[HN Gopher] Everyone knows all the apps on your phone
___________________________________________________________________
Everyone knows all the apps on your phone
Author : gniting
Score : 1052 points
Date : 2025-03-29 21:26 UTC (1 days ago)
(HTM) web link (peabee.substack.com)
(TXT) w3m dump (peabee.substack.com)
| smallnix wrote:
| Nice analysis. Google should take notice. Do worldwide used apps
| do this too?
| einszwei wrote:
| From the article - Facebook, Instagram, Snapchat, Subway
| Surfers, and Truecaller use this too
| OutOfHere wrote:
| If Google truly cared about privacy, each app would run in its
| own strict jail, and permissions would be faked by default. Also,
| easy malware by Israel or anyone else would not be a thing. As it
| stands, apps know everything I am doing, and I get targeted spam
| email rather immediately.
| brunoqc wrote:
| > apps know everything I am doing
|
| I think I call bullshit on this.
|
| But I agree that they could do way more and that they don't
| seem to care.
| JumpCrisscross wrote:
| > _If Google truly cared about privacy_
|
| Have they even been pretending on this front?
| Speedy218 wrote:
| They put in a lot of work to make it seem like they do
| believe it or not, I'm not sure how well it is working out
| for them though.
| amelius wrote:
| > I don't even know where to begin unpacking this madness. How is
| knowing whether I have the Xbox or the Playstation app installed
| on my phone essential to their Swiggy's core functionality?
|
| Probably has to do with feeding adtech's hunger for personal
| information, or fingerprinting maybe (not sure if that's a thing
| in the context of phone apps).
| einszwei wrote:
| Just wow. I assumed that Google patched this few years back but
| guess they left a few backdoors.
| dhosek wrote:
| I would pretty much assume that any Android phone is a massive
| privacy leak and security risk. I'd hope that an iPhone is
| better, but I'd be wrong.
| gruez wrote:
| It's probably an oversight than a "backdoor". They already have
| a "frontdoor" in the form of a permission that's pre-granted to
| them by the OS, so there's little need for them to devise
| backdoors like the android.intent.action.MAIN query that the
| blog post mentions.
| iamnotarobotman wrote:
| I just don't trust Google anymore. They are not the same as
| they were years ago and have just declined in general.
|
| Play Store Review and everything takes weeks sometimes and I
| can't tolerate that.
| rkagerer wrote:
| Can you see in the Play store before installing an app exactly
| which other apps it's allowed to talk to? Can you see it on your
| phone and override?
| gruez wrote:
| No, not in any straightforward way, although you can
| theoretically:
|
| 1. download the APK from a mirror site
|
| 2. disassemble it to get the android manifest
|
| 3. inspect the android manifest to check for the things the
| blog post discusses
| cheschire wrote:
| Can windows apps (not installed from the MS store) enumerate
| through the window titles of all open windows? How hard would it
| be for an app to monitor all of your web traffic based on the
| title alone?
|
| Legit question. ChatGPT isn't super helpful here since it agrees
| with everything when I'm really looking for someone to say why
| this isn't really feasible in the real world.
| gruez wrote:
| Most windows apps aren't sandboxed, so them being able to grab
| window titles is the least of your worries. Any program can
| steal your login sessions and passwords if they wanted to.
|
| https://xkcd.com/1200/
| facile3232 wrote:
| Are you essentially discussing like a keylogger? I can't
| imagine windows intentionally keeps the plaintext password
| anywhere longer than it needs to be.
| gruez wrote:
| Obviously there's no way for a malicious program to grab
| your login credentials that you've entered into an
| incognito tab that have been closed. There might not be
| sandboxing, but viruses can't timetravel yet. However
| that's not going to be much of a defense when many users
| use password managers, and are terrible at detecting
| malware (so it's only a matter of time before their
| passwords are keylogged).
| misnome wrote:
| > viruses can't timetravel yet
|
| _Windows Recall to the rescue!_
| halfcat wrote:
| > _I can 't imagine windows intentionally keeps the
| plaintext password anywhere longer than it needs to be._
|
| Can't tell if serious or not [1]. Also any program can read
| any saved password out of Windows Credential Manager.
|
| https://en.wikipedia.org/wiki/Mimikatz
| justonenote wrote:
| ita disconcerting to see such naivety around security
| issues on hn.
|
| not that windows is keeping passwords in plaintext, but
| that it's not immediately obvious that un-sandboxed apps
| that run on your windows/linux/mac desktop have virtually
| unlimited other avenues to capture passwords given they can
| read the entire state of other windows at the very least.
|
| I dunno maybe macos is slightly better, and wayland
| definitely has some things which are better about this, but
| desktop os and $locally_installed_app means
| $locally_installed_app basically has root, there is just an
| exploding amount of vectors.
|
| I'd like to see a linux based distrubution use some of the
| sandboxing in Android, it would be a order of magnitude
| improvement over what is going on now.
| facile3232 wrote:
| So like a keylogger. Thanks
| 9dev wrote:
| That, but consider also how an application running with
| your user privileges has full access to the filesystem with
| those privileges, so it can read your entire home
| directory, for example. That includes your browser profile
| with all cookies, and all credentials that applications
| store there unencrypted. Not to mention how that allows for
| all the fingerprinting even the most nefarious marketer
| could wish for.
|
| Oh, and the UAC confirmations to elevate your apps
| permissions to root? People will gleefully confirm them
| without reading what needs access anyway, so you're golden
| to do whatever you want.
|
| The security model of Windows doesn't exist.
| Eavolution wrote:
| Actually windows can keep them in memory for a lot longer
| than you'd think, hence Mimikatz
| https://github.com/ParrotSec/mimikatz
| edoceo wrote:
| Yep, not difficult at all.
|
| This prompt got me some mostly looks OK Python
|
| > Can you make a simple windows program that will get all the
| window titles from active programs running
| halfcat wrote:
| Definitely possible. This is how chat bots worked on AOL in
| the 90's, basically the FindWindow and FindWindowEx functions
| in the win32 API. Hasn't changed much (if any) since then.
| ranger_danger wrote:
| Not only can most apps see the titles of all other open windows
| on the system, but they can log all your keystrokes, take
| screenshots, record audio/video of you or your screen, or
| copy/delete all the files in your home directory, without any
| explicit permission or notification.
|
| This is at least true for Windows and most traditional (X11 at
| least) *nix systems.
|
| That is one thing I think Android got right... by default it
| runs every application as a different user. That means
| different home folders and no visibility into other apps.
| esprehn wrote:
| Originally Android apps could draw over top of any other app
| though which is a phishing nightmare. It took them a long
| time to make that a permission, and then everyone granted it
| until they finally added the bubbles API recently.
|
| Permissions are difficult to get right, and Android is
| unfortunately pretty slow to react.
| Numerlor wrote:
| On windows you shouldn't be able to do (most of) these
| directly with apps running under admin, though that's a small
| consolation when the browser is a normal process.
|
| I'm not sure if we'll get away from these anytime soon as any
| out of the box solution will inherently limit the user's
| freedom that has persistently been there for decades on PCs
| ranger_danger wrote:
| I have absolutely done all of these things on Windows, even
| for commercial applications. Programs that keylog (i.e.
| calls SetWindowsHookEx) sometimes get tagged by antivirus
| though.
| myself248 wrote:
| Oh yeah, AutoHotKey's ability to do this actually underlies a
| lot of useful AHK scripts.
