...communicate off-the-record and then never heard back.
Well, they didn't say how far off the record.
On Monday, a group of software engineers plan to launch a group called "Open Web Advocacy" to help online apps compete with native apps and to encourage or compel Apple to relax its iOS browser restrictions. The group (OWA), organized by UK-based developers Stuart Langridge, Bruce Lawson, and others, aims to promote a more …
Sadly the other alternative browsers are just as scummy and corrupt at this point so this is one area that freedom makes little difference in practice.
Unless it inspires an incredibly fast open-source developer to play catchup and keep competitive with all the nonsense standards being churned out. Whilst all the web dev kiddies lap it up and overconsume every feature they can.
You'd have to go a long way to be a scummy as Apple is about this issue of walled Gardens. No other browser maker prevents competitors, they can't.
Apple thinks it can control how its users access the Internet. Other people see Internet access as a human right. During the covid crisi, with so many basic services such as, enrty to locations serving food, arranging travel, and access to money, requiring an Internet connection its hard to argue otherwise.
Open web is fundamental to human liberty in many modern societies.
Apple controls access to spending money via the Internet, and takes a fat cut. It really pisses me off that Apple take a huge cut of charitable donations and prevent apps from telling people what that cut is.
Show me another web browser that does that!
As for catch-up, it's just a case of recompiling existing code.
I’m not defending Apple at all here but if the campaign is successful then what we’re talking about is replacing the “monoculture” of webkit with the monoculture of chrome. Because that’s what has happened everywhere else.
I’m still totally baffled why anyone would want to install chrome so that it can spy on oneself but that’s another issue.
Well, there's potentially a hint at the real motivation in the history of the main actor in this show:
"web technology advocates like Alex Russell, formerly with Google and currently with Microsoft."
This person seems to have walked from one competing monopoly to the other, and given that Microsoft is again trying to get into someone else's business model because they make lots of money (Google) by its mandatory profiling and, well, let's call it data theft for short I can see why they want to break Apple's game here.
After all, Apple is also the company that forced Zuck to short his own stock* with privacy measures.
* I'm assuming this, because (a) he must have known in advance that dip was coming and (b) like Musk, he appears to think rules are only for other people.
Not sure if you've misinterpreted the article, or are making a larger point that has gone straight over my head, but... Alex Russell of Microsoft is not part (AFAIK) of this new OWA grouping. He's just a prominent figure in the web development space, quoted here in this article for context. Maybe the article flow could be clearer.
There's iOS Chrome based on Apple WebKit, which is bad enough. But then there's the prospect of iOS Chrome based on a Google WebKit.
One of the reasons Apple do not adapt all the latest WebKit 'standards' so beloved of Google is because they can be shown to degrade privacy and make browser fingerprinting easier. Cut & Pasted:
Web Bluetooth - Allows websites to connect to nearby Bluetooth LE devices.
Web MIDI API - Allows websites to enumerate, manipulate and access MIDI devices.
Magnetometer API - Allows websites to access data about the local magnetic field around a user, as detected by the device's primary magnetometer sensor.
Web NFC API - Allows websites to communicate with NFC tags through a device's NFC reader.
Device Memory API - Allows websites to receive the approximate amount of device memory in gigabytes.
Network Information API - Provides information about the connection a device is using to communicate with the network and provides a means for scripts to be notified if the connection type changes
Battery Status API - Allows websites to receive information about the battery status of the hosting device.
Web Bluetooth Scanning - Allows websites to scan for nearby Bluetooth LE devices.
Ambient Light Sensor - Lets websites get the current light level or illuminance of the ambient light around the hosting device via the device's native sensors.
HDCP Policy Check extension for EME - Allows websites to check for HDCP policies, used in media streaming/playback.
Proximity Sensor - Allows websites to retrieve data about the distance between a device and an object, as measured by a proximity sensor.
WebHID - Allows websites to retrieve information about locally connected Human Interface Device (HID) devices.
Serial API - Allows websites to write and read data from serial interfaces, used by devices such as microcontrollers, 3D printers, and othes.
Web USB - Lets websites communicate with devices via USB (Universal Serial Bus).
Geolocation Sensor (background geolocation) - A more modern version of the older Geolocation API that lets websites access geolocation data.
User Idle Detection - Lets website know when a user is idle.
When they got to the whinge about missing web "standards" they lost the plot. There's a very good reason Apple has refused to allow some of the stupid stuff Google has pushed into Chrome. There's no reason at all for a web browser to ever have access to bluetooth, among other things.
A little surprised to find all the comments (so far) align with my own thinking on this. WebKit is bad but Chrome is worse and for completely different reasons. The "missing" functionality for non-Safari browsers is something I am glad is not there.
