Comment by evgen
5 years ago
> Aren't you in control over what you allow to access on the per-site basis?
You mean the same way you are in control over what data tracking you allow and what cookies can be set on a per-site basis? In theory perhaps, in practice no.
> You mean the same way you are in control over what data tracking you allow
I am still confused. How is it different from the native app situation? How can you be sure which of your data is being tracked by the Facebook app, or Twitter app, or Instagram app, or whatever the cool kids use these days?
While it seems paradoxical it can go in both directions, where sometimes the app is the danger; the question is about the choices available. Here is an example for you. I know more about how Facebook operates and what its app does than most people. I have opted not to install the Facebook app on my iPhone and instead use m.facebook.com for the few occasions in which I need to interact with Facebook.
WebKit on the iPhone limits the APIs that a web site can access. An app has fewer limits, even on an iPhone. This means that with a VPN, a decent DNS server, and some content blockers on the iPhone I can limit what data Facebook has access to in ways that an app does not allow. This is only possible because I have the choice between the app (with fewer limits and protections) and a restrictive browser environment. If the browser provided all of the goofy APIs Google wants to shove down people's throats I would have a much more limited set of options.