[HN Gopher] A top-grossing scam on the App Store
___________________________________________________________________
A top-grossing scam on the App Store
Author : egocentric
Score : 399 points
Date : 2021-04-13 16:01 UTC (6 hours ago)
(HTM) web link (twitter.com)
(TXT) w3m dump (twitter.com)
| tolmasky wrote:
| Apple has just engineered the worst possible situation for
| themselves by being the _only_ way to get apps on the store and
| by simultaneously incessantly marketing the store as "Safe and
| Secure". The former encourages them to maximize the number of
| apps on the store, while the latter encourages them to shoot
| first and ask questions later.
|
| If side-loading or alternative ways of getting apps onto the
| iPhone existed, then they could implement far stricter controls
| knowing that, worst case scenario, you _can_ still get an app
| onto the iPhone. This is how it works on the Mac. Tor isn 't on
| the Mac App Store, but that of course doesn't mean Tor can't be
| used on the Mac.
|
| This is one of the tricky parts about AppStore discussions, it's
| not about being for or against the AppStore. In fact, I wish the
| AppStore was _MUCH pickier_ about the apps it let in, and I also
| wish there was an alternative to the AppStore to catch cases that
| didn 't meet that strict bar. Then the AppStore could _actually_
| be about curation as opposed to fear-induced isolationism. Then
| Apple wouldn 't have to inadvertently have political side-effects
| when it disallowed apps like HKMap.live.
|
| Being on the AppStore could still be advantageous beyond just
| "either that or you don't get to be on the iPhone at all." Apple
| payment processing, iCloud integrations, Family-sharing, etc.
| could all be tied to being ON the AppStore, so there'd still be a
| huge incentive to try to ship that way. And side-loading doesn't
| have to be easy or even on by default.
| amelius wrote:
| The real issue is that "AppStore" and "ContentFilter" are two
| orthogonal things (which Apple conflates).
|
| We can have multiple instances of both. And we probably should.
| saurik wrote:
| Yeah: and for anyone who doesn't immediately see how this is
| possible, a curator merely needs to have an allow/deny list
| of apps--possibly specific reviewed binaries--not actually
| host them or be the bottleneck for obtaining them: you just
| want the (hopefully federated) store app(s) to be able to
| refer to the (hopefully federated) curator(s) to limit the
| display and prevent installs.
| egocentric wrote:
| Also, from my other comment, Apple could let us sideload
| notarized apps. This means:
|
| - Automated scan for malware
|
| - Remote kill switch, just in case
|
| They _already_ do this for macOS [1]:
|
| > "Notarization is not App Review. The Apple notary service
| is an automated system that scans your software for
| malicious content, checks for code-signing issues, and
| returns the results to you quickly."
|
| They could give users a choice, much like they're doing
| with the new App Tracking Transparency prompt. But when
| pressed on why Apple should have control, Cook said
| "Somebody has to."
|
| That's... not a very convincing argument.
|
| [1]: https://developer.apple.com/documentation/xcode/notari
| zing_m...
| simonh wrote:
| How would the security model work with side loaded apps. How
| would they get access to OS resources, services and share data
| with other apps, e.g through the clipboard? Who would verify
| them against malware, or ensure they didn't violate security
| constraints? It's not like Apple could disavow all
| responsibility for any data leaked from the system, a lot of
| users simply wouldn't see it that way.
|
| There's a lot wrong with the current state of apps in the App
| Store, but right now at least I know who's job it is to get it
| fixed.
| egocentric wrote:
| "Sideloading Apps Would 'Break' the Security and Privacy of
| iPhone", said Tim Cook.
|
| But instead of gaslighting us, Apple could let us sideload
| notarized apps. This means:
|
| - Automated scan for malware
|
| - Remote kill switch, just in case
|
| They _already_ do this for macOS [1]:
|
| > "Notarization is not App Review. The Apple notary service
| is an automated system that scans your software for malicious
| content, checks for code-signing issues, and returns the
| results to you quickly."
|
| They could give users a choice, much like they're doing with
| the new App Tracking Transparency prompt. But when pressed on
| why Apple should have control, Cook said "Somebody has to."
|
| That's... not a very convincing argument.
|
| [1]: https://developer.apple.com/documentation/xcode/notarizi
| ng_m...
| Apocryphon wrote:
| Yeah, the whole "there is no alternative to the App Store"
| argument completely falls apart in the face of the
| existence of the Mac, and how the Mac isn't constrained by
| the Mac App Store.
| bogwog wrote:
| > How would they get access to OS resources, services and
| share data with other apps, e.g through the clipboard?
|
| Through the same system APIs that exist right now. Why would
| that change?
|
| > Who would verify them against malware
|
| The distributor of the app, most likely. If you downloaded a
| game though Steam for iOS or whatever, and it had malware,
| that's Valve's fault.
|
| If you went to virus.com and downloaded a virus, that's your
| problem.
|
| > or ensure they didn't violate security constraints?
|
| You mean ensure they don't violate one of the operating
| system's security protections? That's called finding an
| exploit, and it's the developer of the operating system's
| responsibility. Exploits for iOS exist today, and they'll
| continue to exist in the future.
|
| > It's not like Apple could disavow all responsibility for
| any data leaked from the system, a lot of users simply
| wouldn't see it that way
|
| Of course not. A "leak" due to an exploit/vulnerability in
| iOS that Apple failed to patch would be their fault.
|
| A third party app leaking personal info online would be the
| third party developer's fault. People didn't get pissed at
| Apple when Facebook leaked all that data a ~week ago.
|
| > There's a lot wrong with the current state of apps in the
| App Store, but right now at least I know who's job it is to
| get it fixed.
|
| It's their job to get it fixed. It's been their job for over
| 13 years, and they've failed at it again and again. It's
| about time they're fired.
| ProjectArcturis wrote:
| If they allowed side-loading, they might not capture 30% of
| revenue from apps sold through the app store. If they
| disallowed scams, they might not capture 30% of the scammers'
| revenue.
| Despegar wrote:
| There's no reason to think that the cut would be any less
| than 30% even if they allowed side-loading. People just
| assume it would be like the Mac, but Apple isn't required to
| license its technology to anyone for free.
| tolmasky wrote:
| I actually believe that if they allowed side-loading it would
| be one of the best ways to guarantee that they continue
| capturing 30% of revenue in perpetuity. This is because they
| could actually for the first time make developers _feel_ like
| they 're getting something for that 30%, as opposed to it
| being an "existence tax". Apple could actually with a
| straight face say "hey, you don't HAVE to be on the store,
| try doing it on your own". This is much different than the
| current Hobson's Choice of "you don't have to be on the
| store, you could just not have an app" which feels
| increasingly shallow in a duopoly, which gets to another
| important point: they'd actually have a fantastic argument
| for regulators: competitors really do have choices other than
| Apple! It would be very hard to argue that Apple should cater
| to your app that they don't like when there is another way to
| deliver that app to all the same customers (that doesn't
| involve first convincing them to switch platforms).
|
| I honestly believe that _some sort of_ side-loading option
| would be best for any cynical Apple interests long-term _and_
| for developers _and_ for users.
|
| The current course of action just leads to developer
| frustration (which is fine until a disruptive player enters
| the market), a super shitty store that leaves customers
| pissed (with scams, etc.), constant churn in rules to try to
| appease everyone and kick the can another 2 years (like the
| 15% reduction), and worst of all, unwanted attention from
| regulators that could have chaotic effects.
| ed_elliott_asc wrote:
| This is the worst thing they could do, leave google open to
| host iOS apps on their store
| Apocryphon wrote:
| Not really, judging by the current quality of the Play
| Store.
| Apocryphon wrote:
| I should clarify the above means that given the (lack of)
| quality of the Play Store, I don't see Google hosting iOS
| apps would get much traction and receive many adopters.
| Apocryphon wrote:
| Truth be told, Apple could own side-loading on its own
| terms. They can present their own APIs that provide _some_
| freedom outside of the App Store, without ceding all of
| their control. Wrap it up in copious disclaimers and
| language informing the end-user that Apple is not
| responsible for what happens with these "advanced
| settings." Bake security checks into this process. Make
| side-loading into a walled garden unto itself.
|
| This would also disincentivize jailbreakers, as fewer power
| users would be interested in pursuing the 100% amount of
| freedom that jailbreaking allows.
|
| You could even go all of the way and have Apple adopt a
| "can't beat us? Join us" mentality towards independent app
| repositories outside of App Store by _providing their own
| APIs and SDKs to run your own third-party app store_.
| Again, architect it to automatically include security
| checks. Tie in subtle ways for Apple still to get a cut and
| a measure of their control.
|
| This is far from a concrete description of what "third
| party stores brought to you by Apple" would look like, but
| if there's any company that could square the circle and
| make it a reality, it'd be Apple.
| infogulch wrote:
| I think it's apple playing chicken with regulators. Surely
| they also see this problem as inevitably coming to a head,
| but if they can flirt with the line, they can make bank
| until they're forced to move on it. They probably have
| responses to potential issues and a transition _already
| planned out_ ; they are simply milking the current
| situation for all its worth.
| 2OEH8eoCRo0 wrote:
| Right. The AppStore wouldn't disappear if the platform were
| more open- the AppStore would have to actually compete.
