Risk
12/12/2011
02:58 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Apple's Mac App Store Passes 100 Million Downloads

Consumers appear to be thrilled with the ease of buying computer software through a store integrated into the operating system.

Inside Apple's New Grand Central Super Store
Inside Apple's New Grand Central Super Store
(click image for larger view and for slideshow)
Mac users have downloaded over 100 million apps from Apple's Mac App Store, an event that the company suggests is transforming the computer software industry.

Apple SVP Phillip Schiller said in a statement that just as the iOS App Store changed how people obtained mobile apps, the Mac App Store "is changing the traditional PC software industry."

Schiller claims the Mac App Store is the largest and fastest growing software store in the world, though it's not clear how he is defining "software store."

And such definitions are important if meaningful comparisons are to be made. The iOS App Store, Apple's software store for mobile devices, saw 1.5 billion downloads of iOS apps during its first year. Google announced last week that its Android Market had dispensed 10 billion downloads--a milestone reached by Apple's iOS App Store in January--and Android Market's download rate is growing by 1 billion apps per month. So the Mac App Store's success is impressive but is also taking place in the shadow of much more significant interest in mobile software.

[ Find out why developers have mixed feelings about Apple's Mac App Store. Read Apple's Mac App Store Reinvents Software Sales. ]

Apple introduced the Mac App Store in January and reported 1 million downloads the first day of operation. Apple's decision to sell Mac software through a store built into its operating system was initially greeted with wariness by Mac OS developers, many of whom were concerned with the more restrictive terms imposed by Apple on third-party software in its Mac App Store. (Apple still allows developers to distribute Mac OS software themselves without having to adhere to Mac App Store rules.)

In October, 2010, Paul Kafasis, CEO of Mac audio software company Rogue Amoeba, expressed ambivalence about Apple's terms. He said that Apple's 30% revenue share wasn't particularly reasonable, given that most developers pay 3% to 10% in credit card and processing fees, but allowed that having instant access to 50 million Mac users might make up for it.

At the time, he characterized Apple's restrictions on API usage as "onerous." Apple's restrictions, for example, prevent Rogue Amoeba's audio recording application, Audio Hijack Pro, from being approved for sale in the Mac App Store.

Rogue Amoeba spent almost a year working within Apple's guidelines on a similar audio recording application called Piezo that has just been released, directly through the company's website and through the Mac App Store.

But because Piezo plays by Apple's rules, it can't do a few things that Audio Hijack Pro can, like record from active applications without relaunching them or capturing all audio from one's Mac at once.

And Apple's restrictions will soon become more limiting: Starting in March, 2012, Apple plans to require that apps sold in the Mac App Store operate in a "sandbox" that limits the system resources available to programs. The company maintains that sandboxing will curtail potential harm from malicious code.

Even so, money speaks louder than freedom to most developers, many of whom report that Mac App Store distribution has improved sales.

Software buyers are certainly benefiting from Apple's oversight. The company is now selling its pro apps like Final Cut Pro X and Logic Pro through the Mac App Store for hundreds of dollars less than previous boxed versions of the software. What remains to be seen is the extent to which major software companies like Adobe and Microsoft are willing to hand over a third of their revenue for a place in the Mac App Store.

Is your company antisocial? Our latest research shows that business-oriented social networking platforms aren’t living up to their promises of better communication, collaboration and productivity. Download the report here (registration required).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3971
Published: 2014-12-25
The CmdAuthenticate::_authenticateX509 function in db/commands/authentication_commands.cpp in mongod in MongoDB 2.6.x before 2.6.2 allows remote attackers to cause a denial of service (daemon crash) by attempting authentication with an invalid X.509 client certificate.

CVE-2014-7193
Published: 2014-12-25
The Crumb plugin before 3.0.0 for Node.js does not properly restrict token access in situations where a hapi route handler has CORS enabled, which allows remote attackers to obtain sensitive information, and potentially obtain the ability to spoof requests to non-CORS routes, via a crafted web site ...

CVE-2004-2771
Published: 2014-12-24
The expand function in fio.c in Heirloom mailx 12.5 and earlier and BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in an email address.

CVE-2014-3569
Published: 2014-12-24
The ssl23_get_client_hello function in s23_srvr.c in OpenSSL 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshak...

CVE-2014-4322
Published: 2014-12-24
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or c...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.