This is also about competition. Major coroporations, Apple, Google, Epic, Netflix, Meta, Amazon etc are inherently monopolistic and they want to lock in their users and their platforms as much as possible.
This more about levelling the board a little bit rather than money directly.
I wont bother sideloading on an apple device, as i have not done it on Android for a very long time, but i want the option to use alternative app stores.
Also a developer should be able to choose where they list their software among a number of competing app stores. Apple store developer experience is crap and it could benefit by some competition.
3 Likes
This right here. Well said, sir.
. . . . .
4 Likes
BUT, he is right for these folks:
“It does make sense for people who are not very technical and take a lot of value out of the Apple ecosystem simplicity and integration.”
1 Like
Yeah, no one is forced to switch to a different app store though. For them it will be business as usual.
2 Likes
I recently began gaming on an pc again and I’ve been reminded of how annoying it can be. To play the games I want, I’ve got to have the following stores installed:
Steam
Epic
Origin
I hope that I don’t end up in a similar situation on my phone where I have to have multiple app stores installed to run the software I want.
2 Likes
Unfortunately it will be like that. The major players will have their own stores in order to avoid the Apple fee. It’s a lot of money, but the majority of developers will be using Apple Store unless other store owners decide to undercut Apple.
1 Like
The problem of whether or not a 3rd party app store could be considered trustworthy is relatively easy to solve.
Apple claims the App Store is more than others. All they need to do is publish the objective criteria by which an app store could be considered secure. Those standards could include
- Minimum level of encryption in data transit
- Minimum level of obfuscation of personal data to protect customer privacy
- Clearly defined standards for handling refunds
- And so forth and so on
I think Apple is well within its prerogative to stipulate standards with regards security and safety for any 3rd party store. But the key is that they need to be objective standards that can be evaluated by 3rd parties. They can’t be vague and subjective (which is how Apple likes to do things to give themselves ‘flexibility’.
With that said - there should also be some safeguards that prevent Apple from making these changes arbitrarily or in such a way that they favor themselves. Personally, I don’t trust Apple to do this - so these need to be evaluated by some outside party. But any competing App Store should be able to be written in such a way that it is as secure as Apple’s.
2 Likes
In the real world, people buy from multiple stores all the time. This perceived convenience is actually what is so unnatural about the situation. If you’re a super-fan you can buy from only one store (for me, if it isn’t on steam I’m not interested) but everyone else gets the freedom to take their money where they like.
2 Likes
I would respectfully disagree. If all games were available everywhere, sure. The reality is, stores differentiate themselves based on exclusivity, not convenience or price. If you want to play Fortnite, you have to get it from the Epic Store. That isn’t a choice.
The biggest point you are missing is the filtering out of malware, malvertising, clickfraud etc. apps from the stores. That is probably as important, if not more important than the others you mentioned.
If you can’t guarantee the store is safe from malware, fake apps and subscription fraud apps, I wouldn’t use it - that said, Apple doesn’t have a clean bill of health on that point either, but they generally react quickly when they find them or they are reported to Apple.
1 Like
Some brick and mortar stores sell only specific brands, too. That’s all part of real life, which was my original point.
Running an AppStore is expensive. I have used apps from alternative stores on rooted iphones. They are horrible. There is no QA and yes there is a risk for malware as well.
Those who could dedicate resources to do this are a handful of companies.
But it is important to have more than one competing stores.
This can be addressed by implementing some objectively-measurable standards regarding handling those situations should be done.
The thing is: we have nothing on the Apple side to compare this too. On the Android side - I’ve got both Samsung and Google app stores on my device. Haven’t had any issues with fraud or malware so far, but that’s me. The point is: this should be doable with standards.
3 Likes
Google have been caught out at least as often as Apple with malware and click fraud apps in their stores, but both are generally good at removing them as soon as they are informed and they probably catch thousands of examples that never make it into the store.
The point being, it takes a lot of effort and know-how to get that level of checking to work anywhere near as well as Apple, Google and Samsung, which are all still a long way from perfect.
