Do you have evidence that Apple does? They have made no claims that they do, instead continuously pointing to human vetting as their filter on malware, which is laughable. We all know that unskilled contractors stepping through some policy checklist aren't a legitimate protection against malware, but it's enough to fool people like Gruber, many bloggers, and you 14 hours ago before I pointed out your mistake.
If the only thing Apple does is simply pay people to poke around the app on an iPhone for a few minutes, then by that assertion there should be a stunning amount of Malware on the AppStore. I mean, all you have to do is place a time delay code, or a server side activation procedure, and you would be able to bypass all manual checks. What on earth makes you think that Apple does NOT use malware scanning. I mean, it's easy to setup, easy to implement, and cheep. This is why Google went to manual scanning first, and only later on went to human and AI assisted checks, which are harder and more expensive to setup.
In any case, you made an assertion that Apple does NOT run automated scans, unlike Google. I asked for proof. Now you demand proof from me that they do. It doesn't work that way. You made an assertion first, you back it up.
My proof is in the result. AppStore has next to no malware on it. PlayStore (now) is also very clean and safe. Google achieved this through combination of automated and manual vetting. Apple is notoriously silent about their process, other than advertising their one USP, which is no longer unique, but given if we use logic, we must assume that both companies use similar tools to achieve similar results.
Your assertion that Apple is far less secure would suggest much more malware being live on the AppStore, and yet in my search on google I was only able to find a few older articles about researches being able to smuggle in custom written malicious code onto AppStore. Meanwhile, while searching for malware on iOS, google presented me this in a search result at some point:
That's just one example from 2015. I don't think it's fair to check back to 2014 and prior, as back than Google Play Store was basically Wiled Wiled West.
You've made so many mistakes of logic and fact, it's hard to figure out where I should begin. First, itself "wild" and not "wiled". Second, Apple doesn't allow "virus scanners," which is why you'll never hear companies like Sophos talking about malware on iOS -- they have nothing to gain. If you are in the right circles, you know there is plenty of malware on the App Store -- it's significantly easier to get it on the App Store than it is to get it on the Play Store. The main deterrent to malware on both platforms is the requirement that the app publisher have a credit card, which the stores both verify. If a publisher behaves badly, their identity is already known through their bank. Finally, you seem to be confusing manual scanning, static analysis, dynamic analysis, and human review to the point where it's hard to even figure out what you're claiming. Google implemented dynamic analysis long before 2014 (your "wiled west"), which Apple very clearly still hasn't done.
Thank you for the correction, and I am guessing you mean "it is" rather than "itself" in the above correction of my spelling.
> Second, Apple doesn't allow "virus scanners," which is why you'll never hear companies like Sophos talking about malware on iOS -- they have nothing to gain.
1. Until recently Apple did allow virus scanners on iOS. However, those programs were largely useless for 2 reasons. First, because without a jailbreak you can not run unsigned code on iOS, unless you have found a jailbreak vulnerability that can be exploited directly on the device, but I haven't see those since iOS 3 or 4. Second, because iOS jails each app, so one app can not scan the file system or any of the other apps on the OS. Conversely, one app can not maliciously attack or install unsigned code on the OS without a jailbreak.
2. Sophos would have a lot to gain from exposing wide spread malware in the App Store. Such news would pressure Apple to reconsider their decision and allow virus scanners into the App Store, or at least clean up their act. One way or another, it would be a lot of GOOD pub for Sophos.
3. Given that there are many jailbroken iPhones, and that it's trivial to access app files on a jailbroken iPhone, it would be easy for Google to run their own Malware scanners on AppStore submissions. Considering that they would most certainly (according to you) find hundreds, if not hundreds of thousands, instances of Malware, it would be a wonderful PR story for Google, once and for all proving the undeniable superiority of the Android OS. And yet, I have yet to read that story. Forget Google, HTC, Sony, LG, and any number of other manufacturers would have direct pecuniary interest in discrediting Apple by proving to the world that the AppStore is teaming with Malware. I guess all of the above mentioned companies are operated by utter idiots, if we are to believe your assertions.
> If you are in the right circles, you know there is plenty of malware on the App Store -- it's significantly easier to get it on the App Store than it is to get it on the Play Store.
What are these "right circles?" Links, facts, anything to backup the above statement?
> The main deterrent to malware on both platforms is the requirement that the app publisher have a credit card, which the stores both verify.
Use a prepaid VISA card, put any name and address you like. Works like a charm, you can register an account like that on either store.
> Finally, you seem to be confusing manual scanning, static analysis, dynamic analysis, and human review to the point where it's hard to even figure out what you're claiming.
You are confusing the meaning of such terms as manual scanning, static analysis, dynamic analysis, and human review. There, we both made utterly unsubstantiated claims, now we are even!
> Google implemented dynamic analysis long before 2014 (your "wiled west"), which Apple very clearly still hasn't done.
1. Thank you yet again for pointing out the SAME typo in my previous post for the second time in your reply. To return the curtesy, I would also like to point out that "itself" and "it is" do not have the same meaning in the english language. I do understand that this page is frequented by many people from other countries, who may speak different languages. I, for instance, speak fluently 2 languages, in addition to English. So I do apologize ahead of time if you are indeed an ESL person, but to improve your knowledge of the English language I felt the need to point out your mistake yet again.
2. Could you please provide any proof what so ever to your claimed assertion that Apple does NOT conduct dynamic analysis.
3. Please refer to this article [0] which details utter inaptitude of PlayStore's dynamic analysis tools in 2014.
