undefined | Better HN

0 pointszepto5y ago0 comments

And ransomware and botnets too: https://www.avg.com/en/signal/mac-ransomware-remove-protect

Fortunately iOS users don’t have those problems because of the security model that you are so quick to dismiss.

0 comments

3 comments · 1 top-level

Apocryphon5y ago· 2 in thread

https://us.norton.com/internetsecurity-emerging-threats-ios-...

https://www.wired.com/story/apple-app-store-malware-click-fr...

zeptoOP5y ago

As anyone who clicks on those links can see, those are neither Ransomware nor Botnets, so it’s not obvious what point you are trying to make.

Hard to see how you think such links support your argument for dismissing the security model.

Also of note - the central App Store was used to fix these problems.

Apocryphon5y ago

Truth be told, I find nothing wrong with the central App Store security model, merely that the status quo is insufficient. They should either ramp up enforcement on the store drastically, and/or open up the platform to third party stores, and thus competition, for other stores to attempt better ways at enforcing security and user privacy.

I do not view opening up the platform to third party stores or sideloading to be an excessive security risk, because having studied iOS's security model, it seems to be reasonably hardened (at least compared to Android) and I believe that Apple can manage the existence of other app sources well enough to prevent them from becoming significant malware vectors. The fact that those malware links are neither ransomware nor botnets proves how inherently secure iOS is, and thus protections are built into the operating system level, thus making the existence of third party stores irrelevant to its security.

1 more reply

j / k navigate · click thread line to collapse