Wednesday, July 7, 2010

As Software Development Gets Easier, Chaos Ensues

It’s no secret that the iTunes Store’s app store is chaos, but just how chaotic it is was seen over the weekend when a developer was banned from the store after dominating one of its dozens of category charts based largely, or perhaps entirely, on fraudulent purchases.

Macworld reported on Monday that the developer’s apps had been removed from the store. Subsequent stories indicate that the developer has been permanently banned from the store. Apple, owner of iTunes Store, has taken steps to boost security and is continuing an investigation of the suspicious purchase transactions.

Apple’s development tools for iPhone apps have turned the previous model of software development on its head. There more apps than anyone could keep track of. Less than a decade ago, software lived and died on magazine reviews. There are so many apps now that it did not immediately appear strange that many of the top-selling apps had never been reviewed, even by a customer.

Software development will only get easier as time goes on, and this will require new approaches to software. The key distinction once was about “trusted sources” of software, and that meant something when the ordinary user used fewer than 100 applications. When that number started to go up above 200, it was no longer possible to keep track of the sources of all that software. It’s so easy to get one software developer confused with another that “trusted source” is itself subject to security gaps.

This, of course, is part of the reason for the iPhone app concept. IPhone apps have only limited access to the computer they run on, and this is an intentional strategy to keep the machine from breaking. Another example of this can be seen in the Java Virtual Machine, which takes a much softer approach in limiting an application’s access to the file system and hardware of the computer it runs on. The computing world will need to expand on this concept to build various kinds of security boxes that can contain applications.