| whywhywhywhy wrote:
| >Apple has just engineered the worst possible situation for
| themselves
|
| Until you realize they don't actually care about it being "safe
| and secure" beyond a certain point.
|
| They care they apps wont leech your payment details, they care
| they apps can't step outside the guidelines, they care that
| technology and connectivity is locked within the app store and
| not the browser but as long as an app plays within the rules
| they don't care if an app tricks your 5 year old into a 400$ a
| week subscription, as long as your 5 year old is doing it
| safely.
| coldtea wrote:
| > _If side-loading or alternative ways of getting apps onto the
| iPhone existed, then they could implement far stricter controls
| knowing that, worst case scenario, you can still get an app
| onto the iPhone. This is how it works on the Mac. Tor isn 't on
| the Mac App Store, but that of course doesn't mean Tor can't be
| used on the Mac._
|
| And if side-loading was alowed then every big player whose app
| users "have to have", e.g. Google, Facebook, Abobe, Zoom, Epic,
| would start their own independent app store (or distribution
| just for their apps).
|
| Users would have no recourse than to install the app for there
| (or do without Facebook or Zoom etc).
|
| Then every scammer and scamster does the same for their apps,
| and lures enough people to get them, and depending on what's
| allowed, you also get pirated app "stores". In the end the
| result is not so great for the devs complaining either...
|
| Now instead of 1 method of payment, 1 way to enforce
| subscriptions/cancellations and other rules, one checkpoint,
| you have 2 or 5 or 10.
| metalliqaz wrote:
| Android allows side loading and none of that stuff is an
| issue on Android. It exists, but it's not an issue. You can
| easily stay in the Play store, but if you choose not to...
| caveat emptor.
| FalconSensei wrote:
| > And if side-loading was alowed then every big player whose
| app users "have to have", e.g. Google, Facebook, Abobe, Zoom,
| Epic, would start their own independent app store (or
| distribution just for their apps).
|
| That didn't happen on Android. But at least on android you
| can download the apk from github, or use f-droid
| coldtea wrote:
| > _That didn 't happen on Android._
|
| Epic did it on Android (they pointed to their own source
| for Fortnite).
|
| For others, there's no need, like there is on iOS. E.g.:
|
| Google doesn't need to build their own Android app store,
| they control the main one already!
|
| Facebook doesn't need to do it, as Google is not as strict
| with app privacy constraints as Apple is.
| mhh__ wrote:
| Would they? Doesn't really happen on Android, Steam is still
| the go-to on PC
| tolmasky wrote:
| This relies on a lot of assumptions:
|
| 1. It is highly dependent on the mechanics of how Apple
| implements side-loading (again, if it has a scary warning or
| requires you to turn something on deep in Settings, it's
| unclear if this would actually be the case). Especially
| considering that for many apps Apple now has their own
| versions, so it might not be a great idea for Google to put
| more hoops to jump through to get to Maps when Apple ships a
| (now) fairly competent Maps app built in.
|
| 2. It also disregards the other benefits the AppStore _could_
| provide aside from being the only game in town, as it does
| now. Again, there are many features that make a lot of sense
| to be tied to AppStore accounts, the most obvious of which is
| anything having to do with ease of payments. You might be
| leaving a lot of money on the table by completely abandoning
| the "one tap" payments that AppStore payments gets you
| (especially with in-app purchases, etc.). Separately, users
| will expect Family Sharing to "just work", etc. Again -- this
| aligns incentives really well on both sides: a lot of these
| features are implemented fairly poorly today by Apple because
| there's no rush, its not like there's another option. With a
| good incentive to make Family Sharing shine with respect to
| the competition, it could start being far less confusing and
| be far more flexible too. It might not take 5 year stretches
| to get bottom-of-the-barrel basic features like paid app
| updates or app trials, etc.
|
| 3. This actually flips a lot of current economics of the app
| store on its head: it is an open secret that Apple grants
| sweetheart deals to big companies on the AppStore who don't
| pay 30%. This is the worst of both worlds: the big players
| are given an unfair advantage on the AppStore. However, if
| they were attracted by their greed to try to "do it on their
| own" outside the AppStore, then small startups have a real
| shot at going head to head by being the "AppStore-compliant"
| version of the app, since 30% is an easier pill to swallow
| when its not billions of dollars in revenue.
|
| 4. The idea that because one or two apps convince users to
| side-load means that it would open the flood gates to every
| single scam app doing it is a fairly BIG slippery slope to...
| slide down? Again, if the process is fairly onerous for
| _each_ side-load, then you might find that ONLY big names can
| actually convince people to do it, or _important_ apps like
| HKMap.live or other apps that nations try to use the
| bottleneck of the AppStore to prevent. As mentioned elsewhere
| in these comments -- side-loading wouldn 't necessarily mean
| you don't have to jump through some other Apple hoops.
|
| And most importantly, I would argue that the current
| situation is worse. Apple tells everyone the AppStore is
| safe, and thus every app that appears on the AppStore is
| "Apple approved" (LITERALLY!). This precisely lulls people
| into installing scammy apps. Apple can't pop up a disclaimer
| every time you download something from the AppStore saying
| "HEY NOW CAREFUL, THIS APP _MAY_ BE A SCAM, " because it
| would go against the entire marketing of the AppStore. But
| they CAN put such a disclaimer in front of every side-load,
| because they owe those apps nothing and it hurts Apple's
| reputation none at all in that case.
| pranau wrote:
| >And if side-loading was alowed then every big player whose
| app users "have to have", e.g. Google, Facebook, Abobe, Zoom,
| Epic, would start their own independent app store (or
| distribution just for their apps).
|
| >Users would have no recourse than to install the app for
| there (or do without Facebook or Zoom etc).
|
| We are already aware of a platform that allows easy
| sideloading - Android. And most apps on Android are
| distribured through the Play Store. All "big" players still
| go through the Play Store.
|
| When there is no such thing as the examples you described
| going on in Android, why do you expect iOS to be different?
| spullara wrote:
| Money. There is way more money in the iOS ecosystem.
| spartanatreyu wrote:
| I don't think you're giving enough weight to the network
| effect. People don't want to switch from what they
| already use.
|
| Worst case scenario, some managers decide to include an
| app store inside their app, they ignore the reality of
| the chance of success and put a whole bunch of marketing
| in it to their higher ups. Then they get promoted or
| switch jobs then blame whoever gets stuck with it 3-6
| months later when it fails.
|
| After that we'll probably end up seeing real use cases
| side loaded app stores (like hobby game development, or
| open source tools that don't want to or can't pay the
| Apple tax).
| coldtea wrote:
| > _When there is no such thing as the examples you
| described going on in Android, why do you expect iOS to be
| different?_
|
| Several reasons why this hasn't happened on Android. Let's
| see a few examples:
|
| (1) iOS doesn't let other players have their own broswer
| engines. Google is one of those other players, and if the
| iOS App Store wasn't the only game in town, they'd have an
| alternative pronto. Android is theirs, so they don't need
| to do that.
|
| (2) iOS has strict privacy/ad rules (getting stricter too).
| Facebook doesn't like them. Android let's them have it - so
| no need to make a move there.
|
| (3) iOS also has the share cut that Epic doesn't like
| regarding the in-store subscriptions thing. In Android,
| where this is also an issue, Epic already has users
| sideload Forthnite from their own store.
|
| (4) Serious Adobe apps are not available for Android (just
| Photoshop Express/Mix and such lite versions for
| consumers), but are for iOS. So not exactly the same
| incentive for Above to make a move there. But if it was an
| option to have their own store on iOS, given their pro app
| subscription program, I think they'd take it pronto.
| Apocryphon wrote:
| 1) One wonders if it would be possible for Apple to
| disable certain types of apps regardless of how they're
| obtained, including alternative browser engines. I think
| already the OS can prevent apps from overstepping its
| permissions system already? Though jailbreaking can still
| override that.
|
| 2) That would explain greater developer demand for a
| third party store on iOS, but not why users would seek
| out these more ad-intensive app stores.
|
| 3) Yeah, this would be a pretty major reason to drive
| third party app stores on iOS, though it's not as if
| there's a ton of sideloading on Android to get around the
| Play Store's own 30% cut, besides the high-profile
| Fortnite example.
|
| 4) Yes, and it would be annoying fragmentation if other
| major developers/publishers did the same on iOS,
| requiring the installation of a ton of third party app
| store apps and keeping track of different app store
| accounts.
|
| But how many would really go through the hassle of
| building their own app store just to sell their products?
| (Maybe it'd be easier to find a way to sell and
| distribute their apps through their mobile browser
| sites.) One would suspect the number of alternate app
| stores to stabilize over time.
| tracedddd wrote:
| I think it would still poison the "Apple experience" to have
| many AppStores all competing with their own closed ecosystems.
| The Apple Experience of not being able to install some apps
| sucks, but its always been easy for me to help someone with an
| iOS device. That's not true with Android or Windows. A walled
| garden ecosystem isn't for everyone, but it does have value.
|
| Instead, I'd like to see Apple be forced to provide bootloader
| unlocks and some basic drivers for alternative operating
| systems. We own the hardware, after all. Then they could have
| their walled garden and people who wanted more could run
| something else.
|
| It's also a simpler and more generalizable goal, in my opinion.
