
How to Fix the App Store - mohamedattahri
https://mohamed.attahri.com/posts/how-to-fix-apple-app-store
======
diablo1
PWAs need to be pushed more. PWAs are more private and don't have access to
things that could contain sensitive information like the clipboard's contents
which are often scraped and uploaded to shady C2s by some apps

~~~
Nicksil
There's a Clipboard API [https://developer.mozilla.org/en-
US/docs/Web/API/Clipboard_A...](https://developer.mozilla.org/en-
US/docs/Web/API/Clipboard_API)

~~~
diablo1
...That is often abused [https://in.mashable.com/tech/12219/tiktok-and-other-
popular-...](https://in.mashable.com/tech/12219/tiktok-and-other-popular-ios-
apps-are-spying-on-your-iphone-clipboard)

~~~
Nicksil
Indeed.

You mentioned

> PWAs are more private and don't have access to things that could contain
> sensitive information like the clipboard's contents

Do PWAs -- Web applications built with JavaScript, among other Web
technologies -- have access to standard Web API offering? If so, then PWAs
offer no advantage with respect to your claim. How does using a PWA provide a
more secure environment for the user?

~~~
diablo1
The JS API is a bit safer as the user has to "explicitly enable this feature".
Although in some browsers, full access is granted. Thanks for pointing it out.
Another reason to surf with JS disabled and whitelist for sites that require
it.

