←back to thread

Apple declined to implement 16 Web APIs in Safari due to privacy concerns

(www.zdnet.com)
428 points coronadisaster | 2 comments | 29 Jun 20 10:16 UTC | HN request time: 0.002s | source
Show context
phkahler ◴[29 Jun 20 13:32 UTC] No.23677378[source]
Those APIs should not exist. Web site creators need to stop acting like they are entitled to access whatever they want on someone's computer.

I dont care about your unique SaS usecase, these are invasive. Make a native app if that's what you need.

replies(3): >>23677439 #>>23677650 #>>23679378 #
azangru ◴[29 Jun 20 13:58 UTC] No.23677650[source]
Why is accessing this via a native app better than accessing it via web browser?
replies(4): >>23677681 #>>23678522 #>>23678723 #>>23680258 #
evgen ◴[29 Jun 20 14:02 UTC] No.23677681[source]
I am less likely to accidentally give you permission over my computer to do shady shit if I am forced to install an app vs happen to click the wrong link on my browser.

The difference is intent. By installing Chrome I do not intend on giving up every last bit of privacy and control over my computer, they just want to trick me into doing so by stuffing functionality into web APIs that should never have been web APIs in the first place.

replies(3): >>23679204 #>>23679457 #>>23689582 #
azangru ◴[29 Jun 20 16:43 UTC] No.23679204[source]
> The difference is intent. By installing Chrome I do not intend on giving up every last bit of privacy and control over my computer

You make it sound as if Chrome will expose your private data and the control over your computer to everyone who cares to use it.

Aren't you in control over what you allow to access on the per-site basis?

replies(1): >>23681831 #
evgen ◴[29 Jun 20 19:51 UTC] No.23681831{3}[source]
> Aren't you in control over what you allow to access on the per-site basis?

You mean the same way you are in control over what data tracking you allow and what cookies can be set on a per-site basis? In theory perhaps, in practice no.

replies(1): >>23683132 #
1. azangru ◴[29 Jun 20 21:12 UTC] No.23683132{4}[source]
> You mean the same way you are in control over what data tracking you allow

I am still confused. How is it different from the native app situation? How can you be sure which of your data is being tracked by the Facebook app, or Twitter app, or Instagram app, or whatever the cool kids use these days?

replies(1): >>23683811 #
2. evgen ◴[29 Jun 20 22:04 UTC] No.23683811[source]
While it seems paradoxical it can go in both directions, where sometimes the app is the danger; the question is about the choices available. Here is an example for you. I know more about how Facebook operates and what its app does than most people. I have opted not to install the Facebook app on my iPhone and instead use m.facebook.com for the few occasions in which I need to interact with Facebook.

WebKit on the iPhone limits the APIs that a web site can access. An app has fewer limits, even on an iPhone. This means that with a VPN, a decent DNS server, and some content blockers on the iPhone I can limit what data Facebook has access to in ways that an app does not allow. This is only possible because I have the choice between the app (with fewer limits and protections) and a restrictive browser environment. If the browser provided all of the goofy APIs Google wants to shove down people's throats I would have a much more limited set of options.