I posted this in the other thread before, but I'm going to repost it here because people still don't seem to understand why the iPhone's restrictions are so important.
---------------------
I don't see how it's anything other than a net positive, you gain in security and ease of use for consumers. If you're more hacker minded like this audience is, it's extremely trivial to jailbreak - the distinction being that it is totally independent and not sanctioned by Apple whatsoever. This is an important point.
After working in user support I can totally empathise with Apple's decision to keep the platform closed via the App Store. The vast majority of the people buying these phones (ie, normal users - not geeks) are the ones who voluntarily install spyware on their PC's, click yes to every dialog box they see and execute random email attachments without thinking twice. They don't scrutinise certificate errors in their browser, use PGP, constantly have a bash window or two hanging around - in fact I think a lot of the people who have bought iPhones as fashion accessories would have trouble even changing their wallpaper.
The iPhone undeniably has the biggest mindshare, and a very hefty marketshare slice of any high-end mobile communications device yet, one notably skewed toward people with large disposable incomes.
Remember, it's constantly connected to the internet, has a connection to the phone network (and thus an unlimited tab conveniently linked to your credit card), knows where you are and even in which direction you're facing. It knows who you talk to, who your contacts are...etc. I could go on. The point is this device and it's associated popularity is a fucking GOLDMINE for the kind of people who write malware.
The App Store and it's uncompromising restriction is the final solution to keeping this cesspool of a software "ecosystem" off the platform.
Even if Apple provided an "Advanced" setting which gains you root access on your device the malware writers would simply instruct the clueless user to enable it, and I KNOW that 99.9% of people would do it without hesitation, for the promise of nothing more than a cheap thrill. All the EULA-type warning "this-is-a-bad-idea-and-we're-not-responsible" notifications in the world won't stop them. It's based on the same psychology as that study where an alarming majority of people would tell you their password for a chocolate bar.
Oooh, kittens!!! cue screaming and convenient lawsuits targeting high-profile Apple when their phone bill arrives with a $50,000 total
Yeah, I think we can do without that sort of thing, and Apple certainly doesn't need that kind of unrepairable damage done to their brand perception.
We put up with malware on Windows because like it or not it's the de-facto standard, and consequently most people don't know any better. There is an almost bewildering array of choice when it comes to mobile handsets, and people are likely to go with the one that doesn't have a reputation for involuntarily emptying your bank account.
If you're more hacker minded like this audience is, it's extremely trivial to jailbreak - the distinction being that it is totally independent and not sanctioned by Apple whatsoever.
Not only "not sanctioned" by Apple, but actively opposed by them. They go out of their way to stop jailbreakers and consider them criminals, and per the DMCA they're probably right. It will be terrible for future innovation if the only way to gain control over your own hardware is to become a felon.
The App Store and it's uncompromising restriction is the final solution to keeping this cesspool of a software "ecosystem" off the platform.
Along with anything that remotely competes with Apple's business model. If Microsoft had that level of control 20 years ago, we wouldn't have the web.
Even if Apple provided an "Advanced" setting which gains you root access on your device the malware writers would simply instruct the clueless user to enable it, and I KNOW that 99.9% of people would do it without hesitation
That's a testable prediction, since Android offers exactly that setting. We'll see if it becomes a cesspool of malware; I don't expect it to.
Not only "not sanctioned" by Apple, but actively opposed by them. They go out of their way to stop jailbreakers and consider them criminals, and per the DMCA they're probably right. It will be terrible for future innovation if the only way to gain control over your own hardware is to become a felon.
Of course they don't like people jailbreaking, they've worked very long and hard on making a store with a fair and seamless DRM system - then barely a week after it's jailbroken somebody has gone and made an almost one-step process for cracking, distributing and downloading pirated applications. DRM relies on a closed system by it's very nature - it's understandable they like to discourage against subjugating their entire business model.
HOWEVER: they have never (as of my knowlege) put in additional effort to prevent jailbreaking. The online media a few years ago was buzzing with warnings about updates bricking jailbroken iPhones - like if done out of some sort of malice when it turns out the problem was AnySIM completely trashing some areas of the baseband, rendering it unusable when updated next.
