Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

all of this malicious code still requires the user to grant the permissions, or exploit bugs in the operating system. same as ios, infinitely better than mac, windows and linux.

apple might pretend they are secure because they usually manage to catch such things during review. this doesn't actually mean they are secure.

end of the day, it's up to the user to choose what software they install, and what permissions they grant.

if your security model includes taking all user choice away, forbidding them from running software that they wish to run, and essentially treating them like unsophisticated toddlers that need your guidance because you know best, then sure, you might view this as a problem. but at that point, you are the problem.



> apple might pretend they are secure because they usually manage to catch such things during review. this doesn't actually mean they are secure.

The easiest way to see that Apple's security model is more robust is that tech websites don't have to warn users that they should fear the apps from inside the app store.


There's little evidence that this isn't simply because Apple is better at policing their store. It probably also helps that an Apple developer license costs $99/year, whereas Google Play has a one-time $25 fee. Keep in mind that the Play Store is just one of Google's many endeavors, whereas the iPhone is Apple's premier product, and as such, one of their top priorities.

Regarding dynamic native code execution, please see saagarjha's comment and my reply.

> Apple's security model

It would be more accurate to say "the iOS security model", because as beeboobaa3 mentioned, macOS fully allows apps from outside the App Store, dynamic native code execution, and most other "insecure" things that are blocked on iOS.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: