Chinese apps, even those from big established players, are often indistinguishable from malware. Off the top of my head, I can think of:
- Hiding their app icon from launcher, but add a widget that looks the same. So if the user tries to uninstall the app, they just deleted the widget and the app remains.
- One app would install other apps from the same company in the background without user consent.
- Multiple apps will wake each other so they always stay in the background and become impossible to kill
- Requesting every permission under the sun and transmit as much info to the mothership as possible
- Secretly turning on the camera and film their users
However, these only happen on Android version. iOS version never have these issues.
So even though I am not a fan of the Apple monopoly, I am really really afraid that by allowing third party app stores and sideloading, the western apps will race to the bottom and become just like this.
("But you can always download from the official App Store!" you may say. But what if, say, Tik Tok announces they will from now on leave the App Store and available only via direct download?)
Well, apps that don't have a declared launchable (homescreen) UI don't get these icons. Granted it has been abused by spyware apps to "hide" from unsuspecting users, but you'll find these in Android's Settings app.
> One app would install other apps from the same company in the background without user consent.
I doubt installation without user consent is possible at all in Android 9+. Afaik, only Google PlayStore (or other OEM embedded stores) have permissions to silent install, as it were. And I haven't seen anyone allege PlayStore silently installing apps. See also: https://www.xda-developers.com/android-14-background-install...
> Multiple apps will wake each other so they always stay in the background and become impossible to kill
One can Force Stop an app to make sure no component (service, activity, recievers, or resolvers) can run in the background, until the user explicitly starts the app process again via the Launcher.
Android also limits background processes, tracks per-app CPU and memory use to limit it, and "caches" processes aggresively if need be (puts their threads to sleep so they aren't executing anything but could be resumed quickly).
> Requesting every permission under the sun and transmit as much info to the mothership as possible
The Trust on First Use model has been taken to the cleaners by Android apps hell bent on tracking their users. Starting Android 12 though, Android auto removes permissions granted from installed apps user hasn't interacted with.
> Secretly turning on the camera and film their users
Android 13+ has camera and mic indicators. And for earlier versions, even if inconvenient for end users to setup, there exist open source apps that continuously log cam or mic access from other apps.
>> Multiple apps will wake each other so they always stay in the background and become impossible to kill
>
> One can Force Stop an app to make sure no component (service, activity, recievers, or resolvers) can run in the background, until the user explicitly starts the app process again via the Launcher.
>
> Android also limits background processes, tracks per-app CPU and memory use to limit it, and "caches" processes aggresively if need be (puts their threads to sleep so they aren't executing anything but could be resumed quickly).
Amazon's apps love to do this. If any one of {Kindle app, Amazon Shopping, Amazon Music, Prime Video, Amazon Appstore} launches, one or more of the others will launch in the background. I first noticed it on three low-resource devices. Force-stopping ones I wasn't using at the moment resulted in them relaunching in a few moments. The only solution was to not have more than one Amazon app one each low-RAM or aging-CPU device.
Google does something like this, too, but I can't as easily disperse Gmail, Play Books, Play Music (erm, YouTube Music), Google Services, and whatever else. They also seem to do it more like "O, device just woke, or wifi state change, so lets update all the things", instead of Amazon's "User asked to load Kindle into 864 MB of RAM? Better have all the other large Amazon apps check for updates, too!".
2 GB RAM? Same sudden glacial slowness and unresponsivness due to background semi-related apps running unnecessarily. 4 GB? Well, that mostly works; a moderate slowdown, but no UI freezes.
(Yes, I'm saving up for a Galaxy Tab S8+with 16 GB, but…it costs as much as a real laptop without including a keyboard. I almost miss my Palm IIIx with month-long battery.)
The security argument for the App Store has never been stronger.
> "But you can always download from the official App Store!" you may say. But what if, say, Tik Tok announces they will from now on leave the App Store and available only via direct download?
> The security argument for the App Store has never been stronger.
Perhaps, for many users this is true. But I don't need or want a nanny-company telling me what I can and can't install on my devices.
(And yes, I do sideload apps -- including one I've written myself -- on my Android phone. So this isn't a theoretical "don't take my freedom" type concern.)
>> But what if, say, Tik Tok announces they will from now on leave the App Store and available only via direct download?
> ... and nothing of value was lost.
Couldn't agree more with that sentiment. The problem is, though, that many people will still download it from TikTok's own website or app store. Security is a collective problem: even if I manage to avoid malware, a friend or colleague -- who may have email or chat or whatever history with me -- could get hacked, and that would still leak some of my data.