So let's see, Apple getting a ton of bad press misdirected at them (as usual) because of the clumsy mistakes of some people who didn't really test their baseband modifying software before releasing it to the public.
Oh, and a more recent example. The installer for OpenSSH in Cydia didn't bother to prompt a change for the default root password on the iPhone (alpine) - suddenly there's a "virus" spreading between unsecured jailbroken iPhones because of clueless idiots once again thinking they know what they're doing when they clearly don't. The press? "OMG ITS TEH IPHONE VIRUSSSSS RUN FOR THE HILLS!!" Do you think they bothered to mention that you had to a) Jailbreak your phone, b) Install OpenSSH and c) Neglect to change the default password? Of course not, who cares insignificant details like that when you can have a headline with the words "iPhone" and "virus" both in it.
Gee, I wonder why Apple don't like jailbreaking guys?
Meanwhile, it would be naîve to think that Apple doesn't have plenty of jailbroken iPhones they use internally for various things. I have no doubt they are keeping a very close eye on the progress of the JB scene.
Along with anything that remotely competes with Apple's business model. If Microsoft had that level of control 20 years ago, we wouldn't have the web.
We don't know the exact reason for many Apple's rejections, but I disagree with this sentiment in general - there are hundreds of examples of approved apps which directly with Apple's own offerings and if you're referring to the GV rejection in particular that's even more puzzling as it doesn't compete with Apple at all (unless they're secretly planning on becoming a telco?) Examples of approved apps which might enroach on Apple's territory are various Safari replacements (iCab etc), Map applications, and even Spotify; clearly stepping on the toes of iTunes store. The problem is the inconsistency, which to me points more toward individual agent whims or moods rather than policy. I agree this is unacceptable but they have promised to make it better. They have stated publicly that they approve > 99% of apps, so as usual it's a vocal minority.
That's a testable prediction, since Android offers exactly that setting. We'll see if it becomes a cesspool of malware; I don't expect it to.
There has already been a bank account phishing app which was undiscovered for weeks on the Android Marketplace. I wonder why whoever coded that didn't target the iPhone instead and get 100x the opportunity?
> Even if Apple provided an "Advanced" setting which gains you root access on your device the malware writers would simply instruct the clueless user to enable it, and I KNOW that 99.9% of people would do it without hesitation, for the promise of nothing more than a cheap thrill.
...and 80% of statistics are made up on the spot...
No offense, but isn't this the kind of 'protect people from themselves' crap that gets ragged on in a political sense under the term 'Nanny State?' Are you advocating this?
Let's say that Apple does have a 'press this button for root access' option. Once malware starts telling people to enable that option, don't you think that it would be HUGE in the media, and word would spread like wildfire that you shouldn't do that or your identity will be stolen? People are dumb to desktop computer security because it doesn't affect their 'bottom line.' When someone's computer becomes part of a botnet or installs popup malware, they likely don't know the difference from when their computer is normally functioning.
How many people have actually had (for example) their bank accounts emptied because of a computer virus? If such incidents became commonplace, you can bet your butt that people would get smart real fast. Right now there is just no incentive for people to get smart to these things because "the computer is getting really slow" is the only difference that they notice between an infected desktop and an uninfected one (and when it's their employer's computer they have even less incentive to care because 'IT will take care of it').
Yes, they are protecting people from themselves. However it's not at all an altruistic gesture, it's purely self preservation. You're thinking in a geek/nerd mindset. The iPhone is a black box to most people - indistinguishable from magic. We want to get to the bottom of why a problem occurred, most people wouldn't even bother to link their actions with the consequences, let alone take personal responsibility when they end up losing money. Litigation and smear campaigns are far more likely.
I think the mainstream press wouldn't bother to describe details about an obscure option hidden deep within the system settings, and would likely have whatever was the most sensational, intellectually dishonest headline they could get away with coupled with some vague, useless security tips like locking your phone with a pin and making sure bluetooth is turned off in crowded places.
