@torgo never is a strong word
browsers are user agents and should do what the user tells them to. they should ship with defaults that suit most people
but, as it stands, every time browsers forcibly gate something behind their extremely conservative idea of a user action it makes my life, and my users' lives, worse
I'd be interested if you know of any real world malicious use of the current API given that it has been around for so long
@torgo I think my issue with this kind of thinking is that it doesn't consider the tradeoffs between security (in a fairly narrow sense) versus innovation. If I can't think of a fantastic use case for some new API that will change the world, that says more about me than it does about the API.
It's interesting that the example of ordering food is used - the web won the battle against applications on desktop but it is a rounding error on mobile. In part because of its conservatism, IMO
@tag 1/2
@torgo given that apps have worse security than the web, why does TAG think the answer to winning market share from apps is "even more security"?
Do you have evidence that people would switch to the web from apps if that was the case? My impression and experience is that people will trade security for convenience at almost every opportunity.
@tag 2/2
@torgo I totally disagree :)
for me the main differentiators are:
- ease of first use (no "install")
- ease of discovery
- ease of task switching
- the ability to copy-paste (although Google Pixels have built in OCR which negates this somewhat)
- ability to modify websites as i want them with ad blockers, user scripts, user styles (e.g. dark mode, reader mode). Frameworks like NextJS are making this worse
- better accessibility
- worse persistence
- worse notifications
- worse battery life
@torgo sure, some of them are only possible because of the security by design of the web versus the security by policy of app stores. The speed/ease of iteration/deployment of the web is why I personally develop websites rather than apps. But I think you're overestimating the direct value of security to end users.
Notifications can be spammy, yeah, but they're also the reason why I'm talking to you now from an app when 15 years ago I would have used a website.
1/2
@torgo as a worked example, I currently keep up to date with the news via the web. The main reason I keep doing that is because of the ease of multitasking. Three years ago I would have mentioned the ease of copy paste and the ease of ad-blocking, but both of those advantages have now gone thanks to improved OCR and system level support for DNS over HTTPS.
I'll consider commenting, thanks, but I find the politics exhausting. Apple/Google have big pockets and big incentives for apps to win
2/2
Daniel Appelquist
Oliver Blanthorn