141
First ever iOS trojan discovered — and it’s stealing Face ID data to break into bank accounts
(www.tomsguide.com)
this post was submitted on 15 Feb 2024
141 points (94.3% liked)
Apple
17525 readers
48 users here now
Welcome
to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!
Rules:
- No NSFW Content
- No Hate Speech or Personal Attacks
- No Ads / Spamming
Self promotion is only allowed in the pinned monthly thread
Communities of Interest:
Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple
Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode
Community banner courtesy of u/Antsomnia.
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
android can sideload apps since its inception and this was never an issue. i doubt it will be with ios.
that is, unless....
Because Google already lets apps do anything they want no matter how malicious. There's no reason to leave the Play Store.
Apple has people sneak past their rules on occasion because screening is hard, but they have and enforce rules that protect your privacy that malware companies like Facebook don't want to follow.
Android has a permission system (with flaws) not too dissimilar to iOS.
Both systems had apps sneak past it in clever but very similar ways to bypass them. Both were curbed by screening after being found.
I really doubt Facebook will force anyone to install their app from outside the store. You are talking about something that normies will barely be able to do.
I'm not talking about permissions.
I'm talking about their store policies. Google is far more permissive about malicious behavior than Apple is. Companies that have no reason to bypass the play store because it already allows them to spy to an obscene degree will bypass the App Store when given the opportunity, because it does not.
I dont think Google is as permissive as you say, but regardless, they won't. Try and get a normie to enable and install a sideloaded app on Android and you will see what I mean.
The amount of social engineering required just makes this point moot. Might as well get them to do the same MDM attack illustrated in this article. Its not any less secure.
Facebook can and will.
The entire reason they don't on Android is because there's literally no benefit to it.
It absolutely has happened on Android. The Russian government has launched their own app store, as an example of a state-owned-and-operated third party app store.
Additionally, once both iOS and Android are opened up, the capability to control the end-to-end distribution on both platforms simultaneously becomes a much larger incentive for major corporations; gone are the days where some users receives some features earlier because the other app store have not pushed the update yet -- they control it end-to-end.
I mean, I should be abundantly clear: simply operating a third party store does not equate to malicious intent. Some would argue the corporation case above could be considered beneficial for users. However, having third party stores with varying degree of security capabilities increases attack vectors for bad actors, and thereby making it more difficult for everyday users to manage -- an additional layer of complexity iOS users have not had to deal with for many years and very very few has signed up for.
Are all russians forced to use it? If so did that come because of sanctions? If thats the case you just highlighted a great reason to open up. If not I don't really see an issue because thats the whole reason behind this change.
Big corpos will never choose to force users to do things the hard way unless they absolutely must. Most normies wouldn't be able to use their product. And most privacy protections are built into the OS, not the store.
And if some gvmnt wants to spy and control its users they will regardless of how restricted the walled garden is, the NSA and similar exemplifies this perfectly.