But I don't trust Apple, either. See, image scanning https://www.theregister.com/2021/12/16/apple_deletes_csam_scanning_plan/
Given the comprehensive and almighty clusterfuck that web developers have proven capable of developing over the last few years, with catastrophically bloated frameworks, constant churn to new shiny, ridiculously bad security practices within package management and a truly horrific track record of vulnerabilities in browsers themselves as they continue to clamour for ever-more invasive and deep-rooted hooks into the host OS, I really think they should just shut the f*** up and get their own house in order before having the temerity to tell anyone else what to do.
These clowns took the web, open or not, and pretty much tore it to pieces with a set of absolutely awful technologies and awful implementations balanced on top. RAM and CPU requirements of even basic shopping web sites are now absurd, with broken navigation models and compatibility issues as they insist on ever-more recent browsers; their lazy, half-arsed, have-a-go-hero development approach is the bane of just about every end user on the planet.
That's before we even so much as glance at the list of grievances as far as web-based tracking and advertising go, where at least iOS applications are in theory held to some kind of privacy standard and required privacy declaration.
If it wasn't clear enough: Kindly bugger off.
Here in Oz, we seem to have a particular problem with webdevs.
Whenever a client moves their website the dev will tell them to redelegate their DNS to something they control instead of just changing the required A/CNAME records to resolve to the new host. They will often follow their advice without talking to us first.
The first thing we know about it is when all their other DNS dependent services collapse in a heap and the client starts complaining to us.
Never had this issue when I worked in the UK, but it is a regular thing here.
Having worked for a small IT services company, I can tell you that the same thing went on in the UK. Many web devs were utterly 'kin clueless about basic stuff that should be fundamental. Best of all was when one of them insisted that we must add CNAME records for both the www. and non-www. addresses to point to their hosting ... Eventually I had to configure it and show them the logs from BIND spitting out the zone, and even then they weren't happy.
Apple has indeed wrecked the ship when it comes to WebKit and Safari. Sadly, this is more of the same Apple bungling since 2016.
No Way do I want the walled garden of iOS to be breached! Anyone who bothers to watch knows what a catastrophe Android is regarding security, with infamous malware breaches affecting thousands or millions hitting the security news every-single-week without exception. It's that bad. iOS has a stunning security record in comparison. You're wrong if you disagree, So don't ruin it, good intentions or not!
However! Giving Apple several swift and hard kicks to the groin area regarding WebKit is REQUIRED at this time. Add a steal toe to your boots! This Apple stupidity has got to stop ASAP before the wall around the garden comes down, if only out of frustration with the crap Apple is pulling.
Let's get to it!
*Security is the goal.*
Do Not Let it Out Of Your Sight Or MInd!
Got that?
> Anyone who bothers to watch knows what a catastrophe Android is regarding security, with infamous malware breaches affecting thousands or millions hitting the security news every-single-week without exception. It's that bad.
ROFL It is not that bad. If it was that bad why would anyone use Android? If it was that bad I'd have had an issue at some point im my 10 years of using Android, yet I haven't. Nor has any member of my family or friends.
Honestly, I like the walled garden. I can recommend iPads and iPhones to non-technical relatives and not worry about them installing things they shouldn't or doing something to break them. The worst issue I've had to solve was someone turning on the rotation lock.
I'd spend hours on the phone trying to fix their Windows machines, since recommending Apple kit I rarely have to deal with any problems.
While I do see the advantages of breaching the walled garden, it's not enough for me to want to deal with all the headaches. They'll be installing things willy-nilly from the inevitable Facebook App Store and wonder why the battery life is terrible because Facebook have the microphones running all day.
this bugreport is indicative of a pattern of systematic abusive behaviour
within the webkit team:
https://bugs.webkit.org/show_bug.cgi?id=16401
i actually had this feature fully-functional within something like 6 weeks.
the remaining *YEAR* was spent attempting to deal with increasingly
abusive behaviour by Mark Rowe, who demonstrated some of the worst
kind of "bad faith" Technical Goal-Post-Moving i have ever been
subjected to when contributing to a "Free" Software Project.
not one single patch was ever accepted.
when answering the review requests, 100% of them were shut
down with "justifications" that were never discussed further. to
test this i created smaller and smaller patches, and these were
also shut down. when working with someone else who accepted
one of the patches, Mark Rowe hunted it down and reverted it.
these are not safe people to work with, and it was not a surprise
to me when google hard-forked WebKit and called it "Blink".
only a Corporation with the resources of google could have
pulled that off: everyone else in the world has to put up with
the systematic power-abuse
https://politics.slashdot.org/story/21/10/03/233256/andrew-yang-suggests-power-may-affects-politicians-brain-neurons