| ▲ | toast0 7 hours ago |
| If browser F is worse at battery life than browser S, people will figure that out and adapt for themselves. If it's a big difference, it's self-evident; and small differences should show up in the battery life tool and computer press. Security-wise, the sandbox should limit damage to within the browser, and if it doesn't that's not the browser's fault. Maybe restrict access to password filling and such though / figure out how to offer an API to reduce the impact. Standardization, eh? Forcing Safari on iOS and not making it available on the mass market platforms (Android and Windows) makes it a pretty wonky standard. I guess there's a claim to be made for the embedded browsing engine, but IMHO, that should be an app developer choice. |
|
| ▲ | michaelt 6 hours ago | parent | next [-] |
| > If browser F is worse at battery life than browser S, people will figure that out and adapt for themselves. Unfortunately, the makers of a certain browser also control several major web properties, and regularly make 'mistakes' that break compatibility with competing browsers, while releasing a set of apps that 'forget' users' browser selections on a monthly basis. Personally, I'd much prefer apple allowed a browser engine with proper ad blocking support. But I do worry that the moment they do so, the almost-monopoly browser market would become a total monopoly. |
|
| ▲ | n8cpdx 6 hours ago | parent | prev | next [-] |
| Safari exclusivity is the only reason we aren’t living in a 100% “this site built for chrome” world. I think folks must forget the IE days and how bad that was. There is zero percent chance developers are wasting a second making sure their sites actually work cross platform if not for iOS (and iOS more moneyed user base). |
| |
| ▲ | xp84 3 hours ago | parent [-] | | We were in a “built for Netscape” world right before IE had its brief window of innovation in versions 4-5. The fact that people were building to IE though was only painful for a few specific reasons:
1. the versions of IE targeted were exclusive to Windows (Mac IE was way different, so it wasn’t that useful for when the site had targeted Windows IE) 2. IE stopped all development of useful UI or web standards features, meaning if you needed the compatibility you were stuck with a stagnant browser 3. Due to #2, of course web devs hands were tied when it comes to adopting things like HTML5, <video> tags etc. Users would have needed to switch between the two constantly — Firefox for cool new sites and IE for their bank, school, government, whatever. I would posit that none of the above seems true about Chromium. They do continue developing it, they add new web standards the most aggressively of anyone, and it’s available on basically every platform except the one Apple bans it from.
Mind you I don’t really want Google to own it, because they are way too damn big even without Chrome… but honestly it’s no IE situation. |
|
|
| ▲ | Tagbert 6 hours ago | parent | prev | next [-] |
| Safari has long been better for battery than Chrome but people still install Chrome on their MacBooks. |
| |
| ▲ | cosmic_cheese 4 hours ago | parent [-] | | Yep. Chrome's mindshare and momentum is incredibly difficult to overcome, and outside of technology-oriented circles users generally don't develop associations between specific programs and poor battery life unless it gets the fans blaring like you're running Cyberpunk 2077 with setting cranked to max or something. It's similar to how the overwhelming majority of people driving cars aren't going to make note of the difference in driving dynamics between CVT and automatic transmissions unless one severely underperforms compared to the other. It either runs or it doesn't and that's where the distinction ends for people who treat their car/computer/phone as an appliance. |
|
|
| ▲ | crazygringo 7 hours ago | parent | prev [-] |
| > people will figure that out and adapt for themselves No they won't. People on HN will. Not the average person. > Security-wise, the sandbox should limit damage to within the browser The problem is, arbitrary code execution vastly expands the risks. Your "should" is doing all the work there. > Standardization, eh? Forcing Safari on iOS and not making it available on the mass market platforms Huh? Apple follows web standards. Why the heck should it make Safari available on Android and Windows? Safari isn't a standard, web standards are. |
| |
| ▲ | leptons 6 hours ago | parent [-] | | >> people will figure that out and adapt for themselves >No they won't. People on HN will. Not the average person. Yes they will, Apple has made it very easy to see. To check iOS app power usage, go to Settings > Battery, where you'll see a breakdown of battery consumption by app for the last 24 hours or 10 days, showing usage time and background activity, allowing you to identify power-hungry apps and manage settings like Background App Refresh to improve battery life. So yeah, it's easy to see which app is taking the most power, and users can do this easily, unless you think Apple's UX is so bad that users won't know how to read it? >The problem is, arbitrary code execution vastly expands the risks. Your "should" is doing all the work there. If that's a problem for web browsers, then it's a problem for every single app in the app store. There's nothing really unique about a web browser app that makes it more risky than any other app. Javascript is already very much sandboxed. And there have been plenty of exploits that already target Safari. So saying other browsers are the problem is like blaming the victim (of Apple's anti-competitive practices). >Huh? Apple follows web standards. Why the heck should it make Safari available on Android and Windows? Safari isn't a standard, web standards are. If web standards are standards, then let other web browsers on iOS. The real reason Apple disallows other browser engines on Safari is so they can force developers to create native apps where they can get a cut of any purchase made through the app. The problems with Apple's anti-competitive practices have been spelled out in the DOJ lawsuit against them: https://www.justice.gov/archives/opa/media/1344546/dl?inline | | |
