latest iOS programming libraries. 

That's what they do anyway - all apps live in sandboxes. Each app has their own file system and can't access the rest of the file system, and so on. 

The problem is that iOS has many APIs that are buggy and allow hackers to get around that sandbox. 

So sure they could build another sandbox around the sandbox, but why would that be safer? They need to fix the existing sandbox, which is supposed to do exactly what you said, but for all apps. 

Thanks to the App store Apple was able to prevent many hacky apps from being deployed, since they check the code, and if the code uses unauthorized APIs, it is rejected. Some still got through. But most got caught. Without this check - we will see how leaky that sandbox really is. 

I think it will need a lot of work, feeling wise. The attack surface in code is huge. If I were them I'd have a 100 people strong security fix team on standby. They have enough money, they should spend it on that. 

If Apple is smart they'll stop the whining and hand-wringing and go all in on it. 

There is literally a huge amount of apps that are waiting to be deployed on iOS but can't be deployed because of the little Apple prison which decided you can't watch p0rn or buy a crypto coin for your own protection. 

Now I don't watch p0rn because I think it's actually detrimental to health, it's a dark force. 

But I am in crypto and you have no idea how many people I meet who don't make apps, cripple their apps, or make lame PWAs just because of app store rules. 

I can guarantee you the first 3rd party app store focused on crypto apps will make a killing. I would do it if I wasn't so busy with my actual work...

From a security perspective and as an app developer myself, with several published apps in the app store, I can say that Apple's iOS security is not strong enough to handle this right now. So from a tech perspective, they need to seriously fortify iOS. 

Apps live in little boxes and their interactions with the system at large are limited to certain things - but because this was only developed over time, and isn't really well thought out or implemented, there are endless loopholes and hacks to get around it. So fixing this is the biggest engineering challenge.