There are three primary ways Apple increases security of
applications running on the Mac and the iPhone: Sandboxing, Code
Auditing, and Certification. While all these are incrementally
valuable, none is perfect on its own.
The problem Mac developers are facing is that the two that Apple
is enforcing on the Mac App Store (Sandboxing and Code Auditing)
are implemented currently to be actively bad for developers and
not particularly good for users. And the method that would provide
the most benefit for developers and users (Certification) isn’t
enforced broadly enough to be useful.
A thoughtful, detailed, and well-reasoned argument. Let’s hope Apple is listening.