So, these stores would need to be checked regularly by security researchers, to ensure they aren’t letting bad apps in. If you do a quick search, there are articles, where researchers have found hundreds of malware apps on the Google Play Store over the last 2 years - and Google reacted promptly to remove them. The same is true for Apple.
Without the new stores being vetted or certified first, I wouldn’t trust them. (Certain standards organisations offer testing for software products - the TÜV Süd in Germany, for example has a large arm dedicated to checking software, we had them check one of our products a few years ago. The BSI in Germany does similar testing. If the stores get approval for being secure and that their vetting procedures for catching malware, then I don’t see them being much worse than Apple’s and Google’s stores, without independent verification, I wouldn’t touch them.
3 Likes
I disagree. Realistically, there’s so much more software that exists in the world than can be reliably checked. Linux distributions have sort of quietly realized this in the move to portable app formats (flatpaks, snaps, and appimages) over the traditional model of “maintainer reviews every single app that gets put into the distro.”
An app store whose primary purpose is to be the ultimate review of safety and truth is ludicrous at some level–its like saying you’ll have a fire hose that will examine every molecule of water that comes from it. It’s not that it isn’t an important endeavor, it’s that it is outside the realm of possibility. We’re talking about degrees of risk, not levels of safety.
Glibc had a huge bug that has been introduced since the early 90s. This isn’t some niche product with little inspection. Meaning: people can’t reliably understand what software does under the best of conditions. You think some random app store maintainer has any way to reliably detect unsafe software?
No, the talk of app store safety is the sort of fear-hype meant to keep people happy inside the profit-extracting status quo. The parroters of the fear-hype are happy to speak from marketing rather than fact. (Not saying this is what you’re doing, but rather Apple and to a lesser extent Google.)
1 Like
Yet this is the exact selling point of the App Store and Google Play Store, that they check all apps for malware and egregious data collection. But it isn’t 100%, but they still invest millions each year to ensuring that over 99% of the bad apps don’t get in.
The reason is not so much the checking on the validity of the packets, but on dependencies. The flatpaks etc. contain all dependencies in a sandbox. This means, if the app uses a older or newer version of a library, it doesn’t break everything else already installed, by removing the version of the library the others need and replacing it with a different version. Also, if the distro has a newer version of the library and the app only runs on the older version, you can still use the app.
Like the sandboxed apps on a phone or tablet, the Flatpaks and Co. also mean that if there is any problem with the app itself, it cannot affect the host system - although it can still be used to exfiltrate data from the sandbox.
Yes, no software is perfect and operating systems are complex and get regular bug fixes for this exact reason. And the app stores can’t find every single bug, but they can check for certain behaviours, as well as an automated code review. It isn’t perfect, but it does keep over 99% of the malware out of the stores.
For some, maybe. But the security in place does make a huge difference, compared to just letting every app through. Some bad apples get in, because no checking system can be 100%.
But I wouldn’t use a store that doesn’t have any checking. And this is why I think there should be an open certification standard for testing the levels of security on these stores - it shouldn’t be run by Apple or Google, it should be independent, such as TÜV, BSI or other national certification bodies and they should also check the Apple and Google stores, to keep them honest as well.
3 Likes
For AppImage, maybe. But the others are also aimed around sandboxing for security purposes, as you allude to.
That’s fine if you think so, but it has worked for decades on Linux without this proposed system. I’m happy with the few apps I use on F-droid.
To me, this “cert” process you’re talking about is just describing a system that purports to examine the water flowing out of the firehouse. The end result is still a ludicrous claim by both stores, now made more “official” by the fact that some third party is willing to make a completely unverifiable claim. And the end result: more lock-in for something that can never be promised by the players big enough to go over a ridiculous hurdle in the first place.
IMO Linux has a very different userbase to iOS/Android, don’t think you can make any comparisons.
2 Likes
I agree it’s a different user base, but we’re talking about stores, right? These are a rebranded version of the software repository that Linux distros created in the late 90s. I think it’s totally fair to compare how those work as a software distribution and curation system.
Monopolies are not going to make things more convenient and in fact a monopoly can degrade their services to you by charging you more etc, just because they’re the only game in town.
Competition is good.
3 Likes