Almost a century has passed - at least that's what it feels like - and still we don't seem to have learned that the drive was called 154I (with a final capital "i") :-)

That's the first thing I thought myself. Actually, I looked for a April 1 timestamp.

There is tech to inspect compiled code and try to find malicious bits, even in an automated fashion, that won't be fooled by an idle loop. It's far from perfect or being a silver bullet, but it is there and getting better by the day.

Look at what the security firms are now calling "sandboxing". Look here: https://en.wikipedia.org/wiki/Malware_analysis#Free_automated_malware_analysis_services.5B2.5D

This is most probably what Apple does already, and clearly needs to get better at.

The bad news is that _it's bound_ to happen again.

This is why I agree with BronsCon, Apple should open doors to the sec community, but I don't think it will happen anytime soon.

BronsCon mentions sideloading as a possible way to do analysis, I don't know if this is the case (can sideloaded apps break the sandbox model?) but jailbreaking would obviously do.

Good thinking. I have a similar (but smaller) setup and make the same considerations about cloud storage.

I wonder if you have a strategy to fight bit rot.

enter Flattr:

I don't subscribe to this rose-tinted point of view, especially if you look at all this beautiful tech from the security standpoint.
Most of the tech we deal with today was originally designed without security concerns. In most cases, security is an afterthought.
So much for sitting back and taking a break.