| yjftsjthsd-h wrote:
| Right; I think having the API exist is a good thing, it's
| just a question of making sure that it's only used in ways
| that the user allows. Your own scripts inspecting and
| controlling arbitrary windows on your own machine => great,
| third party programs doing the same thing without your
| informed consent => bad. (In practice, this means I'm a big
| fan of extensive permission systems that have the ability to
| deny or fake responses at the user's direction)
| kelvinjps10 wrote:
| In windows you can there is a api for windows titles, I knwo
| because I was building an app that needed it
| bcoates wrote:
| Windows has a whole different (looser, older) security model.
| There are no security barriers between windows running on the
| same desktop. (In particular, "UAC is [still] not a security
| barrier"--when you hit ok/type in a password to elevate a
| process, you're effectively elevating the whole desktop and
| everything you're running.)
| jorvi wrote:
| No, that is completely wrong and would be nuts. The only way
| the whole session gets elevated is if you'd launch
| explorer.exe with an admin token.
|
| The way privilege escalation works on Windows is that pretty
| much everything gets launched with a standard user access
| token by default, and processes can request an admin access
| token in a few ways, UAC being the main one. When a process
| is supplied that token, _that process_ is elevated.
|
| It is more akin to 'sudo' rather than 'su', which makes sense
| because its progenitor is 'runas' from Windows 2000.
| bcoates wrote:
| (Only) the process is elevated, but the process has a
| window on a shared session, and the OS does not
| successfully protect processes that share a session (and
| user, and registry, and disk, etc., etc.) from controlling
| each other.
|
| From an API point of view, only one process is elevated.
| From a security point of view, if one process is elevated
| they all are, due to a lack of any effective mechanism that
| actually stops them.
| jorvi wrote:
| No, even then there are things like Mandatory Integrity
| Control and Windows Message Restrictions / UIAccess. I'd
| dive into to deeper but I just got home from going out
| haha. Those terms should help you dig into it though!
|
| I do fully agree that desktop OSes are a legacy security
| model and they can't hold a candle to that of iOS.
| Android is getting there, but because it also started
| from mostly an open all-access model it's been having the
| same warts.
| SpaghettiCthulu wrote:
| Can you inject into an elevated process from a non-elevated
| one?
| userbinator wrote:
| Long-time Win32 programmer here - yes. This is by design. To
| use an analogy, Windows is like a "high-trust society".
|
| There are functions EnumWindows() and EnumChildWindows()
| specifically for this purpose.
|
| See utilities "Windows Modifier v2.00" (when I first downloaded
| it there were many pages about it, but it's a sign of how
| forgetful the Internet has become that I barely get any results
| about it now even searching for that exact name) and
| Microsoft's own Spy++ (SPYXX.EXE) for an example of this
| functionality.
|
| The solution to an app you don't trust is to not use it at all,
| or use it in a VM.
| phyzix5761 wrote:
| How do you identify apps that you shouldn't trust? Sometimes
| trust is assumed only until evidence is given that trust
| shouldn't be given. Which makes no sense to me. Why was the
| initial trust so easily given?
|
| A solution is to not use third party apps but most people
| aren't going to go that route. The VM idea is a good option
| though.
| pjerem wrote:
| > Why was the initial trust so easily given?
|
| Because this architecture predates the existence of the
| current privacy nightmare.
|
| In fact it predates the general availability of the
| internet. How could a program you would install from a
| floppy/compact disk bought on a store behave maliciously if
| you didn't or barely had access to the internet ?
|
| And then it stayed like this because Windows is heavily
| marketed as being retro compatible.
| userbinator wrote:
| It's also from a time when corporate mass surveillance
| was universally hated, software was not a service, and
| "phoning home" or requiring an Internet connection
| considered unacceptable to the majority of users.
| tredre3 wrote:
| > How hard would it be for an app to monitor all of your web
| traffic based on the title alone?
|
| Although not terribly accurate (because of the high variability
| of page titles), tools like ManicTime and ActivityWatch use
| windows titles to track your browser history if you don't
| install the browser plugin.
|
| https://www.manictime.com/
|
| https://activitywatch.net/
| dTal wrote:
| Another fantastic reason to strictly only install apps from
| F-Droid.
| JohnFen wrote:
| How does that address the problem? Does F-Droid do some sort of
| additional screening to keep out apps that do this?
| marcodiego wrote:
| First, f-droid only accepts OSS apps, so the incentives for
| spyware is simply not there. Second, anti-features are
| explicitly marked on f-droid. Third, f-droid apps are curated
| like a very rigorous linux repo.
| JohnFen wrote:
| Being an OSS app is not sufficient protection. Most OSS
| apps aren't terribly misbehaved, but some are. Being OSS in
| and of itself is not anything like a guarantee with this
| sort of thing.
|
| > Third, f-droid apps are curated like a very rigorous
| linux repo.
|
| Yes, I know. My question is is this one of the things
| they're screening for?
| dandersch wrote:
| packages on f-droid list all required permissions explicitly,
| and the mentioned permission seems to be listed as "query all
| packages: Allows an app to see all installed packages.". It
| doesn't mark the app as having "anti-features", but you can
| at least make a more informed decision this way.
| JohnFen wrote:
| That's pretty cool, but the article says that most apps
| that are doing this sort of thing aren't using the query
| all packages permission and instead are using the facility
| to provide a specific list of apps they're checking for,
| which is not permission-gated.
| wkat4242 wrote:
| It is. It specifically says that the apps must be
| declared in the manifest like other permissions. So it's
| a specific permission for each app really. F-Droid could
| query that if it wants to (not sure if it does)
| throwaway290 wrote:
| Did you stop reading before the post got to the MAIN
| loophole that doesn't require the list of apps in the
| manifest? How does F-droid describe MAIN?
| wkat4242 wrote:
| Yeah I did as the article was a bit long. But I'm sure
| this is detectable too as it must be in the manifest.
| throwaway290 wrote:
| The article already showed it is detectable. But it is
| not detected by Google and I am unclear if F-Droid
| detects it either...
| duskwuff wrote:
| > It doesn't mark the app as having "anti-features"
|
| I suppose they must be too busy ticking off "anti-features"
| like "can communicate with non-Free services" to notice
| that sort of thing.
|
| (No, really. F-Droid will tag applications like a Mastodon
| client as having "anti-feature: Non-Free Network Services",
| presumably because it can be configured to connect to
| servers running non-free software?)
| hnburnsy wrote:
| My daily driver has minimal apps, most from F-Droid. An old
| iPad on my IOT network has any other apps needed.
| zx8080 wrote:
| > For extremely specific use cases such as file managers,
| browsers or antivirus apps, Google grants an exception by
| allowing QUERY_ALL_PACKAGES permission, which provides full
| visibility into installed apps.
|
| Why would browser need to enumerate the installed apps?
|
| Why?!
| Borealid wrote:
| When a user visits a play.google.com URL Google wants to be
| able to show either an "install" or a "launch" button
| contingent on whether the app is already installed.
|
| In other words, blame Google product management.
| lurking_swe wrote:
| this doesn't make sense and sounds like an excuse IMO.
|
| Instead of the browser enumerating all apps, why can't it
| check when you visit a page if the current page (ONLY the
| current page) is installed as an app?
| jerbear4328 wrote:
| How would the OS know if the app that the browser is
| querying about is actually the current page? For all the OS
| knows, the user might be quickly visiting a ton of
| play.google.com pages for the top 1000 apps on the app
| store.
| heavenlyblue wrote:
| make it into a system dialog?
| LordShredda wrote:
| But God forbid users learn how to use their device. All
| of this could be prevented by having the users manually
| pick the application instead.
| lurking_swe wrote:
| > How would the OS know if the app that the browser is
| querying about is actually the current page?
|
| Maybe i'm missing something, but it sounds like it would
| be easy for google to support this functionality by
| letting developers configure this in their app "bundle".
