← Back to context

Comment by untog

5 years ago

That's not true at all! Free native apps abound. Web apps tied to subscriptions are also plentiful.

Open source is neither here nor there: both web sites and native apps can be open source. In fact, the web is unique in allowing you to actually inspect the source that is running on your machine, you have no way of verifying that the code in an open source repo is what actually runs inside your iOS app.

3 comments

untog

Reply
strbean  5 years ago

> In fact, the web is unique in allowing you to actually inspect the source that is running on your machine

To be fair, this is changing with WASM. On the other hand, there are tons of obfuscation opportunities with native executables that don't exist for WASM.

jfkebwjsbx  5 years ago

> Free native apps abound.

Yes? I haven't claimed there aren't free native apps.

> Web apps tied to subscriptions are also plentiful.

Fair, but most of the ones I know are usually technical apps or they offer something else that is not about software (for instance, storage more than the app).

> the web is unique in allowing you to actually inspect the source that is running on your machine

That is not unique, nor true.

Uniqueness: you have apps made in scripting languages everywhere. Even for compiled languages it is a decision not to give you the code, not a technical one.

Truthness: many webs are obfuscated on purpose like native apps are.

> you have no way of verifying that the code in an open source repo is what actually runs inside your iOS app.

False, you can definitely verify that a binary matches the source code in deterministic builds and even provide debugging symbols etc. The fact that many projects don't care about that does not mean there is "no way", it just means the overwhelming majority of users do not care.

  • untog  5 years ago

    What about Facebook? A native app, free, tied to a business and utterly motivated to violate your privacy.

    > False: you can definitely verify that a binary matches the source code in deterministic builds

    If I want to check an app I have installed from the iOS App Store matches the code provided in an open repo, how would I go about doing that?

    >Truthness: many webs are obfuscated on purpose like native apps are.

    True. But their underlying behaviour, i.e., what data they send and where they send it, is viewable and blockable by browser extensions.