| ▲ | otterley 4 hours ago | parent | next [-] | | Apple made it very clear that their security concerns related to third party browsing engines are about difficult-to-contain threats posed by JIT compilation. (JITs require non-text memory pages to be executable.) Apple doesn’t allow other apps to use such technology, so they’re consistent in that respect. Apple even disables JIT for Safari itself when you put an iPhone in lockdown mode, at no small cost to performance, in an effort to harden the device even more. Do you have a rebuttal to that? | | |
| ▲ | concinds 3 hours ago | parent [-] | | Yes. Safari is a less secure browser than Chrome, architecturally. Took far longer to ship sandboxing. Still hasn't fixed SLAP and FLOP. Still hasn't shipped proper site isolation. Takes far longer to fix reported vulnerabilities, and consistently "fixes" them superficially and incorrectly, requiring another fix. Enough with the Apple fanboy paternalism. They don't need absolute control "for users' sake". They're not entitled to it. | | |
| ▲ | otterley 3 hours ago | parent [-] | | > Still hasn't fixed SLAP and FLOP. Still hasn't shipped proper site isolation. Those are interesting facts, but are ultimately a red herring. How will enabling JIT for other browser engines, absent the detailed vetting Apple is requiring to provide a Web Browser Engine entitlement, yield a more secure outcome? > Enough with the Apple fanboy paternalism. They don't need absolute control "for users' sake". They're not entitled to it. You are, of course, welcome to choose an alternative. If you prefer Android, by all means, use it! | | |
| ▲ | concinds 2 hours ago | parent [-] | | The "vetting" is irrelevant because the other engines will continue to not exist. By design. I am currently forced to use a less secure browser due to Apple's restrictions, which invalidates your original claim. Your skillful dodging of that point is why it's so frustrating to have any conversation about Apple. There really are cult-like aspects. | | |
|
|
| |
| ▲ | swiftcoder 5 hours ago | parent | prev | next [-] | | > So yeah, it's easy to see which app is taking the most power, and users can do this easily, unless you think Apple's UX is so bad that users won't know how to read it? It's easy to see, but seeing doesn't mean the user will do anything about it. I guarantee that for the average user, their list goes something like Instagram/TikTok/FaceBook/Twitter, and they haven't uninstalled any of those yet due to battery drain... | |
| ▲ | crazygringo 6 hours ago | parent | prev [-] | | > go to Settings > Battery, where you'll see a breakdown of battery consumption by app And what percentage of users do you think ever check that, or even know it's there to check? > If that's a problem for web browsers, then it's a problem for every single app in the app store. No it's not, the app store disallows arbitrary code execution. > There's nothing really unique about a web browser app that makes it more risky than any other app. Yes there is -- JavaScript. > Javascript is already very much sandboxed. ...by Safari. It wouldn't be if you allowed any developer to write their own JavaScript interpreter as part of their own browser. > If web standards are standards, then let other web browsers on iOS. That's a non-sequitur. | | |
| ▲ | leptons 3 hours ago | parent [-] | | >And what percentage of users do you think ever check that, or even know it's there to check? It does not matter. The functionality is there. If a user can't figure it out then they have other problems that having a smartphone won't fix for them. >No it's not, the app store disallows arbitrary code execution. You mean Javascript interpreters inside a web browser? lol. You mean like Safari is allowed to do? So only Apple can allow Apple apps to do this? I'm not sure you're thinking this through. Apples rule is a made-up rule designed to keep competition out, and force developers to write native apps so Apple can extort the developers by taking a percentage of purchases made through the native app. >Yes there is -- JavaScript. That's the dumbest possible argument you could make. Javascript has been very much sandboxed and secure for a very long time. There have been flaws in Safari that allowed remote code execution had nothing to do with Javascript, so good luck moving that goalpost somewhere else. >...by Safari. It wouldn't be if you allowed any developer to write their own JavaScript interpreter as part of their own browser. I'm not recommending my users use H@ck0rbR0Ws3R, I'm recommending they use Google Chrome, specifically because it supports the APIs my company needs to use for our product (on Android at least). Okay Tim Apple, the DOJ is coming for you. You can explain this all to them when they come knocking, and they will. |
|
|
|
