← Back to context

Comment by jchw

1 month ago

Not impressed. I'd be much more impressed if we could run software like Little Snitch on iOS, or install Firefox. Or even just side load apps without pay $100/year.

(Note: a Safari webview with a Firefox logo on it does not count.)

7 comments

jchw

Reply
sgammon  1 month ago

> I'd be much more impressed if we could run software like Little Snitch on iOS

You can; or, at least, the APIs are available for this, and have been for some time.

> or install Firefox

https://apps.apple.com/us/app/firefox-private-safe-browser/i...

Inb4 "you cannot replace the built-in browser engine"

https://developer.apple.com/documentation/browserenginekit

> Or even just side load apps without pay $100/year

Then use an Android. Apple has taken a stance on this since it was formed. If you don't know by now that Apple is actively hostile toward hobbyists with their approach to computing, I can't help you. That is why there are alternatives from Google, Microsoft, Amazon, and so many others.

To others (me), this is a feature. I would rather the $100/yr fee exist for several reasons.

  • jchw  1 month ago

    > You can; or, at least, the APIs are available for this, and have been for some time.

    Why is there no citation on this one? iOS has a (fairly limited) VPN API but it is woefully insufficient to make an application-level firewall and I don't think any exist.

    > https://apps.apple.com/us/app/firefox-private-safe-browser/i...

    That's Safari in a trenchcoat.

    > Inb4 "you cannot replace the built-in browser engine"

    > https://developer.apple.com/documentation/browserenginekit

    That requires an entitlement that A.) is only available in the EU for apps distributed in the EU and B.) as far as I know, has never been granted to anyone. Mozilla for example does not have it.

    If it weren't for EU regulations we would probably still not even be able to change the default browser in iOS, so realistically it appears regulating Apple works great. It's hard to argue against regulating Apple while also defending it by showing the fruit bore from regulating them.

    > Then use an Android.

    I own both iOS and Android devices for what it's worth. Anyway...

    > Apple has taken a stance on this since it was formed.

    Since... it was formed? Really? I don't remember the Apple II requiring a $100/year developer license to "side load" software.

    > If you don't know by now that Apple is actively hostile toward hobbyists with their approach to computing, I can't help you.

    This is a frankly insane thing to say to someone who is in middle of criticizing Apple for this exact hostility. Of course framing it as a developer problem is a convenient way to ignore that developers are users and users are developers, and that these restrictions also have negative impacts on even users who aren't developers.

    > That is why there are alternatives from Google, Microsoft, Amazon, and so many others.

    Apple is the same company that ran a tirade about how Android was a stolen product, so I find it amusing that in just ten years it has become the crutch to defend any and all bad practices Apple holds dear. Don't like it? Just use something else!

    Of course, I do use other devices, but I can't magically not be impacted by Apple's persistent brain-death. For years I have had to deal with the utter stupidity that is the fact that Apple refused to support patent-unencumbered video formats like WebM, and devices that can't play WebM natively and in Safari are still plentiful in the wild. So I can't just pretend Apple doesn't exist.

    Not that it matters: I am free to criticize Apple however I want, even if Apple fans do not like it. Even just because I feel like it, but even moreso as a paying customer of Apple, and a developer who has dealt with the impact of Apple being involved in the ecosystem. (Thank you Apple, for refusing to support SPIR-V in WebGPU, we love having an additional standard for something for basically no reason.)

    > To others (me), this is a feature. I would rather the $100/yr fee exist for several reasons.

    I know. I don't think highly of this position, but I am well aware of it.

    • sgammon  1 month ago

      Also, because it's just worth noting anyway:

      > That's Safari in a trenchcoat.

      Then so is Chrome, or, where do you draw the line? WebKit bad, Gecko good? Why? Blink is a fork of WebKit. Ultimately who cares which JIT-enabled browser engine runs your JS?

    • sgammon  1 month ago

      > Why is there no citation on this one?

      Clearly none was needed since you know what I was referring to. I disagree that the APIs are not sufficient, since I've used them in enterprise contexts and found them to be comprehensive. The same APIs are available via consumer means. There are tons of VPN and filtering apps for iOS.

      From [0]:

      - Change the system’s Wi-Fi configuration

      - ...

      - Create and manage VPN configurations, using the built-in VPN protocols (Personal VPN) or a custom VPN protocol

      - Create and manage network relay configurations

      - Implement an on-device content filter

      - Create and manage system-wide DNS configurations

      - ...

      And continues with:

      - Configure your VPN to include and exclude some network traffic

      - "... built-in proxying for TCP and UDP traffic over HTTP/3 and HTTP/2..."

      - Use the Network Extension framework to allow or deny network connections

      - ...

      > That's Safari in a trenchcoat.

      Only if you consider the core of Firefox to be Gecko, and not the entire product experience created around Gecko, which is merely an engine.

      The security surface area of a JIT-enabled browser engine is significant and complex (see: Chrome). Apple arguably keeps phones safer by maintaining this restriction. Isn't that what you want in the first place?

      > That requires an entitlement that A...

      See note about Apple's active hostility toward hobbyists. This is considered a feature from their perspective, and reasonable minds could differ about whether they are right, but it is a choice nonetheless.

      > I own both iOS and Android devices for what it's worth

      So do I. I don't understand why this is mysterious to you, then.

      > Since... it was formed? Really?

      Yes, really. "Since it was formed" as in, Apple has always taken a stance (after well documented disagreement between the Steves) to build a "walled garden." Whether that wall is a $100/yr fee, or special screws in a tower case, or what not, they have consistently implemented that opinion with action since their inception.

      Apple II aside, macOS is actively hostile toward 3rd party software. See: Notary, signing, and so on.

      > This is a frankly insane thing to say to someone who is in middle of criticizing Apple for this exact hostility

      Being hostile toward hobbyists is a feature to them, not a bug, and it is orthogonal to privacy at best (at worst, in their view, openness is harmful to privacy). If we are arguing about privacy, then we might agree on this point, but for different reasons.

      > [Apple is the same company that ran a tirade]... [Don't like it? Just use something else!]

      Yes, that is your right. I don't claim to defend everything Apple produces, but, focusing again on the topic at hand (privacy/security), I personally think they do a better job than most. Their choices to get there can be argued over, of course, which is what we are doing now. I see their choices are part-and-parcel of a larger cohesive strategy; apparently you do not?

      > So I can't just pretend Apple doesn't exist

      Sure, I never suggested you could, merely that other devices will be naturally better for people who want to use them as enthusiasts or hobbyists outside the Blessed Apple Path(tm).

      > I know. I don't think highly of this position, but I am well aware of it.

      ¯\_(ツ)_/¯ I think highly of your position to argue with it in good faith, so I'm sad to hear that.

      [0]: https://developer.apple.com/documentation/networkextension

sgammon  1 month ago

> Not impressed.

So Apple kneecaps Meta's cross-app advertising, something that literally makes them no direct revenue to implement, and protects users (it famously reduced Facebook cross-app analytics traffic to a significant degree), and you think this is business as usual?

Then you should reconsider my comment at the top of this thread, because it is 100% speaking to this exact phenomenon.

  • jchw  1 month ago

    I mean I'm unimpressed as far as user agency goes, not as far as privacy goes.

    • sgammon  1 month ago

      Ask App Not To Track was literally just the ability for the user to choose for themselves whether tracking is allowed. That’s a user agency improvement.