| A property that tells the OS "my app is related to domain
| example.com". Make it an array of domains if you must.
| charcircuit wrote:
| Intent filters can be for domains. It's how deeplinks
| work. But with querying being locked down you can't know
| what apps can handle a deeplink.
| codethief wrote:
| > A property that tells the OS "my app is related to
| domain example.com". Make it an array of domains if you
| must.
|
| Elaborating on the sibling's comment: There is already
| such a property that apps must set in their manifests in
| order for them to be able to react to links/intents for
| domain-associated-with-the-app.com.
|
| But it doesn't address the question of how a browser is
| supposed to be able to open links to domain-associated-
| with-the-app.com in that app, without Android revealing
| to the browser whether the app is installed or not. In
| short: The browser will, by construction, be able to
| determine which apps you've got installed or not.
| pizza wrote:
| I mean, do Windows or macOS tell the browser which mail
| apps you have installed when it handles a mail:// URI?
| josephg wrote:
| No, but web browsers do have the ability to ask the OS
| which application is associated with a certain url type.
|
| But it doesn't leak that information to web pages.
| catigula wrote:
| A minor UX difference doesn't really feel like a great case
| for reducing user privacy, it makes me a little concerned
| about priorities... which I already was, really.
| Jach wrote:
| I don't buy this. Google has this information on their
| backend, they don't need to query any local state. Indeed,
| when I visit a play.google.com URL, google checks if my
| browser is logged in or not. If it is not, the default is
| "Install" no matter what. If I do have a session, then it's
| either "Install" if I don't have it installed, or "Install on
| more devices" if I do have it installed.
| NoahZuniga wrote:
| This is true, but if they didn't allow this permission for
| other browser apps that would be anti-competitive.
| kelvinjps10 wrote:
| These kind of links open the play store app directly and the
| informstion it's displayed there
| nulld3v wrote:
| File managers need full access as you can use that ability to
| extract and inspect the code of any apps installed on the
| system. It is a very useful feature and I would hate for it to
| be removed.
| Kwpolska wrote:
| Perhaps it's checking which apps can handle links?
| mightysashiman wrote:
| That is managed by the system. Settings > Apps > Default apps
| > Opening links
| billfruit wrote:
| Indeed some of these apps really ask for such expansive set of
| permissions than they need.
|
| Obsidian for example asks for permission for entire filesystem,
| while it really needs to access the files which the user needs
| it to see.
| andsoitis wrote:
| > everyone knows all the alls on your phone
|
| On Android phones. iPhone doesn't have this privacy deficiency.
| piyuv wrote:
| Right, only Apple knows, but it's ok, they're the good guys
| andrei_says_ wrote:
| Definitely not "good" but I'm still to see anything remotely
| resembling the complete disregard for privacy and security
| typical for the adtech-driven android ecosystem.
|
| Just a different business model, not a display of moral
| values.
|
| Sure, Pegasus exists but I don't think it is commodified yet.
| jmb99 wrote:
| Ignoring the sarcasm...
|
| What evidence is there/can you present that Apple is making
| use of this information in a negative way?
|
| How can Apple _not_ have a list of installed apps on your
| phone while maintaining basic functionality (automatic
| updates, reinstalling apps from backup, etc)?
| PaulRobinson wrote:
| Sort of. They have a list of apps you've bought/installed
| through app store, and they can figure out what you've
| deleted based on what your phone is pinging for update checks
| on.
|
| If they went beyond that, or disclosed that knowledge, or
| allowed an app to get that manifest without your permission,
| it would destroy their brand image built around privacy, in a
| way that would cause long-term irreparable damage.
|
| They decided to not comply with laws compelling them to add
| back doors to optional encryption on iCloud storage, rather
| than tarnish that image, because they know how valuable that
| trust is.
|
| You can dump on Apple all you want, but compared to Google
| who plead with people to use their browser and phones to
| improve adtech surveillance they can monetize, I think
| they're doing OK and are a _lot_ more trustworthy.
| criddell wrote:
| > they're the good guys
|
| In a relative way, they definitely are.
| ctippett wrote:
| Are you sure? I know someone in adtech and I'm pretty sure
| Apple allows a similar app manifest that allows you to check
| for specific apps. I could be wrong.
| phony-account wrote:
| > I know someone in adtech and I'm pretty sure Apple allows a
| similar app manifest that allows you to check for specific
| apps. I could be wrong.
|
| On iOS an app developer will need to register in advance
| which external applications their app intends to query, and
| the list needs to be very short and motivated. [1]
|
| Incidentally, "I have a friend who says..." isn't really a
| good citation anywhere outside Reddit - which HN resembles
| more and more each day.
|
| [1] https://www.hackingwithswift.com/example-code/system/how-
| to-...
| ctippett wrote:
| Thanks for the information.
|
| I suppose a more appropriate term of phrase would've been
| "I'd heard anecdotally...", but I agree I was lazy with my
| original reply. I appreciate the feedback.
| collingreen wrote:
| You're nice. I don't appreciate the extremely tired "hn
| looks more and more like Reddit every day" slop and I
| think you handled it with grace.
| reaperman wrote:
| Comparing HN to resdit is explicitly against HN
| guidelines. Though sometimes I think the only reason it's
| never "true" is because Reddit is a moving target. Both
| HN and reddit get worse over time, so HN never catches up
| to how bad Reddit is.
|
| Also the bots have not invaded HN, which is a truly
| massive distinction.
| phatskat wrote:
| > Both HN and reddit get worse over time
|
| I think this is probably true of any online community.
| I'd wager that an online community needs more users to
| grow and be sustainable, and more users inevitably means
| more content, and more content means less _high-quality_
| content overall.
| refulgentis wrote:
| You're too kind, their reply was extremely rude to you. I
| have been here 16 years, been an iOS developer just as
| long, and have no idea why your comment is "Reddit."
|
| A simple thought exercise for me is "Which of these two
| comments is more Reddit?" - I'd say the one that came
| with curiosity is HN, the one that bats around half
| truths combatively and invoking Reddit isn't.
| refulgentis wrote:
| I don't think it is worth being dismissive.
|
| I snorted when I got to the self-important haughtiness
| about reddit.
|
| Why?
|
| - You immediately recognized what they meant.
|
| - They weren't advancing a claim, they were indicating a
| basis for their interrogative, likely to avoid seeming
| naive when claiming it out of nowhere.
|
| - The article we're commenting on describes the same
| mechanism you claim differentiates iOS. ("register in
| advance...which applications...intends to query, and the
| list needs to be very short and motivated.")
|
| - I've worked heavily on iOS and Android since 2009. As
| close to a graybeard as you can get in mobile. I'm
| searching, reaching, grasping for any sign you've done
| anything other than Google and link the first article you
| saw, and I can't find _any_. At all. But I don't think
| that's wrong. You're trying. Why is it wrong for the person
| you asked to try too?
|
| - There's strong signs you didn't read the article we're
| commenting on.
|
| - If you had, it is unlikely you would have said iOS was
| differentiated, then laid out the exact same mechanism
| described in the article.
|
| - There's strong signs you didn't read the article you
| linked.
|
| - On iOS you can register _URL schemes_ in a plist, these
| aren 't "external applications you intend to query" and the
| list does not have to be "very short and motivated"
|
| I get cranky too, but, I am grateful I recognize it is very
| reddit to cry Reddit and edit it out, or delete.
| phony-account wrote:
| > There's strong signs you didn't read the article you
| linked.
|
| What could possibly indicate I didn't read the article?
| Of course I read it. Isn't your assumption of my bad
| faith also explicitly against HN's guidelines?