>(And yes, I do sideload apps -- including one I've written myself -- on my Android phone. So this isn't a theoretical "don't take my freedom" type concern.)
Over the years I have built several very small, very specific apps, to do one thing and do it exactly the way I want it. The one that found most use (also among my friends) was my QR-code scanner, which was built in the days when the only QR-code scanners you could find were littered with ads, or paid for.
It took me less than 2 hours to wrap the google barcode SDK in an app with one view that showed the camera preview and had one toggle button.
The toggle button controlled whether a scanned QR-code would be immediately opened (through a generic intent), or whether it would be stored in the clipboard.
Super easy, works really well and I still prefer over the much slicker looking paid apps. If I had an iPhone i would have surely never have built this app, as the hassle would be too much.
Only works on Android though because Apple deems this type of non-Apple store a threat to their profits. Fortunately there are plenty of Android devices to be had on the market which can run a free AOSP-derived distribution like LineageOS. You'll get OTA updates until the cows come home or the developers move to another device, whichever comes first. The Galaxy SIII I'm using as a "dangerous work" phone - its screen got cracked when it fell of the barn roof for the second time while I was installing solar panels but it still works fine - still gets updates, it currently runs Android 11.
Spyware is much much less powerful on mobile than desktop. If you install malware on a desktop you are boned even without some OS exploit. On mobile there's still a lot an app can do, but it is far more constrained without some OS exploit.
Because it isn't just Apple. Back when Apple removed the headphone jack, people constantly said "Well just use Samsung" or some other brand. Look at where we're at now. If Apple can beat the current pressure, other brands will follow. We're no longer in a theoretical space with this. Companies actively follow the trend, and by excusing it because "it's just Apple", will end badly.
> Perhaps, for many users this is true. But I don't need or want a nanny-company telling me ...
most will not go through the trouble of downloading apps directly and then installing them via developer mode. So while annoying to 0.0001 of Tech workers ... this would actually work quite well.
And chances are that nobody asks us in our ivory Tech towers. It would work so well that within less than 2 years Chinese apps could disappear like Keyser Söze (which is even faster than Huawei disappeared from the US market ;)).
> Simply don't buy an Apple phone.
We said that about the headphone jack. Look where we are now. Companies follow what works, and Apple continues to pioneer anti-consumer practices. You shouldn't buy Apple, but that's not gonna solve the problem. We gotta continue to show why this is bad so others don't chase the same goals.
this has been a recent consideration of mine I haven't fully explored or thought how to deal with yet. I now look at new friends with suspicion, especially those who are not tech savvy. I just gave out an email to a friend recently and he forwarded me an email list without BCC revealing all the recipients. I thought to myself, "oh boy somewhere down the road I'm going to be getting hacked email messages from one of these individuals."
what is the difference between a clamped down App Store with arbitrary rules, and what China does with their Great Firewall?
With a locked down App store in America you have an option of using another device, or just using a computer, without any repercussion. With the Chinese great firewall working around it can lead to legal troubles, to put it lightly.
> what is the difference between a clamped down App Store with arbitrary rules, and what China does with their Great Firewall?
1/Apple is based in a country that follows the rule of law, with checks and balances, and can be sued if it disobeys the law.
2/Apple does not have police, a military, or other means to force you to act against your will.
3/Apple does not prevent you from accessing information outside the country.
4/Apple does not coerce you to say things even if they are false.
5/Apple does not torture -- sorry, I mean "re-educate" -- Muslims.
Please, don't make specious arguments comparing your inability to install some app few people need to being oppressed under the thumb of the CCP. Let's turn down the dramatic volume a little, shall we?
The CCP "great firewall" excuse is, precisely, that it will keep "bad actors" away from the homeland, or "flies" as Den Xiaoping put it. We all know what is the real reason, though.
Apple uses the same excuse: security through arbitrary content control.
As other users have said, I could go and buy an Android phone, or I could even use no phone, why not? But that's not the point. The point is, I'm not buying a device from Apple, I'm just leasing it, with certain conditions. And that should be, in my opinion, not only against the law, but widely considered unethical.
You’re not leasing your phone: you don’t have to pay the owner for continued use of it or be forced to return it.
I get that you don’t like the current state of affairs, but your analogies aren’t good ones.
Ownership has never meant that you are free to do what you want with your property. You take the property as is, and sometimes there are even legal restrictions to what you can do with it. For example, I’m not allowed to build a slaughterhouse on my land.
> You’re not leasing your phone: you don’t have to pay the owner for continued use of it or be forced to return it.
