My experience is from years ago, but the vetting process seemed about the same for both when I was working on an app. The initial publish process takes forever. The update process through Apple was much simpler and that used to be a successful attack vector.
Since you rarely get feedback from updates, it’s hard to say if Google was as vulnerable, but I’ve heard that the update scheme is still a thing. Publish a legit app then push malicious updates.
Hi there! Looks like you linked to a Lemmy community using a URL instead of its name, which doesn’t work well for people on different instances. Try fixing it like this: !vimusic@r.nf
My experience is from years ago, but the vetting process seemed about the same for both when I was working on an app. The initial publish process takes forever. The update process through Apple was much simpler and that used to be a successful attack vector.
Since you rarely get feedback from updates, it’s hard to say if Google was as vulnerable, but I’ve heard that the update scheme is still a thing. Publish a legit app then push malicious updates.
Interesting, thanks for the info!
I wasn’t aware of the update process being used as an attack vector (if it’s still a thing) gonna have to read up more on that.
https://r.nf/c/vimusic
Hi there! Looks like you linked to a Lemmy community using a URL instead of its name, which doesn’t work well for people on different instances. Try fixing it like this: !vimusic@r.nf