Apple is the best, even if it runs Android...

I know you didn't - I didn't mean you specifically.

English grammar really sucks in some regards.

 

I know it - I did say something different. I said I can recognize the taste of a good wine from shitty one, which is something totally different.And trust me, that is easy.
Recognizing excellent wine from good wines - no way to me. Not even between similar types.

My point is, if you are used to certain kind of food, you immediately recognize different stuff.
i.e. you cant sell me a supermarket chicken vs. a real chicken, as they taste different - and their consistency is different (i.e. meat is attached to the bones, you have to strip it with your teeth, color is slightly different as well).

But that happens as I got used to it, so I can easily spot changes.

 

The device would reasonably have to warn for every single app, and knee-jerk cry-wolf warnings is the worst kind of warning you could possibly have, as it trains users to ignore them. It promotes bad behavior instead of discouraging it; this is why windows UAC is such a shitty thing. Who stops to consider what that window really says? Most people - regardless of if they even understand what the UAC warning is or why it appears when it does - just click it away with little thought so they can get on with doing whatever it was they were doing before that piece of crap appeared on their screen...

 

@pcchen you are misunderstanding what I'm saying (reread what I wrote again perhaps), yes I realize the app developers are intentionally doing bad stuff(*) BUT my point is
you/me (all these 100s of millions of app users) did nothing wrong, they downloaded angrybirds2 etc from apples store (we werent running xcode and compiling the apps ourselves)

(*) like ppl that write viruses etc 'do bad stuff', you're arguing they should just stop doing this bad stuff and it will be OK, guess what? not gonna happen, thus OS makers etc have to be pro-active against this

@Grall, I sorta agree with what you're saying with too many warnings but install an app on android, before you install it it will give a message what privilegdes the app will use.
Will it use the camera, connect to the internet, GPS etc
I always read it, perhaps IOS could adopt this later (IOS developer team - hey we still havent copied most of android 4.4 yet give us time )

 

So Apple removed the infected apps once they were found. What's the problem here?

If you think Apple should be able to find them earlier, then that's a completely different issue: how much control should Apple have? It's a Catch-22: if Apple do too much, people complain about how Apple is a control-freak. If Apple do too little, people complain about why they can't find some obscure virus earlier. Especially when you are comparing to Android, where almost nothing is done on Google's part.

And people seem to think it's easy to find malware. It's not. It's actually very easy to hide malware. A malware trying to collect user data can hide very well, such as only transmitting data on some randomly selected time slots. If an app connects to a command server only once a week or even once a month, it can be very difficult to find anything about it.

A possible solution is to require apps to declare which servers they'll connect, and refuse connections for non-declared servers. This helps some apps (e.g. those only need to connect the developer's servers), but not every apps only connect to their developers' servers.

Basically, from what I read is you are complaining that Apple have worse security than Android using an example where Android will fare much worse.

On iOS, apps always ask for permission when it needs to use camera or GPS the first time.

 

The problem is how to know whether an app is "potentially capable of running malicious code."

There are always people who find creative ways to workaround restrictions. For example, on iOS 9 a new rule requires that an app to declare which custom URL scheme they'll use. That's because some apps tries to "poll" for custom URL schemes in order to know which apps you have installed on your phone, and that's a privacy concern. (For example, suppose that Facebook uses "fb://" custom URL scheme, then you can easily check, in your app, whether it's possible to open "fb://". If it's possible, then it's very likely that the user have Facebook app installed on the device).