Sunday, August 30, 2020

Resist the urge to argue about app store security

Recently Miguel de Icaza wrote a blog post arguing that closed computing platforms where a major US corporation decides what software users are allowed to install are a good thing. This has, naturally, caused people to become either confused, disappointed or angry. Presumably many people are writing responses and angry comments. I almost started one writing one pointing out all the issues I found in the post.

Doing that would probably create a fairly popular blog post with followups. It might even get to the reddits and hackernewses and generate tons of comments where people would duke it out on issues on user choice vs the safety provided by a curated walled garden. There would be hundreds, if not thousands, of snarky tweets that make their poster feel superior for a while but are ultimately not productive. To quote Star Trek Deep Space Nine:
Spare me please-think-of-the-children speech and I'll spare you the users-must-have-control-over-their-own-devices speech [1].
Having us, the user and developer community, argue about this issue is pointless, unproductive and actively harmful. This particular phenomenon is not new, it even has a name. In fact this approach is so old that the name is in latin: Divide et impera. Divide and conquer. All the time and energy that we spend on arguing this issue among ourselves is time not spent on working towards a solution.

The actual solution to this issue is conceptually so simple it could be called trivial. The entire problem at hand is one that has been created by Apple. They are also the ones that can solve it. All they have to do is to add one new piece of functionality to iOS devices. Specifically that users who so choose, can change an option in the device they own allowing them to download, install and use any application binaries freely from the Internet. Enabling this functionality could be done, for example, in a similar way to how Android phones enable developer mode. Once implemented Apple would then make a public statement saying that this workflow is fully supported and that applications obtained in this way will, now and forevermore, have access to all the same APIs as official store apps do.

This is all it takes! Further, they could make it so that IT departments and concerned parents could disable this functionality on their employees' and children's devices so that they can only obtain apps via the app store. This gives both sets of users exactly what they want. Those who prefer living in a walled curated garden can do so. Those with the desire and willingness to venture outside the walls and take responsibility of their own actions can do so too and still get all the benefits of sandboxing and base platform security.

Apple could do this. Apple could have done this at launch. Apple could have done this at any time since. Apple has actively chosen not to do this. Keep this is mind if you ever end up arguing about this issue on the Internet. People who have different priorities and preferences are not "the enemy". If you get into the flaming and the shouting you have been divided. And you have been conquered.

[1] Might not be a word-for-word accurate transcription.


  1. You are certainly entitled to your opinion mr account-created-for-the-sole-purpose-of-writing-this-comment.

  2. I was indeed inclined to even open up a blog (at last) and start with an answer to Miguel's post. But I agree that it would be ultimately pointless.

    That said, I'm having trouble understanding how Miguel's not-so-floss-friendly opinion could end up in GNOME's planet feed. Since he openly told (a few years ago) he didn't believe in Linux anymore and thinks Apple should be the way to go.. I think he has all the rights to have its own blog, but it should not be federated in GNOME's planet. It doesn't represent GNOME at all.

    1. The link to Miguel's post where he basically says Linux desktop is going nowhere:

  3. It would be possible, but I can't see how it would be profitable. First, the app store brings in a lot of profit directly. Second, the 30% share of all payments would have a strong incentive to not sell anything through the app store. The result would be that most apps would have to be sideloaded, and it's the users' responsibility to decide if the app is trusted enough to be installed (I understand that app store review sometimes really sucks, but at least the most blatant crap will eventually be removed). Basically, for many users the result would be similar to crapware-infested Windows PC with the additional joy of being carried everywhere and having a camera and microphone. Another solution would be avoid installing apps for anything that can be done in browser, but mobile browser user experience doesn't really match native apps (neither does browser-wrapped-in-app framework of the day but let's not go there). Desktop Linux is too obscure to have the worst crap targeted at it, but still you generally think twice before installing anything that's not in distribution. There is a market for products like this but there is already strong competition from laptops and Android and I'm not sure if there is much profit to be made there.

    1. Wrong, the result would be a market of App Stores, with different payments cut and different security records. And of course some applications doing update on their own, just like on Android we have things like Amazon Appstore, F-Droid and more.