← Back to context

Comment by jfkebwjsbx

5 years ago

Well, because native apps are intended to be trusted. They do not have a motivation to invade your privacy: proprietary apps are usually paid upfront and risk their future clients, open source can be inspected.

Instead, the overwhelming web business model is "free to use" (akin to f2p in games). That means ads and other monetization side channels become the priority of the app, not the app itself.

And that is for trusted web apps. Let's not even talk about the fact that you are executing random code every time you visit any webpage. That just does not happen with native apps.

4 comments

jfkebwjsbx

Reply
untog  5 years ago

That's not true at all! Free native apps abound. Web apps tied to subscriptions are also plentiful.

Open source is neither here nor there: both web sites and native apps can be open source. In fact, the web is unique in allowing you to actually inspect the source that is running on your machine, you have no way of verifying that the code in an open source repo is what actually runs inside your iOS app.

  • strbean  5 years ago

    > In fact, the web is unique in allowing you to actually inspect the source that is running on your machine

    To be fair, this is changing with WASM. On the other hand, there are tons of obfuscation opportunities with native executables that don't exist for WASM.

  • jfkebwjsbx  5 years ago

    > Free native apps abound.

    Yes? I haven't claimed there aren't free native apps.

    > Web apps tied to subscriptions are also plentiful.

    Fair, but most of the ones I know are usually technical apps or they offer something else that is not about software (for instance, storage more than the app).

    > the web is unique in allowing you to actually inspect the source that is running on your machine

    That is not unique, nor true.

    Uniqueness: you have apps made in scripting languages everywhere. Even for compiled languages it is a decision not to give you the code, not a technical one.

    Truthness: many webs are obfuscated on purpose like native apps are.

    > you have no way of verifying that the code in an open source repo is what actually runs inside your iOS app.

    False, you can definitely verify that a binary matches the source code in deterministic builds and even provide debugging symbols etc. The fact that many projects don't care about that does not mean there is "no way", it just means the overwhelming majority of users do not care.

    • untog  5 years ago

      What about Facebook? A native app, free, tied to a business and utterly motivated to violate your privacy.

      > False: you can definitely verify that a binary matches the source code in deterministic builds

      If I want to check an app I have installed from the iOS App Store matches the code provided in an open repo, how would I go about doing that?

      >Truthness: many webs are obfuscated on purpose like native apps are.

      True. But their underlying behaviour, i.e., what data they send and where they send it, is viewable and blockable by browser extensions.