| If you own it, you should have low level access. That sounds
| more reasonable than forcing a corporation to add open App
| Store access, maintain it, and deal with whatever market
| effects precipitate.
| Apocryphon wrote:
| > I think it would still poison the "Apple experience" to
| have many AppStores all competing with their own closed
| ecosystems.
|
| I actually think Apple could find a way to navigate it. They
| already allow one prominent alternative choice on iOS: non-
| iMessage SMS. If Apple allowed third-party stores, I could
| see them using their product, UX, and branding mastery to
| create the equivalent of the blue-bubble and green-bubble
| dichotomy for App Store vs. 3rd party downloaded apps.
| Creating a social stigma without technical restrictions, so
| to speak. So allowing an alternative while at the same time
| encouraging users not to partake in it.
| thekyle wrote:
| I don't understand how a social stigma would work for
| sideloading apps. It works for iMessage because it's a
| social product. But how would anyone else even know if the
| apps on your phone were sideloaded or not?
| Apocryphon wrote:
| Apple could easily put in UX to identify the apps as not
| from the App Store, similar to how green text bubbles
| signify non-iMessage messages. The very fact that the
| color differentiation exists has led to a bifurcation in
| texting, which has been discussed elsewhere, as in here:
|
| https://www.wsj.com/articles/ugh-green-bubbles-apples-
| imessa...
|
| Apple is good at social psychology through product
| design, and it's not hard to imagine them employing
| similar methods to single out non-App Store apps on the
| phone to make them seem suspect for being less official.
| Less technically-savvy users will shy away from third
| party apps and sideloading if Apple's UI makes those apps
| seem scary. Thus, this can be a means for Apple to allow
| additional freedom while deterring most users from
| pursuing it, minimizing their potential exposure to third
| party insecurity.
| oarsinsync wrote:
| The bifurcation isn't caused by the colour of the
| bubbles. The colour doesn't cause the stigma. The colours
| are simply used as a simple headline to represent all the
| differences and improvements that iMessage brings
| compared to traditional SMS/MMS.
|
| The costs of someone not participating in the "blue
| bubble ecosystem" are borne by all of the people trying
| to participate in the conversation. Unless the cost of my
| friend side loading an app is felt by me, the same stigma
| approach is unlikely to occur.
|
| Ironically, Game Center could have been that exact thing
| for gaming on iOS, if only they hadn't mostly killed it
| off already.
| Apocryphon wrote:
| The colors are an important signifier of the second-class
| status of non-iMessage texts, though. So if there were
| similar UX around non-sideloaded apps, whether
| differently-formatted text or warning labels, they could
| also shape user attitudes towards those apps.
|
| To some extent you can already see this on desktop, when
| MacOS warns you about programs from unidentified
| developers and so forth.
| Daho0n wrote:
| How does it matter which policy the app store have in ease of
| providing support? Providing support in Windows (can't talk
| for Android) isn't hard at all.
| [deleted]
| sebastien_b wrote:
| For a company that spent $6+ billion on a new campus, you'd think
| they could use even 1/60th of that to implement appropriate
| controls, especially when they're claiming it's "safe" and that's
| why it must be the only appstore on iOS.
| sjg007 wrote:
| Google isn't immune either I suspect. Before the app store, I
| discovered a google search scam for usps change of address. You
| can fill that out for free at usps.com or in the post office, but
| if you search for it, a bunch of scammy providers offered to do
| it for you for $20. They were buying google ads so that their
| links appeared before the usps. They would come from somewhat
| legit looking domains too. I think part of the issue is that
| usps.com is the official site vs usps.gov.
| WesolyKubeczek wrote:
| Google's Play Store is a cesspit at times, frankly speaking.
| But you enter it with low expectations since they don't
| advertise it to you as a walled garden experience, curation by
| hand, artisanal repackaging, and whatnot, and you tune your
| buyer beware sense to 11.
|
| On the other hand, Apple's like a restaurant that promises you
| clean and superior experience, you enter, it's clean and tidy
| indeed, but then you suddenly get served a smelly smoked
| herring wrapped in an old stained newspaper, and get charged
| $199 for it on top.
| sjg007 wrote:
| I think buyer beware isn't really effective for the general
| public. As techies, sure, but for everyone else? There's a
| reason this app is making $5m a month.
| phreack wrote:
| So it's not just a scam, it's a scam pretending to be a medical
| app? The walled garden method has been proven a failure and needs
| to go urgently.
| ehsankia wrote:
| I'm not defending Apple, and I dislike the walled garden model
| too, but you can't just blindly claim that this is a failure
| and a non-walled method would do a better job without any
| evidence.
| fsflover wrote:
| > without any evidence
|
| Do GNU/Linux repositories count? F-Droid?
| zepto wrote:
| Obviously not. They simply aren't a meaningful target for
| scams the way the iOS store is.
| fsflover wrote:
| Yes, they are. Go look how many servers run GNU/Linux.
| zepto wrote:
| What does that have to do with a billion consumers of
| iPhone apps?
| ehsankia wrote:
| F-Droid is orders of magnitude smaller, and its users are
| generally far more advanced, hence not worth trying to
| scam. The same applies to GNU/Linux too, though there's
| also other differences there too. Scale is really the
| issue, Android has 3 billion users, iOS probably has over a
| billion too.
| Apocryphon wrote:
| Looking at the Android model, despite its greater
| openness than iOS, there is also only one dominant app
| market with a handful of third part competitors, from
| well-curated open source repos like F-Droid or XDA Labs
| to OEM third party ones that no one actually uses or
| wants to use like the Amazon Appstore or Samsung
| AppStack.
|
| https://en.wikipedia.org/wiki/List_of_Android_app_stores
|
| Really hard to say what would happen in a hypothetical
| situation where Apple allowed iOS alternative app stores.
| Maybe the overwhelming majority of users will continue to
| download only on the App Store, with a tiny minority of
| power users going to alternatives.
| Bud wrote:
| It's been proven a rousing success, actually, and needs to
| stay, urgently.
|
| It's literally the most rousing success of any product in the
| history of civilization. You might want to re-calibrate your
| sensors a bit about what is successful.
| hundchenkatze wrote:
| Yes, it's been successful at creating the illusion that as
| long as I'm in Apple's garden all is well. Meanwhile
| extremely profitable scams (for both Apple and the scammer)
| remain in the store.
| JoshTko wrote:
| Average users view the garden as a feature, not a bug - and
| that's the point. Apple removing complexity that their
| user's do not understand or need is good product design. HN
| audience is not Apple's main target audience.
| zepto wrote:
| > So it's not just a scam, it's a scam pretending to be a
| medical app? The walled garden method has been proven a failure
| and needs to go urgently.
|
| It sounds like you are arguing that _more medical scams would
| be better_.
|
| App review fails sometimes, but removing it would be worse.
| Daho0n wrote:
| Who said remove them? Access to other app stores could just
| as easily let you pick one with _more_ control and review
| instead of less. That should be up to the user. Not you, me
| or Apple.
| zepto wrote:
| > That should be up to the user. Not you, me or Apple.
|
| It's pretty obvious why this is flawed: a lot of people
| will end up being sold on scammy or privacy invading
| stores.
|
| You'll be able to blame them for making the wrong choice,
| but it won't actually be their fault. It will be the fault
| of those who prevented Apple from offering a curated
| environment.
| Apocryphon wrote:
| > It's pretty obvious why this is flawed: a lot of people
| will end up being sold on scammy or privacy invading
| stores.
|
| Why? The vast majority will continue to use the App
| Store. Apple could also manage this situation to both
| educate users and frame the situation in such a way so
| that only power users would leave the safety of the App
| Store to seek out sideloading or alternative stores.
|
| The dichotomy of walled garden vs. the Wild West is a
| false one and a failure of imagination that ignores the
| possibility of a middle ground. If you believe Apple can
| truly build a good walled garden, you can also believe
| that Apple can lift restrictions and allow third party
| stores in a sensible, well-managed way without
| sacrificing product quality.
|
| > It will be the fault of those who prevented Apple from
| offering a curated environment.
|
| Actually, it would be the fault of the scammers and
| privacy-invaders in question.
| zepto wrote:
| > The vast majority will continue to use the App Store.
|
| Definitely not true. Most people will be forced to
| install alternative stores because those stores will pay
| for exclusives on key apps. Players like Facebook and
| Google will open stores and only make their products
| available within them.
|
| > Apple could also manage this situation to both educate
| users and frame the situation in such a way so that only
| power users would leave the safety of the App Store to
| seek out sideloading or alternative stores.
|
| Not true. If Apple is forced to allow alternative store,
| anti-trust regulators will prevent Apple from portraying
| their own store as safer or from framing the situation.
|
| > The dichotomy of walled garden vs. the Wild West is a
| false one and a failure of imagination that ignores the
| possibility of a middle ground. If you believe Apple can
| truly build a good walled garden, you can also believe
| that Apple can lift restrictions and allow third party
| stores in a sensible, well-managed way without
| sacrificing product quality.
|
| Not true. Apple obviously cannot manage the behavior of
| third parties who they are forced to allow to build
| stores.
|
| > It will be the fault of those who prevented Apple from
| offering a curated environment. > Actually, it would be
| the fault of the scammers and privacy-invaders in
| question.
