by Cesare Rocchi

Sandbox is bad sandbox is good

by Cesare Rocchi

I love the Mac App Store, I hate the Mac App Store. The review system makes me angry, the review system makes my machines safer. I am a developer, I am a user, I am thorn.

You might have read a lot of posts about how it’s hard to make a living in the App Store. The most common reasons are the usual ones:

  • no paid upgrades
  • long review times
  • inconsistent rules
  • no access to customers emails

As a developer I perceive all these as obstacles to my business.


As a user, I love the App Store, especially the MAS. At least once a year I reinstall OS X on my machines, from scratch. Most of the apps I use are on the MAS and it’s a pleasure to click Get and see they just get installed. I have a few other apps that are not on the store and the installation is a pain as in:

  • download
  • find the key
  • enter the key
  • the key is for an upgrade
  • find the key of the previous version
  • enter the ley
  • activate
  • then enter the key of the new version

Some of those apps probably will probably never be on the App Store and I really need them, so I go through the pain. Fortunately it happens just once a year.

There’s more. You never appreciate what you don’t see or doesn’t happen. I think I never heard something like “Thanks to the Mac App Store I feel (a bit more) secure”. All the anger that the developer in me throws at the MAS was largely mitigated a few weeks ago when I read this bug report in Chromium. Chromium is the open-source project on which Google Chrome is based. The report is related to Debian, one of the most secure Linux distributions. The report shows that Chromium (Google Chrome for Linux) silently downloads a binary executable blob, by default. There’s a lot of speculation on the role of this “thing”. A Google engineer chimed in to clarify that the “thing” was just downloaded and not executed, unless the user turned on the “Ok Google” feature. Fair enough, but sneaky to say the least. Only a few hours ago we got the announcement that the download will be disabled by default. Oh, I forgot a little detail. The “thing” was supposed to record audio for the Ok Google feature.

[Insert your preferred NSA joke here].

Something like this would have never happened on the App Store, because the app would have been rejected right away. Especially now that Apple is putting a lot of focus on privacy.

And so here I am, even more thorn. As a user I keep enjoying the MAS. When I wanna buy a new app on the store I feel pretty sure, because somebody has checked it for me.

As a developer I should probably learn that those that seem obstacles are meant to protect users. It’s pretty clear to me that Apple lives by “users first, developers after” kind of principle. To be fair, if I were Apple, I’d probably adopt the same principle.