|
| > On iOS you can register URL schemes in a plist, these
| aren't "external applications you intend to query" and
| the list does not have to be "very short and motivated"
|
| I'm also an iOS developer- and yes it does.
| cosmic_cheese wrote:
| Yeah Apple used to be more loose with registered URL
| schemes, but tightened up a few years ago ands so now if
| you submit with a huge list of schemes the app has no
| good reason to use you're going to get bounced.
| refulgentis wrote:
| > What could possibly indicate I didn't read the article?
|
| What I laid out, namely, that you described iOS the same
| as the article, while simultaneously claiming iOS differs
| significantly.
|
| > On iOS you can register URL schemes in a plist, these
| aren't "external applications you intend to query" and
| the list does not have to be "very short and motivated"
|
| > I'm also an iOS developer- and yes it does.
|
| Which part is "yes it does"?
|
| We both can agree quite quickly that URL schemes in a
| plist aren't "registering apps." You can drag this out a
| couple turns by playing shell games first by ignoring the
| URL schemes difference, then by making me do the leg work
| to show it's trivial to find apps with dozens of apps in
| that list.
|
| Either which way, I continue to be taken aback by your
| snarkiness towards the original post and cries of Reddit
| given you know you were 100% wrong on this.
|
| You're in a really bizarre situation where too much
| territory was staked out and you're defending it all: you
| can't claim this was a remotely accurate description
| _and_ you read the article about Android _and_ iOS is
| different. It 's already a farce, then throw in scolding
| about how HN is Reddit because of low quality posts...my
| goodness, my friend.
|
| > Of course I read it. Isn't your assumption of my bad
| faith also explicitly against HN's guidelines?
|
| No, because I said "There are strong signs", I didn't say
| "You didn't read it."
|
| Also, why would not reading be "bad faith"?
|
| You are extremely focused on making attacks and
| perceiving them in others, please take a step back and
| note: "But I don't think that's wrong. You're trying. Why
| is it wrong for the person you asked to try too?" - you
| shouldn't have to make up an interpretation where gently
| chiding you for being rude turns into invoking rules and
| accusing you of bad faith
| swat535 wrote:
| Is that also the case for alt-store apps available in EU ?
| robin_reala wrote:
| Could you take a moment of your time to read the last point
| in the HN Commenting Guidelines?
| https://news.ycombinator.com/newsguidelines.html
| czk wrote:
| Not sure about the manifest but recently I've seen talk about
| some banking apps using
| SBSLaunchApplicationWithIdentifierAndURLAndLaunchOptions
| (undocumented function in SpringBoardServices) [0] to try to
| launch another app on the phone by the bundle id, and they
| can determine if it's installed or not.
|
| They were using this trick to detect unauthorized apps on the
| phone.
|
| https://blog.verichains.io/p/technical-analysis-improper-
| use...
|
| [0] - https://gist.github.com/wh1te4ever/c7909dcb5b66c13a217b
| 49ea3...
| wkat4242 wrote:
| On iOS it's kinda worse in some ways. If you enroll into a
| company MDM they can see all your apps.
|
| On Android if they use the work profile (which is the standard
| method these days) they can only see the apps inside there.
| fashion-at-cost wrote:
| I would have to strongly recommend nobody enroll a personal
| device in a company MDM. If the company needs you to have
| mobile connectivity that badly, they can give you a device.
| illiac786 wrote:
| I think it's a personal decision. I really, really do not
| want to carry two huge slabs around. One is already too
| much.
|
| Account driven MDM enrolment pushes the Pareto front when
| it comes to privacy/conveniency compromises from my point
| of view. I will ask my IT if they have already looked at
| it.
| jmb99 wrote:
| I mean... isn't that expected of an MDM? I have always
| assumed that any company device (i.e. any device enrolled in
| an MDM) is under 100% control and surveillance of that
| company. Being able to see my installed apps is the least of
| my worries.
| wkat4242 wrote:
| No I (as a mobile admin) don't think it should be like that
| at all, at least not for BYOD devices.
|
| Android has this really well worked out with their work
| profile. It's like having a company VM on your phone.
| Really great separation.
|
| But on Apple we can't use a similar option which I admit
| does exist, but there's too many strings attached (see the
| discussion above).
| asah wrote:
| get a separate device for work ?
| pjerem wrote:
| _ask_ a separate device for work.
| wkat4242 wrote:
| True, if you use it for work they should provide you one.
|
| The problem is of course carrying two devices with you.
| mgriepentrog wrote:
| Apple introduced account-driven enrollments in 2021[1], which
| behaves similar to Android's work profile. Managed apps/data
| are kept in its own APFS volume, and MDM servers don't have
| access to anything outside of it. They also disallow system-
| wide commands like wipe device. The only caveat is you need
| managed Apple IDs[2] to use this enrollment flow, and I doubt
| many companies have set it up.
|
| Regardless, MDM installed app visibility is limited to those
| users who opt-in to an organization managing their personal
| device, and isn't an effective way to broadly gather what
| apps a given person has installed. What's described in this
| post would work on any user/device, and there's no way to
| deny/opt-out of specific permissions.
|
| [1] https://developer.apple.com/videos/play/wwdc2021/10136/
| [2] https://support.apple.com/guide/apple-business-
| manager/use-m...
| whs wrote:
| I'm working on implementing this for the company, and the
| annoying limitations on iOS is that you can't clone apps.
| If you want Gmail (as an example) as managed app, you can't
| have another Gmail as unmanaged app. While the company
| can't see inside the Gmail managed app (without the app
| itself explicitly providing that feature), the company can
| remove Gmail (and any local data inside the app) at any
| time.
|
| Fun fact from the MDM implementation - the most private way
| (at least to the company policies) to have a company-
| connected device is to buy a separate phone and install
| company's MDM on it. On company provided devices, the
| company may locate company's assets at any time but doing
| so on a personal device is a privacy breach.
| wkat4242 wrote:
| Yes, Apple hates the idea of work-badged apps that
| Android has. I have to admit, a lot of our users don't
| grok it either at first. However once they realise the
| benefits (the company has much less visibility, AND they
| can turn off the work section completely with the touch
| of a button) they usually come around pretty quickly.
|
| The bad part of this is that apps have to specifically
| support the multiple profiles option, otherwise they
| can't be used for this.
|
| And yes, I agree, that is the best way. We have the same
| restrictions for personal devices. Though I as an admin
| know we never use the locate functionality (and I know
| every person who has access to it).
| illiac786 wrote:
| Donyou know if account driven enrolment requires
| different phone numbers for the MDM managed apps and the
| personal ones? Specifically for the diaper app for
| example.
| wkat4242 wrote:
| Yes I know about User Enrolment. The problem is the managed
| Apple IDs are a complete and total dealbreaker. So I'm not
| even considering this as an option.
|
| The reason is that Apple demands that the UPN (the account
| ID) and the email address are the same. For us this is not
| the case (our UPN is our employee number as an email
| address, whereas our email address is just our name). And
| obviously we're not going to change this for ten thousand
| users because Apple wants to (most of which don't have
| Apple devices because we're a European company). Also, you
| have to manually decide what happens to each user that has
| already created an account with their corporate email
| address and what to do with the content they purchased on
| it. This is not feasible for a large corp. We have
| commented this to our Apple account manager for years and
| years but they simply don't care. If you work in this realm
| you probably know that Apple doesn't really care about
| things that matter for their corporate customers anyway.
| The consumer is their main client and it shows (unlike with
| Microsoft where it's the opposite).
|
| So the whole account-driven enrolment (User Enrolment) as
| well as everything else depending on managed Apple IDs like
| DEP for Macs is completely out of the window.