|
| Clearly false. We know the scammers and privacy invaders
| will act, _but are currently limited in their ability to
| do so._
|
| Forcing Apple to reduce protections will be the proximate
| cause of their customers being vulnerable.
| Apocryphon wrote:
| > Definitely not true. Most people will be forced to
| install alternative stores because those stores will pay
| for exclusives on key apps. Players like Facebook and
| Google will open stores and only make their products
| available within them.
|
| That is debatable, and discussed throughout this thread,
| including in my own comments:
|
| https://news.ycombinator.com/item?id=26799453
|
| https://news.ycombinator.com/item?id=26799283
|
| Furthermore, there is clear evidence that what you are
| describing is not inevitable. Most Android users use the
| Google Play Store. Most MacOS users use the Mac App
| Store, and if they get their apps from elsewhere, it is
| not from competing app stores, unless you include game
| stores such as Steam or those run by Epic/EA/UbiSoft.
|
| Facebook does not run their own separate Android app
| store, even though they could. Amazon has one, largely to
| service their own unique Android Kindle devices, and they
| are not popular outside of them, nor do they have
| exclusivity over Amazon apps. Your doomsday scenario of
| myriads of exclusive app stores flies in the face of both
| existing trends, and market dynamics. As pointed out
| elsewhere, network effects prevents everyone from
| starting their own app store; users do not want to deal
| with dozens of accounts, and will just use Apple's built-
| in apps if you present too high a bar to getting your
| own.
|
| https://news.ycombinator.com/item?id=26799335
|
| > Not true. If Apple is forced to allow alternative
| store, anti-trust regulators will prevent Apple from
| portraying their own store as safer or from framing the
| situation.
|
| Antitrust regulators have down little so far, making your
| fear-mongering claim even more dubious. Additionally,
| Apple is a master of dark patterns and social
| engineering, and can easily convey the safety of the App
| Store without stooping to heavy-handedness that would
| trigger regulators.
|
| > Not true. Apple obviously cannot manage the behavior of
| third parties who they are forced to allow to build
| stores.
|
| I find your lack of faith in Apple to be most disturbing.
| It's easily imaginable for Apple to re-frame the entire
| game so that _they_ are the ones who are encouraging
| third parties to build stores, using official Apple App
| Store SDKs /APIs that come with Apple security standards
| built in.
|
| https://news.ycombinator.com/item?id=26797189
|
| > Clearly false. We know the scammers and privacy
| invaders will act, but are currently limited in their
| ability to do so.
|
| You are refusing to acknowledge that when someone is
| scammed, the scammer is the one who holds the greatest
| fault for doing so. By doing so, you are passing the buck
| up the the responsibility chain.
|
| And, clearly not enough, as the OP demonstrates. Apple's
| App Store enforcement standards have been slipping
| compared to previous years. Its clear that scammers are
| far less limited than back when Apple was more diligent
| at stopping malicious apps from being on their own
| platform.
|
| > Forcing Apple to reduce protections will be the
| proximate cause of their customers being vulnerable.
|
| No one is forcing Apple to host scammy apps on their own
| platform. And you seem to be the only one who believes
| that Apple cannot extend protections even to hypothetical
| Apple-powered third party app stores. At the end of the
| day, they control the operating system. They would always
| have ultimate control.
|
| Finally, the original statement you are responding to is
| talking about the possibility of third party app stores
| that are _more_ secure than the Apple App Store. Given
| the App Store 's huge size and apparently slipping safety
| standards, it's certainly possible for new entrants to
| provide competition and offer an even _better_ curated
| and secure experience than the one Apple provides. By
| preventing Apple from allowing the creation of such third
| party app stores, you are in effect the one forcing Apple
| to reduce protections, making their customers vulnerable.
| goonogle wrote:
| It's never been about quality. It's about control.
| viro wrote:
| how did Nintendo save the video game market?
| Daho0n wrote:
| By killing competition and locking down their hardware so
| we couldn't get more open hardware? That's not "saving"
| anything but themselves.
| viro wrote:
| The market was flooded with trash because of the openness
| of Atari hardware to the point that it literally killed
| the market. The only reason it came back was the quality
| controls put into place by Nintendo. These are historical
| facts.
| Bud wrote:
| Let me just give you a hint: you don't even get the faintest
| chance to have one-millionth of Apple's level of potential
| "control" without creating many many years of quality, first.
| I'm surprised you don't see that.
| 55555 wrote:
| Thanks Bud. But this isn't actually a disagreement with
| what he said. You're both right.
| cronix wrote:
| I often wonder what it would be like if the iPhone followed
| Steve Jobs original announcement and stated vision. There was
| no mention of an app store, at all. Apps were to be, basically,
| PWA's using html and javascript with api's to hardware. They
| called it "web 2.0 + ajax" and claimed if you knew how to write
| apps using the "latest web standards," you could write apps
| just as good as apples native apps. If you wanted to update
| your app, you just update your server hosting the app.
|
| Here's the specific portion of the original Jobs iPhone
| announcement that I'm referring to:
| https://www.youtube.com/watch?v=QvQ9JNm_qWc
| asdff wrote:
| I think their hand was forced when the first iPhone was
| jailbroken, and able to install 3rd party apps within six
| months of release.
| emmanueloga_ wrote:
| Which app is it!? Why is it so hard to find the app he's talking
| about ... sigh
| WesolyKubeczek wrote:
| Remember, the App Store offers you the most secure, curated, and
| safe experience you can ever have with your Apple devices.
|
| Each app submitted to the App Store undergoes a thorough review
| process. Each app update is checked and approved by an Apple
| employee. It's not like some automated process which you can game
| left and right. Each app on the App Store is guaranteed, thanks
| to the strict review process, to adhere to a minimum standard of
| quality which is higher than competing app markets are offering.
|
| You can trust Apple's judgement on the content that is published
| on the App Store.
| josefresco wrote:
| Is this a joke?
| baobabKoodaa wrote:
| Yes.
| Shivetya wrote:
| Plus depending on news source Apple supposedly can get close to
| a hundred thousand apps submitted each week.[0]
|
| That staggering number of apps is bound to have leakage of the
| bad sort and as long as Apple has in place a means to report
| them then they should be given some leeway. If there is no
| process (I really don't know) then yeah we should call them out
| on it.
|
| [0]https://appleinsider.com/articles/20/09/24/app-store-
| rejecte...
| egocentric wrote:
| Apple _removed_ the "Report a Problem" button they used to
| have on the App Store for each app: https://twitter.com/kelef
| theriou/status/1381463249749565440?...
| s_dev wrote:
| >Each app submitted to the App Store undergoes a thorough
| review process.
|
| Thats just not true though -- it does go through a review but
| the quality of that review is not remotely consistent.
|
| I've litterally had reviewers 'reject' an app because they
| couldn't log in and said I didn't provide the right details.
|
| Basically they copied the email or password incorrectly. Note
| they didn't copy and paste -- just wrote it wrong and then
| rejected the app with out double checking.
| WesolyKubeczek wrote:
| > Thats just not true though -- it does go through a review
| but the quality of that review is not remotely consistent.
|
| Still, it's way better than any competing app store for iOS
| apps in existence!
|
| Well duh, of course I'm being sarcastic. I'm of the opinion
| that Apple should get all possible roasting for their review
| process, since they designate themselves as the only
| gatekeepers in the ecosystem. Even if you can do better...
| You can't. They won't let you.
| nomad225 wrote:
| I think OP was being sarcastic.
| [deleted]
| jjtheblunt wrote:
| The assertion in that title is patently false click-bait.
|
| Apple definitely cares about its customers being driven away from
| them.
|
| That doesn't mean they've caught all scams, or more importantly
| in this case have managed to automate detection of them all,
| definitely not as fast as folks online identify them.
|
| Also note that there are entire classes of scams that never get
| click baity titles because Apple DOES detect them and shut them
| down before they're widespread.
|
| (I worked at Apple in engineering, left after many years for
| compelling genomics, and that's the basis for my assertion.)
| yesOkButt wrote:
| You seem certain that given a political foundation of "service
| capitalism" another player will be "better".
|
| I'm not buying apps from wannabes who can vanish or buying into
| an app market that could go tits up the next week.
|
| The market as a whole is basically Google; here today, gone
| tomorrow.
| sbarre wrote:
| This is a fair position to have, but maybe a follow-up
| question:
|
| If you're able to share your thoughts without giving away
| private info from your time there: Based on this particular
| scam - with so many bad reviews AND the extremely high revenue
| being generated, should this not have tripped some kind of
| alarm for closer review?
|
| How has this been going on for so long without anyone at Apple
| noticing? It's not like it's lost in a sea of minor apps
| generating middling income, it's literally in the top tenth-of-
| a-percent by gross revenue.
|
| And I would bet a LOT of money that there are plenty of people
| at Apple who are well paid to closely watch their top
| performing apps. So how does this get missed, unless "is this a
| scam?" just isn't high on the list of priorities for those
| teams.
|
| I think it's absolutely fair to question Apple's commitment to
| catching this stuff based on that.
|
| Perhaps they are great at catching all the low-hanging fruit
| and the obvious stuff, but what if something gets through that
| first net? Is anyone paying attention then? Or are they just
| watching the money roll in?
