The iOS "package manager" does not insist on user permission for such installs because it simply does not allow them at all. Or rather, it's not intended to allow them. Obviously they found a bug, but it's not a matter of forgetting to ask the user. Apple does not intend for this kind of thing to be possible even if the user wants it.

Yes, but only stuff with the right digital signature, so Bob's Happy Exploit App need not apply.

From the same page:

> The vulnerability involves discrepancies in how Android applications are cryptographically verified & installed, allowing for APK code modification without breaking the cryptographic signature; that in turn is a simple step away from system access & control.

Bugs happen.

> (Bugs happen)

Yeah that's the point - having a closed device doesn't magically make it more secure. FTA -

> Apple iOS devices are considered by many to be more secure than other mobile offerings.

Also the Android bug is different class - the vulnerability description doesn't really say what is required to be able to modify the APK in transit which is key to being able to exploit the bug. From the sparse description it sounds like somebody needs to do a SSL MITM or the user needs to install an APK from untrusted source and get fooled into thinking since its signature matches it must be from the original author. (Just to be sure failing to detect APK modification is horrible but whether or not it is easily exploitable is a different thing altogether.)

In iOS charger case - it's clear that it's just a matter of plugging in your device to a malicious charger.

Or I can put an APK on the store or on XDA with the exploit already in it.

What would that accomplish? User will still need to find your APK, trust you, want your APK for some reason and then install it. Here you are relying on high level of user stupidity. It's not like this bug allows you to login to some other developer's account and replace the original APK.