users either don't read, don't care, or don't understand what is being asked of them and they just click whatever is needed to continue.
True. That's sort of ok as long as advanced users can tell when something fishy is going on and flag the app.
even an advanced user can't tell the difference between a free app requesting network access to download advertisements and a malicious one using it to upload private information.
Also true. The Internet and SD card permissions are all-or-nothing, and therefore essentially useless. Apps should be able to declare that they only contact specific hosts or access specific directories, and there should be a standardized directory for per-app storage, like "Application Support" on OS X.
It's really not even safe to have an app without strong credentials and audit trail bringing in ads. There's no protection against objectionable ads, or those doing things like taking advantage of Flash vulnerabilities etc.
Isn't the Apple approach to host the ads themselves? While app developers still get data access, at least there's a healthy isolation between the client and the advertiser. Apple can certainly provide things like basic client stats and direct ads appropriately based on location.
The Windows anti-virus / anti-spyware model is too flawed to be trusted. It's like having a bouncer at the door of a party that keeps out offenders from previous parties. The default is to trust everything else, so every zero day attack can get through. Defaulting to not trusting things and only allowing what's known okay would be far more effective. If apps had to request all net connections through IPs stored at Apple/Google etc, the potential to direct to some hostile developer or botnet would be greatly reduced. Although the plans may be for video and other high bandwidth content streaming, that huge server city Apple is building could certainly host any static non-generic content apps need, and perhaps be a proxy for much of the rest (news sites etc). Google certainly has the infrastructure to do something similar. Granted Google is better set to do that on a global level.
Even advanced users can be tricked if granting access for something trivial opens the gates to something nasty.
At least on a consumer device it makes sense to protect users from themselves. Limiting hosts and local directories is certainly prudent.
True. That's sort of ok as long as advanced users can tell when something fishy is going on and flag the app.
even an advanced user can't tell the difference between a free app requesting network access to download advertisements and a malicious one using it to upload private information.
Also true. The Internet and SD card permissions are all-or-nothing, and therefore essentially useless. Apps should be able to declare that they only contact specific hosts or access specific directories, and there should be a standardized directory for per-app storage, like "Application Support" on OS X.