|
| The problem in my opinion is that I as an admin can simply
| query for example all the employees that have something
| like Grindr installed. Considering the current political
| climate in the US (or worse, the middle east where this can
| lead to a death sentence in some cases) it's obvious why
| this is super bad. And really, why should we be able to do
| this at all?
| neither_color wrote:
| Speaking of iPhone, Im curious about something. On occasion, I
| log into the [former] bird app using the web app because it's
| enough to check up on some key follows.
|
| Recently, they released a major update to their LLM feature and
| I installed the app to check it out. While I had the app
| installed, every time I checked the mobile website there was a
| large banner directing me to go to the app. Ad blockers and
| distraction blockers would not get rid of it. When I deleted
| the app again, it was gone. What gives? Why does the mobile
| website know whether I have the app installed? How come
| content+distraction blockers are enough to block all reminders
| to use the app when it's not installed, but are irrevocable if
| I have the app installed?
| js2 wrote:
| Apple calls these Smart App Banners. Webkit cooperates with
| iOS to present them according to a meta tag in the page:
|
| https://developer.apple.com/documentation/webkit/promoting-a.
| ..
|
| You can get rid of them with the Unsmartifier extension.
|
| https://old.reddit.com/r/apple/comments/q55753/unsmartifier_.
| ..
|
| The StopTheMadness extension can also remove them (among many
| other things... this extension is a must have for me):
|
| https://underpassapp.com/StopTheMadness/support-ios.html
| hnburnsy wrote:
| >Apple calls these Smart App Banners. Webkit cooperates
| with iOS to present them according to a meta tag in the
| page
|
| JFC. Are they disabled if you ask for the desktop site?
| uni_baconcat wrote:
| I think it won't. I tried open X.com desktop version on
| iPad, Safari still showed "open with X app".
| happyopossum wrote:
| > Why does the mobile website know whether I have the app
| installed?
|
| To clarify - the mobile website doesn't. It has meta tags
| that tell safari what app it's tied to, and safari displays
| associated the app banner.
| scarface_74 wrote:
| This was somewhat mitigated on iOS a few years ago.
|
| You could try to communicate with an app via the custom URI
| scheme and if it succeeded, it would know you have the app
| installed. Twitter used this for finger printing.
|
| An app has to get a special intent and has to list the apps it
| wants to use it for.
| WuxiFingerHold wrote:
| iPhones are _less_ of a privacy nightmare.
|
| One of the biggest incentives for creating apps is to scrape
| all kind of data from the users. Look at how many apps require
| permission to see you contacts. And how many actually need your
| contacts to function. That's why I'm still a bit surprised that
| many seem to be surprised by findings like this one here.
| josephg wrote:
| I wish there was an option for "give bogus contacts" which
| showed the app a list of contacts - but it was all randomly
| generated junk. Make it so the app can't tell if the contacts
| it gets are real or fake.
|
| I read a fiction book years ago where there were cameras
| everywhere. To get privacy, instead of hiding their
| identities the protagonist paid companies to insert bogus
| information into the information brokers' network. So if they
| tried to figure out where they were on a certain day, 20
| records would match. I think this is a much more likely
| vision of the future.
| 3np wrote:
| I guess rather than closing my Google account I should have
| removed the 2FA and changed the password to a weak one on
| the HIBP list (:
| wruza wrote:
| _Look at how many apps require permission to see you
| contacts. And how many actually need your contacts to
| function._
|
| That is, again, not _require_ but _ask for_ on iphone. I have
| zero non-functioning apps on my iphone due to denied access
| to contacts. Even a chinese bluetooth light controller doesn
| 't dare (while refusing to work on android for the same
| reason).
|
| You can hate apple/iphone ecosystem all you want, but let's
| not sneak false claims into how they actually work.
| hk__2 wrote:
| > I have zero non-functioning apps on my iphone due to
| denied access to contacts.
|
| You don't have WhatsApp then.
| nechuchelo wrote:
| I do and deny it access to contacts. Everything works
| fine.
| jen20 wrote:
| iOS grants just the contacts you select - including
| "none" to apps. WhatsApp works fine in that regime.
| hk__2 wrote:
| > Look at how many apps require permission to see you
| contacts.
|
| It is so annoying that it's either "give access to ALL my
| contacts and ALL their information (yes, even the notes I
| took on their favorite things for next Christmas)" or "don't
| give access". I wish we could limit the number of contacts
| and the level of information we give.
| normie3000 wrote:
| Photo access has improved a lot in this regard recently.
| subscribed wrote:
| Check if GrapheneOS suits your needs. It has "contact
| scopes", ie you cna literally allow the app to see single
| contact only.
|
| Same with storage scopes: one directory and that's it.
| CharlesW wrote:
| > _It is so annoying that it's either "give access to ALL
| my contacts and ALL their information... [...] I wish we
| could limit the number of contacts and the level of
| information we give._
|
| iOS added fine-grained (at the contact level) access to
| contacts data last year.
|
| https://lifehacker.com/tech/you-can-control-which-
| contacts-a...
| MBCook wrote:
| They did the same for photos years ago.
|
| Many apps have not updated and perhaps never will.
| CharlesW wrote:
| They don't need to be, since it's enforced at the OS
| level. Users can limit permissions to individual contacts
| regardless of whether iOS apps have been updated to
| explicitly handle that use case.
| knlam wrote:
| Actually you can via private API, which Apple app use all the
| time but forbid other app to use
|
| https://blog.verichains.io/p/technical-analysis-improper-use...
| buyucu wrote:
| apple is the worst product for privacy. The entire ecosystem is
| closed source. You know nothing about what apple is doing.
| sfoley wrote:
| It's a clickbait title that needs to be changed to stop
| spreading misinformation.
| MBCook wrote:
| They did, long ago. I remember when it was shut down after
| someone made the problem public, like this.
|
| I'm amazed Android still allowed this in 2022.
| avsteele wrote:
| If they just audited apps and banned companies from the app store
| for abuse it would do a lot to curb this behavior. This is
| feasible, there just aren't THAT many popular apps at any given
| time.
| whatevertrevor wrote:
| They could start by at least closing the MAIN intent filter
| loophole.
| marcodiego wrote:
| Well, things are particularly more complicated on my case: I
| don't use google services and only install apps from f-droid.
| Tmpod wrote:
| It requires root, but you can block/spoof this with an LSPosed[1]
| module such as XPrivacyLua[2]. I hear there's also the closed-
| source AppOps[3], but I've never used it.
|
| [1]: https://lsposed.org [2]: https://github.com/M66B/XPrivacyLua
| / https://github.com/0bbedCode/XPL-EX [3]:
| https://appops.rikka.app
| dheerajvs wrote:
| I've not heard of XPrivacyLua, which is by the same author of
| the excellent NetGuard[0], which I've been using for years.
|
| Interestingly XPrivacyLua is not supported anymore and the pro
| companion app will be removed from the Play store by Google
| because it uses the permission QUERY_ALL_PACKAGES.[1]
|
| [0]: https://github.com/M66B/NetGuard [1]:
| https://xdaforums.com/t/closed-app-xposed-6-0-xprivacylua-an...
| Tmpod wrote:
| Indeed, it is a shame. However, XPL-EX is a fork (though with
| much internal code (re)written at this point) with even more
| capability, while maintaining the familiar and simple UI.
| Seems pretty neat!
| solardev wrote:
| Privacy issues aside, it's kinda cool reading about how Indians
| use their phones, and also how they use English. I'd never heard
| "beyond the pale" before, and I'm still not sure what the idea of
| "multiple Indias" means when some of them are Mexico and some are
| Africa...?
|
| I've also never heard of the majority of the apps being analyzed
| or tracked. Must be such a different world out there.
