undefined | Better HN

0 pointsscarface747y ago0 comments

Which you can verify they aren't doing if they provide the source code. Or the non-Apple app distributor could verify that they aren't or otherwise sandbox the apps they distribute to prevent that from happening -- another advantage to competition

So what sandbox is available for apps that don’t allow a native app to ascertain individually identifiable device information?

You also now have to trust the non Apple App Store to check the source code. The entire open source community let the HeartBleed bug stay in open source software for a year and a half...

0 comments

AnthonyMouse7y ago

> So what sandbox is available for apps that don’t allow a native app to ascertain individually identifiable device information?

That's the point. Currently nobody can build that because Apple doesn't allow it.

> You also now have to trust the non Apple App Store to check the source code. The entire open source community let the HeartBleed bug stay in open source software for a year and a half...

"Many eyes" results in fewer bugs over time, not zero bugs instantaneously. It doesn't have to be perfect to be better.

scarface74OP7y ago

That's the point. Currently nobody can build that because Apple doesn't allow it.

And where does this Sandbox wrapper for third party app stores exist for the Android ecosystem where it is both allowed and their are five time more devices?

Many eyes" results in fewer bugs over time, not zero bugs instantaneously. It doesn't have to be perfect to be better.

Have any statistics to back that up? Is Android more secure or less buggy than iOS?

AnthonyMouse7y ago

> And where does this Sandbox wrapper for third party app stores exist for the Android ecosystem where it is both allowed and their are five time more devices?

https://seap.samsung.com/sdk/knox-standard-android

https://yajin.org/papers/asiaccs15_appcage.pdf

> Have any statistics to back that up? Is Android more secure or less buggy than iOS?

Obvious confounder:

https://en.wikipedia.org/wiki/Darwin_(operating_system)

But what metric would you use anyway? Number of discovered bugs doesn't work because the whole premise is that a higher percentage of the bugs will be found.

It's inherently difficult to measure. But refute the logic: Bugs found by vendor + everyone else > Bugs found by vendor alone. The only assumption is that bugs found by everyone else is non-zero, which is clearly true for any number of open source projects including both Android and Darwin.

1 more reply

j / k navigate · click thread line to collapse

0 pointsscarface747y ago0 comments

So what sandbox is available for apps that don’t allow a native app to ascertain individually identifiable device information?

You also now have to trust the non Apple App Store to check the source code. The entire open source community let the HeartBleed bug stay in open source software for a year and a half...

0 comments

AnthonyMouse7y ago

> So what sandbox is available for apps that don’t allow a native app to ascertain individually identifiable device information?

That's the point. Currently nobody can build that because Apple doesn't allow it.

> You also now have to trust the non Apple App Store to check the source code. The entire open source community let the HeartBleed bug stay in open source software for a year and a half...

"Many eyes" results in fewer bugs over time, not zero bugs instantaneously. It doesn't have to be perfect to be better.

scarface74OP7y ago

That's the point. Currently nobody can build that because Apple doesn't allow it.

And where does this Sandbox wrapper for third party app stores exist for the Android ecosystem where it is both allowed and their are five time more devices?

Many eyes" results in fewer bugs over time, not zero bugs instantaneously. It doesn't have to be perfect to be better.

Have any statistics to back that up? Is Android more secure or less buggy than iOS?

AnthonyMouse7y ago

> And where does this Sandbox wrapper for third party app stores exist for the Android ecosystem where it is both allowed and their are five time more devices?

https://seap.samsung.com/sdk/knox-standard-android

https://yajin.org/papers/asiaccs15_appcage.pdf

> Have any statistics to back that up? Is Android more secure or less buggy than iOS?

Obvious confounder:

https://en.wikipedia.org/wiki/Darwin_(operating_system)

But what metric would you use anyway? Number of discovered bugs doesn't work because the whole premise is that a higher percentage of the bugs will be found.

1 more reply

j / k navigate · click thread line to collapse