| withinboredom wrote:
| I'd be willing to bet that no one is looking in the top X% of
| grossing apps for spam/scan. They probably (wrongly) assumed
| that most people wouldn't spend money on a scam and most
| people wouldn't be fooled, only a small set of people. In
| fact, I doubt their AI's training data lacked anything like
| this.
| iudqnolq wrote:
| This app is literally a fake medical product that pretends to
| detect your blood pressure via the camera and pretends not to
| charge you. It instead uses color recognition to detect if
| you're holding it against a finger, and if so displays a canned
| animation.
|
| When someone on Twitter discovers an app making more revenue
| than Microsoft Word will "detect" the blood pressure of a
| reddish candy bar responding by reducing the star rating by 0.9
| just doesn't cut it.
| mdoms wrote:
| Did you even read the thread? Apple is aware of this because
| they already took the step of removing fake reviews from the
| app. You don't think they took 5 minutes to read the legit
| reviews, or do you think they did read them and they didn't
| raise any alarm bells?
| Hackbraten wrote:
| Your first question is not helpful at all.
| justapassenger wrote:
| You don't get medal for participation.
|
| Same as Facebook - they get tons of shit for hate speech, even
| tho they invest tons into trying to get rid of it. Same rules
| apply to Apple - I don't doubt that it's problem that's being
| actively tackled. But unless it's fully solved, external
| criticism is well deserved.
| simonw wrote:
| I would hope that the trust and safety team at Apple are
| sorting apps by revenue-generated-per-month and investigating
| the ones at the top of the list first.
| jjtheblunt wrote:
| I bet they will now.
| Apocryphon wrote:
| Customer Support via Twitter/HN/social media.
| goonogle wrote:
| Apple Applogism in the flesh.
|
| I wish I had people apologizing and defending my company. Not
| sure how Tesla/Apple does it.
|
| Edit-per the reply comment, something more substantiative. op
| has post purchase Rationalization fallacy
| https://en.m.wikipedia.org/wiki/Choice-supportive_bias
| BugsJustFindMe wrote:
| > _Apple Applogism in the flesh. I wish I had people
| apologizing and defending my company. Not sure how Tesla
| /Apple does it._
|
| Your comment violates HN commenting rules.
| https://news.ycombinator.com/newsguidelines.html
| goonogle wrote:
| Edited to add the fallacy op was making. That should be
| enough to make it a substantiative comment.
| manquer wrote:
| The problem is Apple cannot assume sole responsibility for
| policing and take a 30% cut, not allow anyone else to do a try
| and do better job and claim user safety is why they do all this
| and then even fail in any % of cases. No cares how many murders
| police prevented, people only care how many crimes are
| happening now.
|
| Users were defrauded of $5/M +, Apple made 1.5M from this app.
| How has apple corrected this ? . A app claiming to show your
| pulse is not just financial scam, it is medical risk. Lives are
| at risk here. If Apple earning $1.5M from a fraud is unable
| protect its users from this kind of app, or come out and say
| what went wrong and how they are improving the system and
| actually doing it.
|
| Why should I as user believe them ? Why should I not reasonably
| assume actions and financial structure for the Apple App store
| basically will do some basic checks inconsistency and get away
| with it if they can ?
| ehsankia wrote:
| This is unfortunately the case for all content moderation
| online. May it be Apple, Youtube, Facebook, or any other large
| platform. People only get to see the very small fraction that
| slips through, but have no clue about the immense amount of bad
| content that does get caught and removed quickly.
|
| It's also worth noting that there's almost a game of natural
| selection going on, with these scams evolving and adapting
| constantly to slip through the automated systems. So it's a
| never ending war with no end in sight.
| jasonlotito wrote:
| "Apple definitely cares about its customers being driven away
| from them."
|
| "Apple doesn't seem to care about top-grossing scams on the App
| Store"
|
| Both can easily be true.
| grawprog wrote:
| >Apple definitely cares about its customers being driven away
| from them.
|
| Maybe Apple realizes not caring about blatant scams won't drive
| customers away from them because there'll always be a core of
| people who buy into Apple's marketing and jump in to defend
| them basically no matter what's going on?
| 6510 wrote:
| Right, its simply a test to see what one can get away with.
| Children, lazy and greedy people do this all the time.
| CivBase wrote:
| > Also note that there are entire classes of scams that never
| get click baity titles because Apple DOES detect them and shut
| them down before they're widespread.
|
| That's beside the point. According to the thread, Apple
| detected this one. So why didn't they shut it down? The thread
| speculates that it's because Apple is making significant
| revenue from it and, frankly, that sounds like a logical
| conclusion - at least until Apple can be bothered to remove the
| app or explain their justification for leaving it up.
|
| Besides, doesn't Apple _manually_ review apps on their store? I
| 've read story after story of app devs complaining about how
| that review process screwed them over in one way or another.
| Surely one of the top 500 highest grossing apps on their store
| would garner at least a little extra attention in a manual
| review, right? How did this even slip through the cracks in the
| first place?
| fencepost wrote:
| There may be an element of distributed responsibility ("if
| it's not A person's job, it's no person's job"), but there
| may also be "it couldn't have gotten this far if there was a
| problem."
| suketk wrote:
| I would imagine that any app that charges users has to make it
| abundantly clear what the price for the service is. How are
| people getting scammed? I must be missing something here.
| haecceity wrote:
| What app are they talking about? Am I the only one confused??
| simonw wrote:
| I got scammed on the App Store a couple of weeks ago.
|
| I needed the SmartThings app for some Samsung home automation
| devices, searched for it, and installed this one:
|
| https://apps.apple.com/us/app/smart-things-smart-view-app/id...
|
| When it charged me a $20/year subscription (now cancelled) I
| thought "Wow, Samsung charging me for this feels pretty cheap of
| them, but I guess that's how they do things - after all, I found
| this on the App Store".
|
| The app I should have installed was this one:
| https://apps.apple.com/us/app/smartthings/id1222822904
| fortran77 wrote:
| It's because of this issue I've learned to never search for a
| manufacturer or company app in the app store. I go to the
| company's website and see if I can find an app store link to it
| there.
|
| It's nearly impossible for anyone--even the most savvy user--to
| identify which app is the real one and which one is a deceptive
| one.
| slobotron wrote:
| Kind of funny that we trust Google's index of the whole www
| to take us to manufacturer's legitimate website, but don't
| trust Apple's own search of their curated store.
| fortran77 wrote:
| You don't need to trust Google. If you buy a Samsung phone,
| for example, their official domain would be printed in
| their documentation.
| fsckboy wrote:
| his point was not about needing to, but that we can trust
| google, and it seems we can't trust apple, despite
| apple's promises about safety and vetting
| defaultname wrote:
| https://www.samsung.com/us/support/owners/app/smartthings
| .ht...
|
| They link directly to the app. They almost certainly have
| relevant QR codes in the manuals to go directly to the
| app downloads. You can find the official app listed by
| "Samsung Electronics", where the "scam" app is by a third
| party.
|
| There are a lot of problems and egregious abuses in the
| app store (made much worse once recurring subscriptions
| appeared), however this particular thread is not
| convincing. Some third party made a control app for
| Samsung TVs. There is nothing wrong with that (and it
| does not, contrary to claims, misrepresent itself or even
| clone the official app, beyond the most superficial of
| mainstream design choices). There is no reasonable reason
| to think that the app is by Samsung. I don't see how it's
| a scam in any way.
|
| For someone to miss the Samsung app and download this,
| then agree to a subscription and pay, is something that I
| don't think many people would do. And it certainly isn't
| a fault of the store.
| csours wrote:
| The fake one has 4.1 stars and the real one has 4.4 stars, not
| a very strong signal. I wonder if they are also cheating that.
| planb wrote:
| Apart from the subscription scam, I don't see a problem here.
| Just imagine the comments here if Apple had rejected a legit
| app just because it has "Smart Things" in the name.
| quickthrower2 wrote:
| So an App Store full of real apps and 5 fake apps trying to
| gouge you per real app (some using ads so they are the first
| result). Sounds like a great future. Do extensive research
| before installing anything.
| andai wrote:
| They also copied the style and font of the screenshots from
| the official app (you know, the one whose name they stole, to
| trick people into installing it).
| 6510 wrote:
| This wouldn't happen to anyone by accident. You always get
| the wrong app at the top if you search. I tried to find DHL
| earlier, I got bored so fast looking at non DHL apps I just
| used their website. Google isn't stuffing the search
| results with sites that look like DHL[0]
|
| [0] - https://www.google.com/about/honestresults/
| m463 wrote:
| There is something about restrictions and subscriptions.
|
| Someone I know had a family plan thing with restrictions on
| their kid, but then got automatically charged for an app
| subscription somehow. Maybe install free app is ok, but auto-
| subscription bypasses restrictions?
| brianwawok wrote:
| And I suspect you are in the top 1% of users. How is a 80 year
| old granny going to know which one to buy?
| flatline wrote:
| I have learned to always check the developer name, and if I'm
| not 100% sure, I don't install it. It's annoying because there
| are a bunch of them out there like this.
|
| I've also seen the "free but not free" apps like in the twitter
| thread. Usually there is an invisible "X" in the top corner of
| the payment form that you can click to get past it and use the
| app's free features after all. My kids run into these all the
| time: they see an ad for a game, it has good reviews so I let
| them get it, it prompts them for payment. If you are clever you
| can sometimes get around it, but I've seen cheap old arcade
| game knock-offs asking for $30+/mo! This is not by any stretch
| the only developer making mad bank on a subpar app.