| rashidujang wrote:
| From the context, what I gather was meant by the idea of
| "multiple Indias" was the socioeconomic status of different
| demographics in India and their app usage. The presence of
| specific apps gives a tell to which demographic they belong to.
|
| In other words, the richest demographic used certain apps and
| was equated to folks in Mexico, followed by the less rich
| equated to folks in Indonesia and the poor to Sub-Saharan
| Africa.
| milesrout wrote:
| Beyond the pale is commonly used in English. A pale is a stake,
| and it means beyond the boundary (set out by a fence with
| stakes, hence the phrase) of what is acceptable. It gaines
| popularity in the mid 19th century. It may be related to the
| term "the Pale" which referred to the better controlled more
| Anglicised part of Ireland around Dublin, but there isn't
| enough evidence to be sure of this. Certainly not an Indianism
| anyway.
|
| >I'm still not sure what the idea of "multiple Indias" means
| when some of them are Mexico and some are Africa...?
|
| Is it not pretty obvious? It is like the phrase "middle
| America". It doesn't literally mean a different country. It
| means different wealth categories: the Indians that when
| considered as a whole are economically equivalent roughly to
| Mexico, those roughly equivalent to Indonesia (poorer) and
| those roughly equivalent to Sub-Saharan Africa (poorest). There
| are ~1b Indians that are still so poor they aren't
| realistically in the market for your startup app if it wants
| its customers to ever spend anything, there are ~300m Indians
| that could be in the market for some apps, but probably mostly
| free ad-funded ones, and there are ~150m Indians that are quite
| a good market because they will happily spend money on
| something that provides value.
|
| I got all this just from reading the post btw.
| solardev wrote:
| Makes sense, thanks! I love reading about how other cultures
| do software.
| DevKoala wrote:
| > How is knowing whether I have the Xbox or the Playstation app
| installed on my phone essential to their Swiggy's core
| functionality? How will knowing if I have the Naukri or Upstox
| app help them deliver groceries to my doorstep?
|
| It is for fingerprinting purposes
| wutwutwat wrote:
| fingerprinting is the best case scenario
| _heimdall wrote:
| What's the worst case, in your opinion?
| hattmall wrote:
| Targeting and profiling. Reselling the data.
| _heimdall wrote:
| Maybe I'm wrong, but that feels pretty similar to
| fingerprinting. Usually that's why online services try to
| fingerprint you, for advertising and data revenue.
| DevKoala wrote:
| That is what the fingerprinting is for.
| YetAnotherNick wrote:
| Fingerprinting is just for identifying user, not getting
| user data. You can potentially resell things like app
| usage to credit rating company.
| DevKoala wrote:
| That is profiling.
|
| Fingerprinting is an identification mechanism. It is most
| commonly used for targeting and profiling.
| em3rgent0rdr wrote:
| The US Customs & Border Control apps ("CBP Home" and
| "Mobile Passport Control") could check for blacklisted apps
| and flag you to be deported to an El Salvadorean gulag
| without due process.
| _heimdall wrote:
| Does El Salvador do gulags? I thought that was more of a
| Russian approach to imprisonment.
| skrebbel wrote:
| Parent commenter doesn't mean literal gulags, but a
| similarly bad place sent people to by a similarly bad
| government.
| __jonas wrote:
| This is likely in reference to a recent deal the US
| (Trump) has made with El Salvador, allowing them to ship
| US citizens off to prisons in El Salvador, whether this
| is actually possible is not clear at this point though
| [1].
|
| Here is some more information about the conditions in
| these prisons in El Salvador, CECOT being the most
| notable one:
|
| > Able to hold 40,000 inmates, the CECOT is made up of
| eight sprawling pavilions. Its cells hold 65 to 70
| prisoners each. They do not receive visits. There are no
| programs preparing them to return to society after their
| sentences, no workshops or educational programs. They are
| never allowed outside. [2]
|
| I believe the term gulag makes sense in that context
| despite it not being a forced labor camp. Not sure how
| this relates to Russia at all (apart from the origin of
| the term obviously).
|
| [1] https://apnews.com/article/rubio-trump-deportations-
| usaid-f7...
|
| [2] https://apnews.com/article/el-salvador-us-rubio-
| prison-de912...
| pavel_lishin wrote:
| > _despite it not being a forced labor camp._
|
| Well, not yet, anyway.
| nom wrote:
| It also checks for popular remote desktop apps (allow incoming
| connections to the phone) which could be used to increase scam
| success rate.
|
| Same with banks apps, if you are a scammer it's really useful
| to know beforehand what kind of bank the target uses.
|
| There are probably a whole bunch of groups who have a purposes
| for this kind of info, especially if they can link it to the
| phone number.
| captn3m0 wrote:
| The ACTION_MAIN loophole has been written about before:
| https://commonsware.com/blog/2020/04/05/android-r-package-vi...
|
| Google refuses to patch this. I wonder what would happen if you
| submit it to the Android VDP as a permission bypass.
|
| There's also this SO question by the author about the bypass:
| https://stackoverflow.com/q/79527331
| nexle wrote:
| Thanks for the link, seems like the loophole is already there
| since the introduction of the package visibility restriction,
| and almost everyone and their mother knows how to bypass this
| restriction.
|
| > Google refuses to patch this
|
| While I don't believe Google engineers are not aware of this
| widely used loophole, do you have any source that they refused
| to fix it?
| AznHisoka wrote:
| That loophole was published 5 years ago, it hasnt been fixed
| since.
|
| Do you need someone from Google to explicitly write an
| official note, notarized, indicating they are refusing to fix
| it?
| ignoramous wrote:
| > _refusing to fix it_
|
| Google addressed similar isolation concerns (without
| breaking a tonne of APIs in incompatible ways) with Private
| Space and Work Profile:
| https://source.android.com/docs/security/features/private-
| sp...
| whs wrote:
| If it's a security issue fix, they should release it in
| one of the monthly security patch.
|
| I also think that private space do not fix the underlying
| issue. If you have four apps and you don't want them to
| know about each other you can put one of them in main
| profile, work profile, app locker and you run out of
| profile for the last one. The way app locker work doesn't
| scale to tens of sandbox.
| subscribed wrote:
| I know you didn't ask for this sort of answer, but you
| could use user profiles for this.
|
| You can have more users on the "standard" AOSP Android as
| well, but with a certain AOSP-derived you can also have
| notifications forwarding.
|
| Until they add Application List Scopes (I believe it's on
| the road map), in the exactly the same way users can now
| lie to apps they have only specific contacts in their
| contact list and only one or two specific folders in the
| Storage.
| 1oooqooq wrote:
| that proves bad faith.
|
| they keep releasing overly complicated features to
| sidestep the obvious reported vulnerability, to silence
| power users and please corporate enterprise sysadms.
|
| the rest of the 99.9 of users keep the vulnerability,
| which is very profitable for ad networks. wonder why an
| ad networks who maintains android would do that.
| izacus wrote:
| What do you mean with "refused to patch this"? Google will
| reject any app publishing attempt that asks for that filter and
| isn't a launcher on Play store.
| jim201 wrote:
| Author claims that this same hack is used widely, including
| by apps on the Play Store like Snapchat and Facebook.
| whatevertrevor wrote:
| How is that congruent with the article's claim that 31 out of
| 47 apps they tested had this filter?
| izacus wrote:
| No idea, but we did have apps rejected because of similar
| permissions.
| cAtte_ wrote:
| "similar". so what you said isn't true then?
| Mindwipe wrote:
| The HSBC bank app uses this and is in the Play Store.
| 3abiton wrote:
| > Google refuses to patch this.