Call it what you want. I pay a lump sum for something that doesn't technically belong to me. And, if I break their ToS, they reserve the right to disable it.
People are rightfully upset about carmakers putting common features behind a paywall. It seems appropriate that they would be too, if they were forbidden to use their car as they pleased.
> Ownership has never meant that you are free to do what you want with your property. You take the property as is, and sometimes there are even legal restrictions to what you can do with it. For example, I’m not allowed to build a slaughterhouse on my land.
This is absurd.
Of course the rule of the law forbids you from having a slaughterhouse in your land if you don't comply with regulations. The terms of the App Store are part of a contract, not a law. Contracts may be initially binding, but they may also be illegal after review, and I personally hope they are in this regard.
In other words, there is no law saying that I shall not distribute porn on the App Store, that is just Apple's prerogative.
On the other hand, if you are arguing that federal and state laws are equivalent to private contracts, then your previous point about the Great Firewall and the App Store is moot.
> I pay a lump sum for something that doesn't technically belong to me.
The physical object belongs to you, but property has never in the course of history meant "I can do whatever I want with something in my possession." Property rights are about possession and control, not necessarily about concrete objects. (That's why copyright and trademark is known as "intellectual property.") And control is rarely absolute.
> the law forbids you from having a slaughterhouse in your land if you don't comply with regulations
No, zoning regulations prohibit me from having a slaughterhouse on my land at all. Hell, I can't even build a multi-family residence on it.
> if you are arguing that federal and state laws are equivalent to private contracts
They are not, but legal enforcement is what makes contracts work - the "teeth," if you will. If everyone were free to flagrantly breach the terms of their contracts, chaos would result.
What you're asking for is for certain terms of contracts to be unlawful as contrary to public policy. And that's fine, but again, let's keep the hysterics and ludicrous comparisons to a minimum.
It's going to be an unpopular opinion but there's an awful lot of applications that are out there that are just hilariously outdated, terribly made, or is some form of malware. I mostly use mainstream apps (Google Maps, Bitwarden, Safari, Slack, Discord, Spotify, Canary, etc) and the times I do look for new apps I enjoy having the convenience of not having sift through awful apps that used to plague android market (and to a certain extent google playstore).
App Store is not perfect by any means but I think it's superior to alternatives that are out there for users like me.
> Computer programs that enable smartphones, tablets, and portable all-purpose mobile computing devices, and smart televisions to execute lawfully obtained software applications, where circumvention is accomplished for the sole purpose of enabling interoperability of such applications with computer programs on the smartphone or device or to permit removal of software from the smartphone or device;
Every industry is regulated, it’s coming for software and it will help the common user from being exploited.
Do you see the legislation for broadcasting and say, ‘What makes that different from how you have no free speech in China?!’
We’ve already had voluntary step backs in the idea of online liberalism with Twitter having to be heavily pressured to take down ISIS propaganda. Codifying those rules for everyone is inevitable.
> I am really really afraid that by allowing third party app stores and sideloading
please stop it. I do not want my devices to become a toaster. I am a computer programmer. I would like the ability to write programs for my own personal use, and run those on my own devices THAT I PAID FOR. please stop pushing some narrative that will take this ability away from me.
> ("But you can always download from the official App Store!" you may say. But what if, say, Tik Tok announces they will from now on leave the App Store and available only via direct download?)
Personal freedom always has personal responsibility attached. If you direct download it and it's malicious, well, that's your own problem. Probably should've thought about it better.
If you don't want to think about security, all you have to do is only install apps that are in the app store. Why should everyone else be restricted from doing whatever they want with their phones?
> So even though I am not a fan of the Apple monopoly, I am really really afraid that by allowing third party app stores and sideloading, the western apps will race to the bottom and become just like this.
This did not happen with Windows, so why would it happen with Android, that is much more restrictive in terms of permissions?
- Hiding their app icon from launcher, but add a widget that looks the same. So if the user tries to uninstall the app, they just deleted the widget and the app remains.
- One app would install other apps from the same company in the background without user consent.
- Multiple apps will wake each other so they always stay in the background and become impossible to kill
- Requesting every permission under the sun and transmit as much info to the mothership as possible
- Secretly turning on the camera and film their users
However, these only happen on Android version. iOS version never have these issues.
So even though I am not a fan of the Apple monopoly, I am really really afraid that by allowing third party app stores and sideloading, the western apps will race to the bottom and become just like this.
("But you can always download from the official App Store!" you may say. But what if, say, Tik Tok announces they will from now on leave the App Store and available only via direct download?)