From the (admittedly little) I know about how iOS handles security and the speed at which they responded this sounds like a pretty credible explanation to me. What makes you think it isn't?
Because that's literally what it says when you really read into it? They acknowledge that 1) Safari already has all the integrations required to support PWA securely and that 2) they can't be bothered to provide the same API's for third party browsers because it's not "practical".
They built their PWA support in an anticompetitive manner assuming App Store & WebKit would be a monopoly forever, and now as a result the baby is going out with the bathwater.
They built their PWA support with assumptions about how the application, OS, and WebKit were going to run. That's like saying, "Oh, Microsoft didn't build an API layer into Windows to support running X11 apps side by side with Win32 apps, so they were being monopolistic." No, you have limited engineering time and you make engineering tradeoffs. You don't need to design an interface layer and API and hooks between system components if your design doesn't call for it or doesn't need it.
> They built their PWA support in an anticompetitive manner assuming App Store & WebKit would be a monopoly forever, and now as a result the baby is going out with the bathwater.
They built it in such a way that it was sustainable and sensible for the time it was made (iOS 2.0). That's a really long time ago in the software world. More than a dozen versions of the OS have been built on top of this. Saying "they should have just figured it out back then" is completely ignoring the reality of what was offered by the OS and the mobile space entirely at the time.
Now laws have been passed that say "you must provide alternatives." OK. They can choose to spend an ungodly amount of time refactoring the OS to undo 16 revisions of the OS of assumptions for zero benefit for the company, or they can say "Sorry we can't comply with that for your market."
It sucks. But it's a result of reasonable business decisions and their evolutions from a significantly different era.
No, it's saying that they shouldn't have designed a operating system with no support for other browsers (unlike lesser known alternatives such as "Apple Mac OS X") in the first place and that you shouldn't have any sympathy when such an anticompetitive technical design and behavior blows up in their face.
> They built it in such a way that it was sustainable and sensible for the time it was made (iOS 2.0).
Support for installing progressive web apps was added in iOS 11 [1], released in 2017. This is decade(s) after Microsoft was dragged to court in the US and EU for similar behavior with Internet Explorer. Of course being the authoritarian company they are, Apple would rather dig their heels until the bitter end instead of just doing the right thing.
> Saying "they should have just figured it out back then" is completely ignoring the reality of what was offered by the OS and the mobile space entirely at the time.
Sorry, but the rest of the mobile space did figure it out at the same time. All of the things being debated in this thread simply just work on any Android phone and Google Chrome or Mozilla Firefox in a secure manner. I'm so tired of this reality distortion field.
And it probably took the space a non trivial amount of time to figure it out whilst apple allocated their time on other features.
Now a regulation says that Apple should figure it out and Apple says they'd prefer to continue to allocate their time on other features.
Apple is not government company, they do not make decision on what makes all users happy, regardless of how small the feature they are building is. They make decision based on how much profit they're expected to make. Apple probably calculated the efforts and possible profits on this and profits would probably be negative on both options to either build pwa support on arbitrary browsers vs remove pwa support on all browsers altogether. Removing support was probably the option that showed lower profit loss across the short term.
In the end, I still think it's a bad move, but why should Apple care about what I think?
I don't use pwas, I don't even use apple products.
They are being rightfully forced to open all their gatekeeping features, in this case, they simply chose to remove the feature as a whole instead of opening it up to everyone. They will take a loss here, but it might be a smaller loss when compared with the effort that they'd have to do if they were to open the feature in the limited time the EU has given them.
Maybe in the future they'll do it, but not now.
I don't see why everyone is getting so worked up about this, apple is in it for the profit, even if it mean losing some in the short term. Why is this so surprising?
This is why I purchase iOS devices - ultimately their closed garden provides a smaller attack surface, clearly evidenced by the comparative (to Android) cost of exploits on the black market.
I cannot see this as anticompetitive. If you want open, you have that choice in Android.
Only if you give a damn about PWA's. Evidenced by the fact I have none on my phone, and don't feel the need for any either, I'm fine with them being out.
"Hey PWA, don't let the door hit you on the backside, on your way out".
The browser is just about the most vulnerable attack surface on any computer. Using it as a general-purpose application host is nuts, IMHO.