| tartoran wrote:
| Somewhat tangential but looking up names is not always safe
| either, they could be made up. Latest scam on YouTube is to
| reply to comments with a clone account of the owner of the
| channel. They copy everything but the scam itself is quite
| bad, they want you to call a w-h-a-t-s-u-p number or
| something dumb that I would never bite. Youtube does nothing
| to stop these even when heavily reported.
| dan-robertson wrote:
| I wonder what solutions to scams on the App Store might be? I can
| think of some:
|
| 1. Do nothing more. It doesn't seem to be going _too_ badly for
| Apple
|
| 2. Have stricter review and allow sideloading. Obviously this is
| popular on HN but it seems to me that Apple would not do this and
| it doesn't obviously help. Maybe users would just be trained to
| sideload (I vaguely recall that there was a time when many apps
| in mainland China were not in the App Store and had to be
| sideloaded. There would be well-written instructions for how to
| install them)
|
| 3. Be stricter at review. Maybe this is expensive (so Apple would
| have to increase fees or reduce profits). It might also not be
| good for Apple if fewer amateurs can release apps. But maybe that
| isn't so significant and Apple make most of their money from
| bigger players.
|
| 4. Make it harder to profit from these scams. Maybe hold user
| payments in escrow for a while and look for evidence of scams--
| users quickly cancelling, leaving 1-star reviews, etc--and only
| pay later. To some extent this is "more scrutiny" so maybe this
| is just a way to make it targeted. Maybe this would still have
| the problem of hurting small players, and maybe most money lost
| to scams goes to small apps rather than "popular" ones like the
| one in the thread, so this flagging wouldn't catch them.
|
| 5. Have a two-tier App Store with a section of "high quality"
| apps and a section of less-reviewed apps. Apple already does this
| to some extent with "editors" of the store, various articles
| about apps, and plenty of custom artwork too. I don't know how
| they would pay for this thing or explain it to users but it seems
| it would still allow small players a chance while giving users
| better safety.
|
| Personally I think I would like a mix of a few of these. I like
| the idea of a higher tier in the store and I would be ok if it
| was expensive to get into (e.g. dev has to pay $1000 for the
| first review of an app) and had various stricter requirements
| (e.g. a different contract with apple requiring more notification
| when transferring app ownership or longer settlement times for
| user purchases, but also things like the app having good
| performance). I would also like it if Apple would try to find
| popular apps in the lower tier and help the good ones into the
| higher tier (maybe for free for a good viral game or with
| deferred payments out of (in-) app purchase income for paid apps)
| while removing the bad ones. And I think they could still improve
| their scam detection in the lower tier.
| heavyset_go wrote:
| The solution is competition. If one App Store has terrible
| policies like Apple's or Google's, then I can just use another
| one. By being forced to compete, Apple will have to address
| consumer and developer needs or be left in the dust by their
| competition.
| terrywilcox wrote:
| It's as if the people paying for this app aren't actually the
| ones complaining.
|
| Why wouldn't they complain if it was a scam?
|
| Because they're not actually using it. It's a money laundering
| app.
|
| If you're just laundering money through an app, it doesn't have
| to actually do anything.
|
| And if you make the price outrageously high, you can launder more
| money with fewer clicks and reduce the risk of some idiot
| actually buying it.
| easton wrote:
| Who would launder money in a way that would not only require
| finding a developer and going through App Review, but also
| losing 30% in the process (plus however much that developer
| costs)?
| smolder wrote:
| I think for someone who needd to launder large amounts of
| money and can't spend it otherwise, 30% or more might not be
| unreasonable. 70% beats 0%.
| asdff wrote:
| There are far simpler and less convoluted ways to launder
| money. We have bitcoin. We have HSBC.
| aembleton wrote:
| Can you launder dirty cash with those?
|
| At least with the App Store you can buy gift cards with
| cash or even get a mark from a scam to buy you gift cards
| that you can then launder.
| asdff wrote:
| Yeah, I've seen a bitcoin ATM in a headshop before.
| WesolyKubeczek wrote:
| > Why wouldn't they complain if it was a scam?
|
| ~120 1-star reviews are saying you're wrong about this one.
| layoutIfNeeded wrote:
| Meanwhile they are regularly rejecting updates for legitimate,
| established apps, because the given reviewer didn't like the way
| the pricing page was worded. It doesn't matter that the same copy
| was used for the last 10 versions of the app, you must change it
| and re-submit for review :^)
| bombcar wrote:
| There has to be another step here that we're missing - such as
| malware that buys apps for you or subscribes to apps without your
| knowledge, or uses the App Store to launder money.
|
| I can't see a scam app being a top grosser without something like
| that.
| golergka wrote:
| Users don't read and just click on things.
| 55555 wrote:
| I can see you are being downvoted but this is literally how
| this works. People install things and click rapidly thru the
| startup screens. These apps generally get legal consent from
| everyone who is billed, they just either didn't read it or
| forgot to cancel.
| hans-moleman wrote:
| A big issue I see is from the switch to Face ID from Touch
| ID. With Touch ID you actually had to put your finger on
| the sensor to confirm payment. Now with Face ID that dialog
| just becomes another OK you accidentally press and your
| face gets scanned before you even realize what's happening.
| jackson1442 wrote:
| You still have to double click the side button... it's
| pretty clear to me when I'm paying for stuff on my phone,
| at least.
| cytzol wrote:
| > People install things and click rapidly thru the startup
| screens.
|
| While this is true, and there are definitely cases of
| people not reading the text and accepting whatever, Apple
| has a long way to go here. On the payment screen, the text
| showing the price and the recurrence is way too small, and
| they're both located under an eminently-skippable "Policy"
| paragraph. It's no surprise that users are skipping this
| user-unfriendly screen.
|
| This Twitter thread has some examples of how it can be
| improved:
| https://twitter.com/rjonesy/status/1358161301973979139
| Retric wrote:
| Scams are deceptive, if it's completely automatic then that's
| just theft. It's the difference between cashing a fake check at
| a bank and just pulling a gun and robbing the place.
| tyrex2017 wrote:
| When I was doing iOS apps around 2016, there was a simple way to
| request a refund if you purchased sth by mistake. I think it was
| a web form using your Apple id. The amount was autocredited back
| to you immediately.
|
| Not sure if this was the norm back then, and if it is now.
| devit wrote:
| How does it work?
|
| Doesn't iOS inform the user when they are about to authorize a
| paid subscription?
| iamleppert wrote:
| The App Store quality is so low now that I avoid it completely.
| It reminds me of a dollar store just browsing through it. All the
| developers, like sellers of products at a dollar store, have
| learned to optimize for "the packaging" of the app.
|
| The goal isn't to get some meaningful money per customer but to
| make a single sale, usually only a few dollars. So the goal is to
| trick the user, optimize for large volumes of unit sales and
| reduce the cost per sale to as minimal as possible.
|
| I think it's time that there be competing App Stores on iOS
| because Apple has completely dropped the ball with their brain-
| dead approach to quality and developer incentives. Whoever runs
| the App Store at Apple should be replaced, but that's not going
| to happen until there is real competition so the numbers reflect
| the true state of things.
|
| Getting someone to part with $20 is harder than $1. I think the
| race to the bottom with software distribution has had a negative
| effect on overall quality. I'd rather have a few moderately
| priced options to choose from than 100 equally cheap options.
| spondyl wrote:
| This is somewhat ironic given the recent interview Tim Cook did
| with Kara Swisher on Sway[1] that touched on topics like App
| Store curation and not allowing side loading.
|
| Here's an excerpt:
|
| > Kara Swisher: Like Netflix and others, right. What's wrong with
| Epic or any developer going their own way or allowing a direct
| payment system, instead of having to go through the App Store?
| Why should you have the control?
|
| > Tim Cook: Well, I think somebody has to. I think somebody has
| to curate, right? Because users aren't going to come there and
| buy things if they don't have trust and confidence in the store.
| And we think our users want that.
|
| > Kara Swisher: Why can't there be more stores, other stores run
| by others?
|
| > Tim Cook: Because if you had side loading, you would break the
| privacy and security model.
|
| > Kara Swisher: On the phone itself, and the phone itself
| wouldn't protect the user necessarily.
|
| > Tim Cook: Well, you'd be opening up a huge vector on another
| store.
|
| > [a minute or so later]
|
| > Tim Cook: I think curation is important as a part of the App
| Store. In any given week, 100,000 applications come into the app
| review. 40,000 of them are rejected. Most of them are rejected
| because they don't work or don't work like they say that they
| work. You can imagine if curation went away, what would occur to
| the App Store in a very short amount of time.
|
| ---
|
| I agree that not having sideloading, without giving it any
| thought on the technical implentation, is probably safer in terms
| of reducing "viruses" and what not.
|
| It's arguable that cases like families whose kids spends tens of
| thousands due to dark patterns in approved applications were no
| safer than if they had run a side loaded application or a vetted
| one though.
|
| Similarly, I can only imagine the amount of money wasted on
| misleadingly titled applications.
