A developer published a walkthrough this week — surfaced prominently on Hacker News — describing a workflow for building and shipping functional Mac and iOS apps without ever touching Xcode, Apple's own development environment. The tooling involved is largely AI-assisted. The point wasn't to brag. The point was that it now works well enough to ship real software.

That's a quiet but consequential shift.

What's actually changing

For most of software's history, writing a production app required either years of training or thousands of dollars paid to someone who had it. That friction was annoying for developers. It was also, quietly, a filter. The people building apps that handled your location, your health data, your payment credentials, and your family calendar had usually spent enough time in the craft to understand what mishandling those things looks like.

That filter is dissolving. AI-assisted development tools — and the workflows described in pieces like the one circulating on Hacker News this week — mean a motivated person with a clear idea can now move from concept to App Store submission in days rather than months. Apple's review process hasn't meaningfully changed to match that acceleration.

This isn't hypothetical. Recent data from app security researchers has consistently shown that even apps that pass App Store review can exfiltrate data, embed aggressive tracking SDKs, or change behavior after approval through server-side configuration. The App Store badge means Apple checked the app against its rules at one moment in time. It does not mean someone with domain expertise audited what the app does with your household's data.

The volume problem compounds the trust problem. When the cost of building an app collapses, the number of apps grows. When the number of apps grows, Apple's review bandwidth per app shrinks. The math isn't favorable.

None of this means AI-built apps are inherently malicious. Many will be genuinely useful tools built by people with good intentions and no formal security training. The issue isn't intent. It's that good intentions don't prevent leaky data handling — and families who assume "it's on the App Store" means "it's been vetted" are carrying a false assumption into consequential decisions.

What we'd actually do

Audit the apps on your household devices against a simple rule: does this app need the permission it's asking for?

Go to Settings > Privacy & Security on any iPhone. You'll see which apps have access to your location, microphone, camera, contacts, and health data. For each one, ask whether the core function of that app requires that access. A flashlight app with microphone access fails that test. A recipe app with contacts access fails it. Revoke anything that doesn't pass. This takes twenty minutes and costs nothing.

Treat newly released apps with the same skepticism you'd apply to a new contractor at your front door.

An app with fewer than 500 reviews and no clear organizational identity behind it is an unknown quantity. That's not a reason to never install it — new apps are how new tools reach people. It is a reason to give it the minimum permissions necessary and to watch what it asks for over time. If it pushes a permission request that doesn't match its stated function, delete it.

Use Sign in with Apple wherever it's offered, and avoid using "Sign in with Google" or "Sign in with Facebook" on apps you don't deeply trust.

Sign in with Apple gives you a relay email address, so the app never sees your real address. If you later decide the app isn't trustworthy, you revoke access in one tap in your Apple ID settings, and the app loses all connection to your account. That's a meaningfully better posture than having handed over your Gmail address to an app you can no longer remember installing.

For kids' devices, set App Store downloads to require approval.

Screen Time's "Ask to Buy" feature is imperfect, but it adds a human checkpoint between your child and an unknown developer's code running on a device in your house. Given that the cost of building children's apps is now as low as any other category, the volume of low-quality or data-hungry apps targeting younger users will only grow.

The bigger picture

The AI development acceleration isn't going to slow down, and families shouldn't want it to — lower barriers to software creation genuinely help people build useful things. What families can do is stop treating platform presence as a proxy for trustworthiness. The App Store is a distribution channel. It was never a security guarantee, and the gap between those two things is widening.

The goal isn't to avoid all new software. It's to stay curious about what you've let onto your devices and to treat permissions as the genuine access grants they actually are. Durable households aren't the ones that avoid technology. They're the ones that use it with clear eyes.