|
| That's why projects like XPL-Extended (and previously
| XPrivacyLua), are an absolute need. I never run an android
| phone without these.
| ignoramous wrote:
| XPrivactLua and other XposedMod/Magisk extensions break open
| the app sandbox. It is better to restrict running those on
| usereng/eng builds (test devices). For prod builds (user
| devices), I'd recommend using _Work Profiles_ (GrapheneOS
| supports upto 31 in parallel) or Private Spaces (on Android
| 15+) to truly isolate apps from one another.
| pava0 wrote:
| What do you mean by "break open the app sandbox"?
| schnatterer wrote:
| I found this description about the security risks of
| rooting very eye-opening https://madaidans-
| insecurities.github.io/android.html It also explains the
| sandbox.
| ignoramous wrote:
| A more recent (2023) sandboxing + isolation overview by
| the Android team: https://arxiv.org/html/1904.05572v3/
| (section 4.3)
| NotPractical wrote:
| > Android's security design has fundamentally been based
| on a multi-party authorization model: an action should
| only happen if all involved parties authorize it.
|
| > these are user, platform, and developer (implicitly
| representing stakeholders such as content producers and
| service providers). Any one party can veto the action.
|
| How is this not anti-user? It explicitly states that the
| app developer should be able to veto my decisions...
| dataflow wrote:
| That link seems to have... an agenda. It's way too hand-
| wavy (e.g., it doesn't at all attempt to tease out the
| nuance of whether a rooted phone inherently has a broken
| security boundary by design, or whether [like on Linux]
| it's secure as long as the implementation is non-buggy)
| and seems laser-focused on convincing users that desire
| sovereignty over their own devices that they might as
| well jump off a cliff.
| max-privatevoid wrote:
| Madaidan's articles are well-known to be centered around
| "security at all costs", and often at the cost of user
| freedom. That's just not a realistic take when it comes
| to privacy. What good is absolute security if all it does
| is secure the device from your "tampering"? Sure, it
| would be nice if the device were highly secure, but I'd
| rather it stop spying first.
|
| With absolute security, you can rest assured that only
| Google has access to all of your data, and only Google is
| allowed to turn off the siphoning.
| v1ne wrote:
| The question is: Who is the beneficiary of the app sandbox?
| Is it you, the user, because no malicious processes can
| taper with your apps? Or is it the corporations, because
| they prevent you from modifying their apps - which makes
| you a pure consumer?
|
| I think, for the tech-savvy, the latter is more accurate
| and I think it is very important to be able to crack open
| these sandboxes and tinker with processes. Be it to inject
| ad blockers, automate them, modify their appearance, etc.
| It should be a right of a user to be able to do these
| things.
| subscribed wrote:
| I, the user.
|
| Malicious apps sneak through the vetting process all the
| time.
|
| Genuine, honest apps have to process unsafe content (be
| it we pages, messages) all the time.
|
| One exploit should at most make single App vulnerable,
| not expose _everything_ I have on my phone.
|
| Strong, restrictive sandboxing, memory and execution
| protections are the only safe way.
|
| And how is destroying the sandboxing related to having
| more rights as a consumer? You could still patch and
| repack them in the way Lucky Patcher does with ads, for
| example?
| ignoramous wrote:
| > _I think, for the tech-savvy, the latter is more
| accurate and I think it is very important to be able to
| crack open these sandboxes and tinker with processes_
|
| Anyone tech-savvy that wants to mod their Android (like
| they'd mod Linux distros), should consider purchasing
| Android devices (like Pixel) that support ownership
| transfer (that is, unlocking then relocking the
| bootloader), and flash CalyxOS/GrapheneOS usereng/eng
| builds.
| subscribed wrote:
| Can't wait for App List Scopes, like we have with Contacts
| or Storage already. Not a day too early.
|
| For a few months all the UK banks I have accounts in send
| the list of all apps to the mothership.
|
| I noticed it first when suddenly Revolut refused to start
| up because I had an app installed, Natwest and Nationwide
| at least inform prior to the data collection, but weren't
| concerned.
|
| It ended up with the long overdue confinement of all the
| banking apps in their dedicated profile, but I'd love to be
| able to confine them further.
| HenryBemis wrote:
| You mentioned NatWest. I remember using NatWest and
| noticing on NoRoot Firewall (on my Android) it was
| 'speaking' regularly to Facebook. Of course I had all FB
| and IG and their IP ranges blocked from the get-go, but
| still. Why (TF!!!!) would my effing back telling FB that
| I launched their app? (one could say that they use this
| or that library, so the code, blah blah blah)
|
| This is disgusting and the reason I don't use iOS. The
| utter lack of firewall! (plus the batterygate scandal)
| saturnite wrote:
| I'm on Android 14 and I've been pretty happy with an app
| called Insular on F-Droid or Island on the Play Store. It
| let's you install as many instances of an app as you'd like
| and they'll show up in the work profile, ignorant of the
| others' existence.
| 1oooqooq wrote:
| it's a frontend to work profiles feature.
|
| not recommended to run insular anymore. use Shelter for
| a14
| rollcat wrote:
| > If there is one leap that the infosec community
| consistently fails to make, it is this: people who are not
| like me, who have different needs and priorities, who have
| less time or are less technical, STILL DESERVE PRIVACY AND
| SECURITY.
|
| https://hachyderm.io/@evacide/114184706291051769
| ErigmolCt wrote:
| Submitting it to the Android VDP is a solid idea, though I
| wouldn't be surprised if it gets waved off as "working as
| intended."
| gregw2 wrote:
| The right ("as intended", in my view) functionality would be
| to support a manifest with, say, five apps, and if as a dev
| you wanted more youd apply to google for an exception (like
| aws limit increases) with a list of reasons for each app.
| TeMPOraL wrote:
| I know people may not remember this, but Android was
| initially designed with _interoperability_ in mind. It 's
| sad to see both the system development and the community
| opinion to have turned against it so hard.
| fluidcruft wrote:
| It seems like the ACTION_MAIN loophole could be fixed
| (eventually) if apps that declare it are required to actually
| be launchers. It seems like legitimate integrations should have
| more specific intents.
|
| At that point, Android prompting if random game you just
| downloaded should be your defaut launcher seems pretty
| dangerous interaction for sneaky apps to risk. They either
| cause the user to bounce and report or the fools select it as
| default launcher, replace their launcher, can't provide the
| launcher functionality and break the user's home screen and end
| up getting reported in Play Store. I also assume actually
| getting published as a launcher-class app at that point brings
| automated testsuites and other requirements that will be
| burdensome for developers.
| billfruit wrote:
| Some apps like Obsidian needs permission to access every file on
| the device. It is surprising Obsidian isn't getting called out on
| that very much.
| wkat4242 wrote:
| It's because it stores the files there so you can sync them
| with other permissions. And also that your notes aren't deleted
| like they would be if they were stored in the internal app
| storage. There's more granular options for filesystem access
| available but if you implement them you limit yourself to the
| latest Android releases.
|
| According to Exodus it has no trackers and it's an open source
| app also so you can see what it does (though tbh I didn't check
| that for the mobile one)
|
| If there's apps to call out there's way worse than Obsidian.
| billfruit wrote:
| Obsidian isn't open source by most reports.
|
| Surely Obsidian do not to see all files on the device, it
| only really needs to see the files the user needs it to see.
| danparsonson wrote:
| There isn't a permission for that though - it's all or
| nothing. I agree that it should be more granular; each app
| should really have its own scoped file storage area by
| default, with "access anything" being reserved for file
| browsers, backup software, etc.
| billfruit wrote:
| Android already has support for scoped storage. So it is
| not clear why Obisidian needs the whole file system
| permission.
