> It is not our experience that competing web browsers have typically offered enhanced privacy or security that would protect users as adequately as our WebKit protections.
Google pioneered the out-of-process architecture that Safari now uses, developed the Safe Browsing program that Safari also uses, drove the adoption of HTTPS, put pressure on misbehaving certificate authorities and shepherded certificate pinning and then Certificate Transparency, and found many vulnerabilities in WebKit through security research that Apple was not itself doing.
Moreover, on the desktop, Chrome and Firefox both have automatic update channels that allow them to push out security fixes much more rapidly than Apple's heavy OS updates. (On iOS, they would be limited by Apple's App Store approval process.)
All this to say, I'm skeptical of the suggestion that a Blink-powered Chrome for iOS would not "protect users as adequately as our WebKit protections."
>All this to say, I'm skeptical of the suggestion that a Blink-powered Chrome for iOS would not "protect users as adequately as our WebKit protections."
Maybe Google is excellent at updating their browser to address security issues, but Apple's concern isn't purely security. It's also privacy. And Safari's track record on privacy technologies is longer and better than everyone.
Furthermore, Apple sells integrated products. They don't sell operating systems, browsers, app stores, and NFC chips. They sell a finished good that incorporates all of those things and more. They take end to end responsibility for their products and it would be frankly uncharacteristic of Apple to have any other position than extreme self-reliance.
Microsoft didn't sell IE either, it too was once part of a package called Windows.
Apple has always maintained that the physical object is tied to its software and vice versa, on the other hand. They have no interest in running on the vast majority of mobile devices (android handsets control the majority of smartphone market share by a wide margin). The only exception to this is when Apple is selling services, in which case they let you run iTunes on Windows and Apple Music on Android. It's not like you can install macOS or iOS in any supported method on a non-Apple product.
The only possible argument is that iOS is not in a dominant position in the smartphone market thus Apple cannot exercise monopolistic powers. But people doesn't change their phone because of web browser engine since its prohibitively expensive for this purpose. The result is that an Android phone doesn't work as an alternative for iPhone, thus iOS can be defined as a sole market for browser products (in terms of monopoly of course). This could've been solved if Apple allowed installation of other OS in iPhone, but they've made their choice a long time ago.
Well, yes, that is the battlefield here: should the market in software, services, and media exist, or should consumers have to pick which vertical silo to use and then be unable to switch without prohibitive re-purchasing and setup costs?
The consumer just wants perfectly consistently browned toast, while not dying from electrical shock or setting her house on fire. She’s not really buying a toaster, she’s buying no-hassle toast.
If you allow that’s what an iPhone is, rather than a general personal computing device, Apple’s stance makes more sense.
> If you allow that’s what an iPhone is, rather than a general personal computing device, Apple’s stance makes more sense.
But the iPhone is _not_ a toaster. To characterize the consumer wants around an iPhone and its variable uses as akin to the near uniform customer expectation to have a toaster that doesn't burn their house down while doing its job is hard for me to accept.
If a customer is really seeking "no hassle toast" when buying a toaster, what is the customer buying in an iPhone? No-hassle phone?
If so, are we construing "giving the consumer the option of installing software on their own device" as a hassle? With something like a phone, I believe users have come to expect the ability to install software of their choosing on the device, which is very different from expectations of software installation for something like a toaster.
I have a mid 90s uneducated great grandmother who grew up and still is in a rural village in a poor country able to contact all of her great grandchildren and video chat with them for the past 7 years.
they could fix the bug iOS that allowed an app to escape it's sandbox. Exactly the same as every other OS including MacOS
one interpretation is they are claiming the are incompetent at securing iOS but somehow competent at securing Safari. Those seem like opposing statements. Either they are competent at both and so 3rd party browsers are fine or they are competent at neither and we need access to more competent browser teams.
I would like to believe they are competent and that their excuses are untrue. Otherwise we should go back to the world of no Firefox or Chrome because that same argument would apply to MacOS and Windows
Uhh... Mozilla Firefox anybody? If Apple cares about privacy so much then why don't they allow ad blockers on safari? I mean, even the Brave browser on iOS is better then Safari at blocking trackers and advertisements. Firefox also tells me how many trackers they have blocked and also give me the option to completely opt out of any telemetry data collection.
The design is more performant than holding each load up on a traditional browser extension's decision, and does not permit the content blocker to track your browsing history and then upload it somewhere.
It also conveniently allows Apple to get away with not providing a more flexible browser extension API while supporting the most common use case.
They do. I am running Crystal right now on mobile Safari. I also have ad blockers on desktop Safari as well.
Though you can get some ad blockers which do less.
Certainly I would say Apple is doing better on privacy than Google, but when it comes to the browser specifically, I don't think they're doing significantly better.
Google, for instance, pioneered Incognito mode (edit: nope, Safari beat them). They developed and deployed their privacy-preserving telemetry tool RAPPOR in Chrome a few years before Apple adopted the technology for anything. Chrome allowed you to configure DuckDuckGo as your default search engine pretty much from the beginning (as long as you did it manually), whereas Safari took years to allow it.
Safari has been slowly shutting out many forms of third-party extensions which are frequently for ad and tracker blocking. (To be fair Apple has a design that reduces the amount of trust you need to put in an ad blocker to see your browsing behavior, but it is far more limited, and likely sees far lower adoption.)
I do think Apple is prioritizing privacy-protecting features higher than Google is, so it would not surprise me to see Safari come ahead with features like Intelligent Tracking Prevention which conflict with Google's business interests.
I stand corrected.
> It added DDG as an option in 2014, while Chrome added it only this year.
There's a nuance here. Apple's list of search engines comes from a cryptographically signed file which only they can modify. Chrome allowed you to manually configure DDG, but omitted it from the pre-configured list of search engines that included Bing and Yahoo!.
https://news.ycombinator.com/item?id=3770958 is a fun trip down memory lane.
Which led to the FTC collecting a scalp for it.
Keep in mind that several of Congress' questions are asking whether Apple provides privileged access to favored partners.
Sure, you could have security auditing standards required for apps with certain functionality, including browsers, and apply them in a neutral manner across vendors. That might structurally favor larger firms, but wouldn't favor partners.
apple is blocking exec flag on mmap'ed blocks because of security concerns.
Malware _relies_ on that ability to avoid static analysis.
The block on allocating executing memory flows from the security concern, rather than security “spin” flowing from the allocation restriction.
How will the user know whether software is secure?
But you actually trust Google to protect people’s privacy?
They didn't objectively state that other entities aren't capable of it. They literally said they felt those companies wouldn't protect their users as well as them.
Per the article I shared, there ARE competitors to Apple that rival their privacy and security skills. Those competitors have helped Apple improve. It is an outright lie for Apple to say "it is not our experience..."
I get that my argument is mostly pedantic, but even as an "opinion" it only holds if Apple is delusional.