People don't have their bank accounts emptied (usually, except via phishing websites and Android Marketplace apps) because their computers aren't intrinsically linked to their credit cards. Phones are, and it would be completely trivial (and very tempting) to make a dialer.exe type program that surreptitiously makes $9.95/min calls to Nigeria. List it as some kind of a raunchy sex line and try pleading innocence to your telco about that one. Go on, I dare you.
Another point: on a PC, data is stored kind of haphazardly and if you have nefarious objectives in mind it's a lot more difficult to access very specific kinds of information. On a phone, this is very easy - everything has it's place. Especially on the iPhone with it's wide use of open standards - crack open the sqlite database you need and query away to your heart's content.
> [...] computers aren't intrinsically linked to their credit cards. Phones are, and it would be completely trivial (and very tempting) to make a dialer.exe type program that surreptitiously makes $9.95/min calls to Nigeria. List it as some kind of a raunchy sex line and try pleading innocence to your telco about that one.
What makes Apple's approach that much more secure? They don't inspect the source code of an App. There could be hidden 'call home' features that are waiting for a switch to be flipped to execute the malicious code that's wrapped up in a pink and fuzzy package. Sure Apple can hit a 'kill switch' on an App, but they need to know that the App is a threat before they do so. What happens when an App does your 'dialer.exe' example and calls Nigeria? Does this immediately alert Apple to 'suspicious goings-on' and they make a dramatic leap to hit the big red button?
Jailbreaking doesn't help when, say, Google doesn't release an app to the public that Apple won't let in the store.
I agree with some of what you say but can't help but feel that open is the only way to a good future.
Then again, this device isn't even out yet. It certainly hasn't taken over the world. And even if it becomes wildly popular Linux, BSD, Windows, and whatever other OSs are out there are not going away because of it.
But somehow, I doubt creating the "final solution" fail safe platform was first and foremost in the minds of whoever it was that thought up the iPhone app store model. Nobody likes a monopoly... unless it's their monopoly.
---------------------
I don't see how it's anything other than a net positive, you gain in security and ease of use for consumers. If you're more hacker minded like this audience is, it's extremely trivial to jailbreak - the distinction being that it is totally independent and not sanctioned by Apple whatsoever. This is an important point.
After working in user support I can totally empathise with Apple's decision to keep the platform closed via the App Store. The vast majority of the people buying these phones (ie, normal users - not geeks) are the ones who voluntarily install spyware on their PC's, click yes to every dialog box they see and execute random email attachments without thinking twice. They don't scrutinise certificate errors in their browser, use PGP, constantly have a bash window or two hanging around - in fact I think a lot of the people who have bought iPhones as fashion accessories would have trouble even changing their wallpaper.
The iPhone undeniably has the biggest mindshare, and a very hefty marketshare slice of any high-end mobile communications device yet, one notably skewed toward people with large disposable incomes.
Remember, it's constantly connected to the internet, has a connection to the phone network (and thus an unlimited tab conveniently linked to your credit card), knows where you are and even in which direction you're facing. It knows who you talk to, who your contacts are...etc. I could go on. The point is this device and it's associated popularity is a fucking GOLDMINE for the kind of people who write malware.
The App Store and it's uncompromising restriction is the final solution to keeping this cesspool of a software "ecosystem" off the platform.
Even if Apple provided an "Advanced" setting which gains you root access on your device the malware writers would simply instruct the clueless user to enable it, and I KNOW that 99.9% of people would do it without hesitation, for the promise of nothing more than a cheap thrill. All the EULA-type warning "this-is-a-bad-idea-and-we're-not-responsible" notifications in the world won't stop them. It's based on the same psychology as that study where an alarming majority of people would tell you their password for a chocolate bar.
Oooh, kittens!!! cue screaming and convenient lawsuits targeting high-profile Apple when their phone bill arrives with a $50,000 total
Yeah, I think we can do without that sort of thing, and Apple certainly doesn't need that kind of unrepairable damage done to their brand perception.
We put up with malware on Windows because like it or not it's the de-facto standard, and consequently most people don't know any better. There is an almost bewildering array of choice when it comes to mobile handsets, and people are likely to go with the one that doesn't have a reputation for involuntarily emptying your bank account.