|
| You could perhaps argue that the privacy model is compromised
| anyway in the sense that you can install Facebook, sign up and
| have your info dumped online, through no fault of Apple. The
| upcoming ATT changes should help but they haven't existed since,
| well, the app store was created :)
|
| [1]: https://www.nytimes.com/2021/04/05/opinion/apples-ceo-is-
| mak...
| Jakobeha wrote:
| How does Apple even solve this problem?
|
| On one hand, they're already having trouble with legitimate
| developers getting apps on the store (or at least they used to).
| On the other hand, there are tons of low-quality and scam apps.
|
| I agree with common sentiment here that people should be able to
| install apps from wherever they want. But a curated "App Store"
| for most people is a good idea. Otherwise your entire system's
| reputation becomes worse because people install low quality apps
| and possibly even malware, and it's hard to find good and
| legitimate apps.
|
| Except that's still happening with the current App Store. And I
| honestly think Apple is trying to do better curation, but it's a
| hard problem because there are so many apps and you don't want to
| reject any legitimate ones.
| heavyset_go wrote:
| Apple and Google are poor stewards of the mobile app distribution
| market. It's time that their 13+ year stranglehold on app
| distribution is disrupted.
| RcouF1uZ4gsC wrote:
| That would actually make the problem with scam apps even worse.
| Getting software on iOS is super easy and safe compared to
| Windows where you can install any program you like. The amount
| of scams, malware, etc that regular people get tricked into
| installing in Windows is immense.
|
| An open ecosystem does have advantages, but reducing scam apps
| and malware is not one of them.
| unicornfinder wrote:
| You know, I was thinking last night about the parallels between
| this and the anti-trust investigation into Microsoft back in
| the 90s. Back then Microsoft was in a heap of trouble over the
| fact that they bundled IE and didn't allow vendors to bundle
| other alternative browsers. Users could still install other
| browsers, but the fact that the OS came bundled with IE was
| seen as an abuse of Microsoft's market position.
|
| Yet here we are, in 2021, and Apple won't even allow you to
| install software on the device you own without their say-so.
| There are admittedly other browsers on the app store, but they
| all must use Safari's rendering engine.
| [deleted]
| ctdonath wrote:
| Microsoft wasn't selling the computer.
|
| Anyone is free to buy an iPhone, install apps on it, and
| resell it.
| aembleton wrote:
| In the 90s, anyone could buy a Windows PC, install apps on
| it and resell it.
|
| The point was that Microsoft were giving Internet Explorer
| away for free, pre installed with Windows. This abused the
| market dominance of Windows to expand use of Internet
| Explorer.
| simonh wrote:
| To be honest, I always thought the IE issue was stupid, and
| surely from a modern perspective it even more bonkers. Google
| has an OS that is literally a browser engine, they're not the
| only one, and web technologies are commonly built into OSes
| nowadays at a low level.
|
| The other anti-trust claims against MS were I think largely
| credible and reasonable, but that one really has not aged
| well.
| modeless wrote:
| > Google has an OS that is literally a browser engine
|
| It's not though. Chrome OS is literally Linux. You can
| install Firefox.
| kevingadd wrote:
| You may be able to install Firefox now, but originally it
| was literally a web-only affair. "Chrome OS is literally
| Linux" is about as accurate as "Android is literally
| Linux". Chrome OS is not just some rebadged Debian
| distro.
|
| Do all chromebooks support linux apps now? AFAIK that's
| not true, and only a subset of them support it.
| Daho0n wrote:
| Linux != a distro though.
| modeless wrote:
| > "Chrome OS is literally Linux" is about as accurate as
| "Android is literally Linux". Chrome OS is not just some
| rebadged Debian distro.
|
| It's not rebadged Debian. The default Linux in Chrome OS
| is literally Debian. It has apt, bash, Wayland, X11. And
| of course the Linux kernel is there. What more do you
| want before you call it Linux?
|
| > Do all chromebooks support linux apps now?
|
| According to this page all 2019+ Chromebooks support
| Linux apps: https://www.chromium.org/chromium-os/chrome-
| os-systems-suppo...
| mason55 wrote:
| You said it yourself:
|
| > _an abuse of Microsoft 's market position_
|
| Apple has no such market position to abuse.
|
| It's perfectly legal to put restrictions on your product.
| It's perfectly legal to be a monopoly. It's only a problem
| when you abuse your monopoly position to restrict
| competitors.
| vlovich123 wrote:
| I wonder if just business size can be used here rather than
| monopoly position. If your business is above a certain
| size, then more restrictions apply to what you can do. The
| reasoning is that the bigger you are the more people you
| impact, regardless of your market position and poor
| behaviors of smaller players to compete with larger players
| is also an issue. The current economic model of monopolies
| is very limited in scope (only looks at pricing) whereas
| there are many negative externalities a business may have
| beyond just consumer prices. Look at the consumer
| unfriendly business practices that take hold in industries
| (eg 24hr fitness famously making it really hard to Vance
| their service, poor competition on the part of ISPs, etc).
| ChrisMarshallNY wrote:
| I think size may also be construed as "infrastructure."
| For example, Facebook now has a couple of billion users.
| It has reached the point where we often have to get
| Facebook accounts/pages, if we want to reach certain
| users. In short, Facebook has become necessary to
| "survive," in a sense.
|
| That sort of puts it into the realm of a utility; like
| power or water.
|
| The idea of a utility, is that it is deliberately allowed
| to become a monopoly, sometimes, with state enforcement.
| The flip side, is that it is now _required_ to provide a
| lot of services.
|
| For example, if some old folks can't pay their electric,
| in winter, the utility might be required to supply them
| with electricity anyway, and eat the cost, or claim it as
| a tax deduction.
|
| That's the downside. The upside is...MONOPOLY, BABY! WOO-
| HOO! PAAAARTAAAY!
|
| So there's a big carrot, as well as stick. People who own
| utilities tend to get pretty damn rich.
|
| This all kinda breaks down, if the utility is already a
| monopoly, so the state assigning them monopoly status
| means nothing. No carrot; only stick. It also breaks
| down, if the utility manages to corrupt the regulators,
| thus eliminating the stick.
|
| Facebook is already a monopoly. It doesn't need the state
| to give it anything; certainly not with a stick,
| attached. Thus, the "Standard Oil" remedy.
|
| Apple isn't _quite_ like Facebook, but it 's getting
| there. The problem is that a lot of what gives its
| products value, is that iron-fisted control Apple has
| over their configuration. If that control is diluted,
| then it would also reduce the value of Apple products.
| asdff wrote:
| They do. They have a total monopoly on phones running iOS.
| Way stronger of a monopoly than PCs running windows in the
| 90s, given that every single iPhone is locked into this
| vertically integrated market.
| mhermher wrote:
| Do you actually believe this? I have a hard time thinking
| that anyone believes "Apple has no such market position to
| abuse.". It's absurd.
| simion314 wrote:
| >Apple has no such market position to abuse.
|
| It depends how you want to measure things, in US iOS has
| more then 50% mobile market share but Apple fanboys will
| use only this numbers (or how many more purchases are on
| Apple sore) in the conversations about how cool Apple is,
| when we talk about the monopoly/duopoly then world wide
| numbers are used, maybe throw more type of devices in
| there...
|
| I would say that Apple is clearly anti-competitive, not
| allowing other browsers, giving their own apps access to
| private APIs, their own apps ignoring the users firewall
| and security rules etc, but judges will have to decide on
| this and if they still consider is legal we might need to
| update some laws .
|
| IMO the society is more important then a company, so if we
| decide that we no longer want this bullshit we will
| advocate and hopefully have the issue corrected.
|
| The Apple situation looks to me similar to when mobile
| providers would lock phones to their network, then charge
| you to unlock them, this was made illegal , if you own your
| phone then the unlock should be possible for free,
| exception is if you are still renting/paying for the device
| so you are not owning it fully.
| valparaiso wrote:
| It seems you skipped preliminary hearing in September
| 2020. Judge already asked why Epic thinks Apple walled
| garden (closed platform) is illegal while such types of
| businesses were legal for decades.
|
| Also judge rejected comparison of open and closed
| platforms. So she asked Epic lawyers what's the
| difference between Apple's closed platform and
| Xbox/PlayStation and Nintendo.
|
| Epic lawyers failed badly without answering. Also failed
| to answer question when did Apple become monopoly.
| simion314 wrote:
| Let's see what happens in EU. And FYI Sony and Nintendo
| are also wrong in my opinion for locking their devices
| though people don't complain as much since so far they
| found ways to bypass the locks.
| hctaw wrote:
| >It's only a problem when you abuse your monopoly position
| to restrict competitors.
|
| Like what Spotify is suing them over, for example.
| AlexandrB wrote:
| I think this analysis misses how dominant Microsoft was in
| the 90s and the myriad methods they used to stay in that
| position. Apple may be a huge chunk of the North American
| phone market, but Microsoft's share of the PC market in the
| 90s was over 90%. The only computers around were PCs[1]
| (desktop or laptop) and servers - there were no phones - so
| if you had a computer in your house, it was almost certainly
| running DOS/Windows.
|
| To maintain this monopoly Microsoft employed tactics like
| offering discounts if OEMs promised exclusivity. Basically
| punishing any manufacturer that might want to ship another
| operating system. My read on the browser verdict was that
| this was what the justice department thought was sufficiently
| low-hanging fruit to convict Microsoft. But it was far from
| the only anticompetitive tactic Microsoft used at the time.
