It's China, Stupid
"The more rigorous testing regime required before an iOS app can be published has always been considered to be the reason for this difference, but in this case it seems to have fallen short."
Every Apple developer knows the two, and only two, sources for downloading Xcode. Any developer with any sense of software security knows that WAREZ versions of anything are entirely capable of being malware vectors. That is nothing new. Back in early 2009, WAREZ versions of Mac apps were implicated in a Mac botnet of hundreds of thousands (as many as 600,000) Macs.
The way it should have gone down was:
- Developers in China inform Apple that The Great Firewall Of China screws them over every day with crap for bandwidth.
- Apple should have responded by providing software servers inside China, subverting any motivation to download WAREZ versions of Xcode.
- The End.
That didn't happen then; At least it's happened now. Apple meanwhile has to thrash through the iOS store to find every app infected with XcodeGhost malware. It's going to take awhile. This new number of 4,000 apps is mind-boggling.
Should this incident be compared to the rat's nest of security holes and malware that are the default of all things Android? OF COURSE NOT. Try not to look so desperate to bash Apple, please.