> “I’ve driven many miles and never crashed. Why do I need to pay for seatbelts?”
Bad analogy. A better analogy is: I’ve driven many miles and never crashed. Why do I still need Toyota's permission to drive?
I'm absolutely in favor of "seatbelts" for computers, but that means sandboxing, not censorship or rent seeking. It also means you can remove the "seatbelt" when you need to.
I used seatbelts because every car safety measure you can think of has had someone complaining about having to pay a cost for something they’re too good a driver to need. Having apps notarized to enforce some basic legal & safety standards seems similar: it definitely costs more than zero, it definitely is a restriction on absolute freedom, but it helps prevent things which are statistically certain to keep happening otherwise.
That's a very weak argument in favor of apple, and I respectfully disagree. Just another variation of 'think about the children' meme without much substance, repeated in every single apple discussion ad nausea.
Look, you lock your phone as much as you like, your device, your choices (here we are already very far from apple mindset). Why the obsessive need to push this on literally everybody and not even giving the choice? Maybe you have some serious impulse control issues, but most of us don't.
It can even be part of purchase process - choose ultra secure more locked down model, or on-your-risk more free.
But we all know all this is just about 1 singular thing - revenue via customer/market capture. Oracle stuff indeed.
> Look, you lock your phone as much as you like, your device, your choices (here we are already very far from apple mindset)
It keeps software and service vendors from going around security and privacy protections. Folks don’t always have a choice of what they have to install, so “just don’t install their stuff if you don’t like it” isn’t sufficient to achieve the same results, even if we ignore the inherent difference in UX between “100% of the software for this goes through the App Store” and “some software is not on the App Store”.
Doesn’t mean you have to agree that path is better, of course, but it’s also definitely not so easily dismissed as ridiculous.
Software and service vendors can't "go around security and privacy protections", they can do exactly what the operating system and Apple allow them to do (short of actual bugs and vulnerabilities which would exist regardless of distribution method).
Either those protections are technological, baked into the OS, and therefore apply equally to all installation sources, or they don't exist. There's no in between.
There’s in-fact an in between, which is humans enforcing rules. It’s what’s in place now. It does have an actual effect, it’s not like it’s imaginary or doesn’t do anything. Some of the rules aren’t practically enforceable by software alone, at least so far (things like “don’t try to fingerprint the user or device in unauthorized ways”)
Those rules are even less enforceable by human reviewers because they don't employ people to reverse engineer your app, never mind any subsequent updates.
Your contention is that the review process entirely fails at enforcing privacy and security rules that cannot be achieved entirely through automation, or fails at such a high rate that it may as well be entire?
That doesn’t reflect my experience submitting apps, nor as a user of Apple devices. It’s certainly imperfect, but it achieves a lot more than if they simply stopped doing it.
[edit] and in fact, some of the automated checks wouldn’t be practical to run on a user’s device—are those also totally ineffective?
Look at the history on the PC and Mac desktop side. Ever see someone who had Firefox or VLC, only the binary they got was loaded up with things not shipped by the real developer? Notarization prevents that shady phished from talking your dad into installing “a critical security update!!!” from their own server and then either having it immediately get access to his stuff or walking him through logging into his password manager, etc.
I'm not against notarization as long as it's free (akin to Let's Encrypt) and strictly used for combating outright malicious software like you described, and not as a way to keep competitors off the platform, rent seek, or ban apps for "philosophical" reasons (like NSFW content).
They're intentionally conflating these objectives to give themselves an excuse for maintaining their stranglehold on users and developers alike. They need to give up some ground if their security concerns are to be taken seriously.
I'm sure all the smart people in Cupertino (and elsewhere) can figure out some really great solutions for protecting users in an honest manner, if only their leadership didn't instruct them otherwise.
Analogies don’t really work in arguments, it always just devolves into an argument about the analogy. They are useful in other contexts (like teaching, where it might be necessary to simplify something).
Overuse of analogies is one of the worst things the internet has done to discussion in general.
> Having apps notarized to enforce some basic legal & safety standards seems similar.
Which things, exactly?
Consider how well malware and adware has done where the authors can impersonate legitimate developers (remember when people got faux-Firefox as the first Google hit?) or can run distribution campaigns from shady web hosts for years? Notarization and domain limits mean Apple can block malware almost instantly and the developers have to burn a real company identity on each attack campaign.
https://news.ycombinator.com/item?id=39685272
Not exactly blocking immediately are they.