| "DOS ain't done till Lotus won't run"[2]
|
| [1] I'm ignoring exotic stuff like SGI workstations that were
| priced out of reach of typical consumers.
|
| [2] https://news.ycombinator.com/item?id=10434133
|
| Edit: Here's an example. In 2002 Dell started offering PCs
| without Windows pre-installed[2] - this was considered a big
| deal in the linux forums I hung out in. Why? Because until
| then you _had_ to pay Microsoft to own a PC (practically the
| only consumer computing hardware available at the time), even
| if you wanted to install Linux on it. This is like if _nearly
| every_ phone had to come with iOS pre-installed (and Apple
| collected a licensing cut), even if you wanted to install
| /use Android.
|
| [3] https://www.computerworld.com/article/2577666/dell-
| offering-...
| deckard1 wrote:
| I don't think it matters how dominate the iPhone is. Google
| and Apple are joined at the hip.
|
| https://www.nytimes.com/2020/10/25/technology/apple-
| google-s...
|
| You think Google is going to piss off Apple too much with
| Android? Not likely.
|
| > A forced breakup could mean the loss of easy money to
| Apple. But it would be a more significant threat to Google,
| which would have no obvious way to replace the lost
| traffic. It could also push Apple to acquire or build its
| own search engine.
|
| So I would definitely argue that the future of Android and
| iPhone are intertwined.
| Shivetya wrote:
| Do you even understand the volume of apps they deal with? Apple
| claims 100k a week[0]. How do you propose to handle that?
|
| People are complaining about a small number of bad apps getting
| through and at the same time we have quite a few stating that
| not allowing people to load up anything they want is bad. Can
| you imagine trying to sort through the mess if there was no
| gate keeper because there is an actual chance if people get
| their legislative wish list through.
|
| Even if you could get an independent system up and running who
| is going to pay for it? The staffing is going to be very large
| and who determines what is a good app and what is not?
|
| I am all for Apple having and managing their store by their
| rules. While I think it is dumber than all get out to allow for
| people to install any app they find I am certainly not going to
| stand in their way as long as the companies which make the
| phones and provide the software are fully protected from such a
| choice. After all if a rogue app does something bad who do you
| think the lawyers will come for?
|
| [0]https://appleinsider.com/articles/20/09/24/app-store-
| rejecte...
| mdoms wrote:
| > Do you even understand the volume of apps they deal with?
| Apple claims 100k a week[0]. How do you propose to handle
| that?
|
| Is this a serious question? The answer is: by hiring people.
| Lots of them. Apple has over $200 billion just in cash in the
| bank.
| bogwog wrote:
| This reminds me of a section in the game Divinity Original
| Sin 2.
|
| There's this area that can only be reached by crossing one
| of two bridges. The first bridge you encounter when you
| leave the starting town is guarded by a rude and aggressive
| troll. The bridge is a mess, falling apart, and he charges
| an expensive toll if you want to pass.
|
| But if you explore for a bit instead of paying, you'll find
| another bridge with another troll, except this troll is
| super polite, soft-spoken and friendly, the bridge is very
| neat and tidy, and his toll is like 10x cheaper. He even
| thanks you for your patronage when you pay him.
|
| When you encounter the mean troll again, he'll offer you a
| reward if you kill the other troll.
|
| Apple charging 30% for a scam/malware-infested store, and
| keeping the profits rather than reinvesting them to try and
| actually improve the store makes them the first troll in
| this story.
| AnonC wrote:
| This and the right to repair areas are where I'd like to see
| Apple forced to do a lot better through laws (since it has not
| done as much as would be expected from a company of this size and
| profits). Apple cannot claim that the App Store being the only
| source of apps and in-app payments (without allowing side loading
| or allowing app makers to even mention other payment options) is
| the safest option while not doing enough on scams. You don't need
| machine learning or AI to catch many of these scams.
|
| That the developer of FlickType (the OP of this Twitter thread)
| had to file a lawsuit says a lot about how much Apple isn't
| paying attention. I seriously wonder what the person at the top
| level managing the App Store is doing, other than lobbying to
| prevent any possibility of alternate payment options or allowing
| side loading of apps.
| Bud wrote:
| I'm just going to say one simple thing: very few people are
| qualified to assess what Apple actually "seems to care" about.
| And this poster definitely isn't one of those people.
|
| As for the invented-from-whole-cloth link title: please don't do
| that.
| Calvin02 wrote:
| Yeah, but if it came to Google, Facebook, or Amazon, you'd be
| all over them with a pitchfork.
|
| Users of HN really have some rose coloured blinders on when it
| comes to Apple.
| xondono wrote:
| If people judged Googles playstore with this criteria
| pitchforks wouldn't cut it.
|
| This post to me sounds like someone claiming spam filters are
| worthless because an email got across. The relevant metric is
| how many scams _aren't there_ , not how many have managed to
| stay for some indeterminate amount of time.
| Apocryphon wrote:
| It's perfectly possible to criticize both Apple and Google
| at the same time.
|
| If anything, these examples just illustrate why centralized
| app stores are inherently flawed, even if Apple's store is
| of much greater quality than Google's.
|
| Corporate cheerleading is boring and elides that the
| greater issue at hand is about openness and choice vs.
| closeness and security. Examples such as TFA illustrate
| that despite corporate promises, their security is
| incomplete.
| WesolyKubeczek wrote:
| > This post to me sounds like someone claiming spam filters
| are worthless because an email got across.
|
| If I'm literally prevented from using any other kind of
| spam filter, you bet I'd be complaining.
|
| > The relevant metric is how many scams aren't there
|
| Would you please also prove there is definitely no teapot
| orbiting Mars, while we're at it?
| Tinyyy wrote:
| > If I'm literally prevented from using any other kind of
| spam filter, you bet I'd be complaining.
|
| Actually, you can use another kind of spam filter - your
| brain.
| Daho0n wrote:
| <the above comment wouldn't exist if it followed its own
| advice>
| Bud wrote:
| Please don't pretend to know what other users would do in a
| given situation when in fact, you have no idea whatsoever.
| larkinrichards wrote:
| link goes to a different thread discussing the removal of fake
| reviews. Looks like Apple is in the process of taking action
| against this.
|
| Original thread, which explains the scam, is here:
| https://mobile.twitter.com/keleftheriou/status/1381463196280...
| ksec wrote:
| Patrick McGee from Financial Times had a whole twitter thread [1]
| on it. It got everything from banning apps for competitive reason
| to Apple's FEAR ( Fraud Engineering Algorithms and Risk ) team
| saying the current App Store review process is inadequate.
|
| I am starting to think there is a much deeper problem with Apple,
| it is that without Steve Jobs, no one is being the yard stick of
| quality, especially in UX.
|
| A decade of App Store, you are wondering if they have actually
| put any effort in its Apps Search Engine. It took them 3 _years_
| to admit they have problem with Keyboard and offering an update
| after _5 years_. For things that are easily quantify, like Sales,
| Hardware Performance ( Apple Silicon ), Logistics and Operation.
| They are absolutely excelling under Tim Cook. For everything else
| it seems they are loose, at least from an Apple Standard point of
| view, although that is still far higher than their competitors.
|
| To quote Steve, it seems people are too focused on the process,
| and forgot about the content.
|
| [1] https://twitter.com/PatrickMcGee_/status/1380194940236353536
| itsoktocry wrote:
| > _I am starting to think there is a much deeper problem with
| Apple, it is that without Steve Jobs, no one is being the yard
| stick of quality, especially in UX._
|
| I'd chalk it up to Apple being the biggest company on the
| planet, and the sheer scale of managing an enterprise that
| size. Nothing lasts forever.
| socialist_coder wrote:
| The scam really is about the iOS Subscriptions and how its easy
| to have a free trial then auto-bill you for some absurd amount.
| Very easy to trick people into doing this.
|
| Apple should just remove Subscriptions completely and have app
| developers turn them into consumable IAPs that you have to buy
| every X months.
|
| The app developer can still do a free trial in their own code.
|
| Games do this all the time with "premium". You buy 30 days of
| Premium for $5. 30 days later its done and you have to buy it
| again. No auto-recurring subscriptions.
| Invictus0 wrote:
| Or better, force the app to let the user dictate how many
| months they want to authorize the subscription for.
| WesolyKubeczek wrote:
| > Apple should just remove Subscriptions completely and have
| app developers turn them into consumable IAPs that you have to
| buy every X months.
|
| With my data going poof each time, I'm afraid that's a no. Even
| merely having to log in again, compared to the status quo, is
| way worse.
| socialist_coder wrote:
| I think you are saying that if you uninstall/reinstall, you
| could lose your subscription since it's from a consumable
| IAP. I agree that is a bad flow and something that Apple
| could fix by still allowing non-renewing subscriptions, and
| then changing how the free trial works by not triggering a
| payment automatically after the free trial. Basically, you
| should only be charged as a result of a user action, and it
| would go through the same IAP flow that people do not just
| blindly tap through.
| jdmg94 wrote:
| Clickbait title, but its easy to get points on the internet
| hating on Apple, truth is the alternatives are no better
| Daho0n wrote:
| In your opinion.
___________________________________________________________________
(page generated 2021-04-13 23:01 UTC)