This is exactly my feeling too. I don't want the platform to open up more. I left Android because I wanted to make fewer decisions about my device, and to just think about it less in general.
Also, Safari is a non-Chromium-based (though still related) browser which developers are forced to support because it's the only thing allowed on iPhones. Most users aren't going to install Firefox on their iPhone, they're going to install Chrome, which is just going to make Chromium's market dominance worse.
> Because that's literally what it says when you really read into it?
I know it's used as an intensifier, but this feels like a particularly bad place to use "literally" that way.
> They acknowledge that 1) Safari already has all the integrations required to support PWA securely
Not really sure how to respond to this. An airliner already has all the controls required for being piloted. Why am I not allowed to pilot my next commercial flight?
But my more serious point:
> 2) they can't be bothered to provide the same API's for third party browsers because it's not "practical".
Why are you glossing over "practical" there and putting it in sarcastic quotes?
This sounds like a huge change in the security model given how tightly Safari is integrated with the rest of iOS. Heavily restricting permissions and sometimes functionality to prevent security threats is very consistent with what I've seen from Apple in the past (and is one of the reasons I prefer them).
Even if they intended to open this stuff up, I can't imagine this is a change which wouldn't require massive changes to iOS and a long review and testing process.
> They built their PWA support in an anticompetitive manner assuming App Store & WebKit would be a monopoly forever, and now as a result the baby is going out with the bathwater.
They built their PWA support for the architecture they've had since the iPhone's release. Why should they have wasted time building affordances for a world in which they were forced to support other browsers?
> Not really sure how to respond to this. An airliner already has all the controls required for being piloted. Why am I not allowed to pilot my next commercial flight?
What kind of ridiculous "argument" is this? Am I putting hundreds of other people in risk by installing Firefox on my iPhone? The fact remains that the EU in fact does intend to put you in front the airliner's controls. You can of course choose to turn on autopilot and keep using Safari.
> Why should they have wasted time building affordances for a world in which they were forced to support other browsers?
Guess what, "tight integration" of Internet Explorer into Windows for whatever technical reasons was not a favorable argument for Microsoft in front of the European Commission either. Lack of foresight to design open systems is not an excuse in front of the law.
> What kind of ridiculous "argument" is this? Am I putting hundreds of other people in risk by installing Firefox on my iPhone?
Certainly it’s an extreme example, but yes, giving people the ability to install other browsers and app stores is increasing their risk. This ruling makes it possible for some companies to decide to only allow their app to be installed through an alternate app store, which won’t necessarily restrict malicious code in the same way.
Have to agree (disclaimer, haven't been an iPhone user since the 4). Suddenly allowing all browsers to have those kinds of native permissions, even with massive testing, sounds like a security nightmare. You're introducing an entire extra dimension for security holes, given how much trust people place in their phones.
This doesn't sound at all the same as allowing other engines for use inside browsers, based on both apples defense and the take-downs on them.
Browsers support PWAs on the desktop platforms without there being a security nightmare, and while I'm sure there are some permissions that could be a problem, things like the camera and microphone are managed on the desktop without issue.
Is there some flaw in iOS that makes it harder to secure than the desktop?
iOS was never conceived of as something which would run arbitrary code that could access system-level data (the siloed data). So basically the situation exists by design, and in order to achieve security when enabling PWAs from other browser engines, they'd have to add another layer of security that currently doesn't exist (since they never had to trust anyone's code but their own).
So... yes, there is apparently a lack of security there, but that's because the layer in question was never intended to be anything but proprietary until this ruling.
I don't think believing why the most valuable company in the world with the highest and thickest walls around its garden, and a track record of not playing nice with others, is doing this, requires much explanation except that they want to kill the possibility of anyone bypassing the toll gate to the said garden.
Apple has no way of enforcing any kind of platform fee for PWAs since the developer does not need to interact with Apple at all. This financial conflict of interest is why the availablity of the full PWA feature set is desirable to developers and undesirable to Apple.
naive people accept at face value PR speak. unwilling to look past that and look for other ulterior motives even less charitable ones would pretty much be textbook naivety to me.
I didn’t ask because I think someone should take a company’s word at face value.
I asked because the thing this company said in this particular instance aligned with what I’d heard from other (independent) parties and I wanted to know why this person seemed so sure about that being wrong.
