undefined | Better HN

0 pointspabs33y ago0 comments

Trademark violation should be enough for the moderation team I would assume, for most of the junk apps.

But even fully open source from open source distros, which should be "the good, safe software" still does nefarious things, for example the Audacity devs decided to add telemetry and Debian is full of privacy violations, some of them documented here:

https://wiki.debian.org/PrivacyIssues

The only way to solve this really is proper vetting of each app before it is accepted on the app store, but even Debian's relatively heavy-weight approach doesn't solve this, same as Apple's heavy-weight approach also doesn't solve this.

0 comments

jka3y ago

> Trademark violation should be enough for the moderation team I would assume, for most of the junk apps.

For clear trademark infringement or license violations, sure.

However, it'd be permissible, as I understand it, to build re-label-ware (not necessarily malware, but simply low-effort software built using FOSS foundations) using MIT/Apache and other permissively-licensed software and to publish that on app stores with price tags attached.

I have to admit: I'm not familiar with the types of apps that the policy intends to handle in practice -- but re-label-ware would seem like a rational opportunity for developers to pursue in a payment-enabled marketplace without rules to prevent them.

> The only way to solve this really is proper vetting of each app before it is accepted on the app store

That sentiment doesn't sit right with me somehow. Computers can run software, and attempting to gatekeep that process (in an evolving and culturally-diverse world) seems like a path fraught with problems.

Having transparency about what software is intended to do - and perhaps system-perimeter observability that helps users (and, with their knowledge, their friends and colleagues?) to monitor what it has really been doing (to inspect whether that matches their expectations) seems like a potential space for opportunity.