| wkat4242 wrote:
| Yes but only later Android versions. If you start
| supporting those you need to move to the corresponding
| API level and that means to drop support for older ones.
| They probably don't want to do that yet. This one is
| Android 10 and up, and the Android 10 version of scoped
| storage was quite basic IIRC so you probably want an even
| later one. I guess they still want to support older
| phones.
| billfruit wrote:
| At the cost of much lower data privacy for users.
| wkat4242 wrote:
| > Obsidian isn't open source by most reports.
|
| On FreeBSD I can build a full copy from source (in fact I
| have to, there is no binary package). The only issue seems
| to be licensing, not source availability. Personally I
| don't care about licensing (I completely ignore it all
| anyway) and it doesn't stop you from inspecting the source
| code.
|
| I think Obsidian is a really great package, I just happened
| to have moved over from OneNote which is horrible Microsoft
| mediocrity and doesn't even have a Linux app. And the web
| version is really useless, it needs to refresh every day
| and it can only search within the same tab, not a whole
| notebook. Such a mess. Obsidian is so quick and efficient
| <3 And there is full self-hosted syncing available, which I
| also use.
| billfruit wrote:
| Obsidian on Android source seems not available. Even
| generally the reports seems that source is not available.
|
| May be the freebsd build is using some binary library
| packages?
|
| A cursory search indicates that one of the freebsd
| 'build-scripts' used for installing obsidian uses a
| binary package for obsidian itself, not building it from
| source.
|
| It strange that about obsidian which seems to be rather
| popular here has many people thinking that it is open
| source, when it is not.
| elric wrote:
| I use Storage Scopes on my GrapheneOS android phone, works
| great. Can decide exactly which files or folders an app gets to
| access.
| subscribed wrote:
| If I'm not mistaken this is because without this permission
| they can only see audio, video and image files. You wouldn't be
| able to use it comfortably to do it's job.
|
| Personally I use it with Storage Scopes on GrapheneOS.
| hnburnsy wrote:
| >For extremely specific use cases such as file managers, browsers
| or antivirus apps, Google grants an exception by allowing
| QUERY_ALL_PACKAGES permission, which provides full visibility
| into installed apps.
|
| 'Extreme' my a*. My bank app has this permission, as well as my
| camera app, contacts app, clock app, Google Home, and on and on.
| My bank app was moved to an old iPad because of this.
| silenced_trope wrote:
| yea I used to work for an advertising network and every game
| that implemented the Android SDK ended up with this permission,
| it was a way that we used to not show ads for games that the
| user already had on their phone
| djrj477dhsnv wrote:
| Anyone know if GrapheneOS has protection against this?
| switch007 wrote:
| It doesn't afaik. Only indirectly through multiple profiles
|
| I was kind of surprised
|
| https://discuss.grapheneos.org/d/13302-query-all-packages-pe...
|
| https://discuss.grapheneos.org/d/7800-how-to-mitigate-identi...
|
| _Later_
|
| For the wider audience: though don't take this as GrapheneOS
| doesn't care about privacy. I'm sure there are reasons (I
| didn't read all of the linked threads) and it gives you plenty
| of other protections and tools - eg profiles, ability to
| disable all network access by app etc
| fph wrote:
| A rationale from the core developer [1]:
|
| > I'm sure there are plenty of system APIs providing this
| information too, and I don't just mean APIs designed to
| directly provide the information.
|
| > It's not useful to prevent directly getting a list of
| installed applications without preventing detecting which
| applications are installed, so this specific feature request
| has to be rejected. It would have to be part of a larger,
| much more comprehensive feature preventing apps from finding
| other apps. That implies outright preventing communication
| with non-system components which is a much different approach
| to applications and rules out a lot of things. [...]
|
| > The request should be for preventing apps from discovering
| which apps are installed, since anything less than that has
| no privacy / security value. There's no point in disallowing
| access to a list while not preventing discovering which apps
| are installed anyway.
|
| The open issue to restrict app visibility is [2].
|
| [1] https://github.com/GrapheneOS/os-issue-tracker/
| issues/149#issuecomment-553590002 [2]
| https://github.com/GrapheneOS/os-issue-tracker/issues/2197
| djrj477dhsnv wrote:
| I get what he's saying, but still seems like blocking the
| easy way of getting a list of apps, while certainty not
| perfect, would prevent most privacy abuse.
| aucisson_masque wrote:
| Yes.
|
| Privacy is not an on off switch, it's about making things
| leak data less.
|
| I really don't understand grapheneos development
| sometimes, like when they refuse to make a setting to
| invert the back and recent button. Yes it's not part of
| AOSP but it's so simple to do and a feature that all
| manufacter offer because people want it, refusing to do
| that is weird imo.
| subscribed wrote:
| Not yet but it's on the road map.
| https://github.com/GrapheneOS/os-issue-tracker/issues/2197
| nickvec wrote:
| Just curious, why was this targeted specifically at Indian apps?
| epistasis wrote:
| The tag line for the blog is "tales from indian web rabbit
| holes."
| wcfields wrote:
| The author is probably Indian based upon the blogs subtitle of
| " tales from indian web rabbit holes. "
| gopkarthik wrote:
| Because the substack's author focuses on Indian web. From their
| description: "tales from indian web rabbit holes."
| bustling-noose wrote:
| Very simple:
|
| Big companies like Swiggy and Zepto will mine the F out of your
| data. Some of it is for their benefit but some of it they could
| sell in the future. These so called founders are really just
| another wolf of app street looking to pump and dump. So when they
| do dump, or when some VC comes with money, they don't just sell
| their app they sell it as a whole package of data and analytics
| that some company can use to sell their product or something VC
| can leverage to sell their stock to someone else. It's not that
| difficult.
|
| As far as smaller apps go these apps outsource their development
| to people who come with 'packages' to develop and maintain their
| app. These packages are the same logic as above but it's just
| that they come from some template so you might be asked for
| location permission or camera or microphone by some really random
| app that has nothing to do with it.
|
| While the quality of iOS is degrading, some of these things are
| really important and simply work better on iOS.
| 6510 wrote:
| If nothing is done why not require competing apps be uninstalled?
| daft_pink wrote:
| iPhone users reading this like.... I love my iPhone.
| vanderZwan wrote:
| If the article explained why iPhone was worse than Android at
| something they'd be like _" whatever, I love my iPhone"_ so I
| don't see how that statement adds any new information.
| hu3 wrote:
| I read some hours ago a comment to the effect of "whatever, I
| don't expect Apple to be good with AI so it's okay for Siri
| to suck since forever, I still love my iPhone"... I can't
| help but be amused at a comment defending a 3 trillion USD
| company technical incompetence.
| turblety wrote:
| I still, will never understand the need for native "Apps". To
| this day, I have never seen an "App" that couldn't simply have
| been a website/webapp. Most of them would likely be improved by
| being a webapp.
|
| The only benefits I can see of "Apps", are the developer get's
| access to private information they really don't need.
|
| Yeah, they get to be on the "App Store". But the "App Store" is a
| totally unnecessary concept introduced by Apple/Google so they
| could scrape a huge percentage in sales.
|
| Web browsers have good (not perfect) sandboxing, costs no fees to
| "submit" and are accessible to everyone on every phone.
| zer0zzz wrote:
| The most basic app, a notepad, I often prefer native. When I go
| between google keep or notion to apple notes I can tell the
| difference. If the text is long enough, the web apps just can
| not load the content.
|
| Just to confirm:
|
| I dumped all of my notes from my insanely large apple notes
| (about 16000 lines of text) and pasted them into Google Keep,
| Notion, Google Docs. With the exception of Google Docs the rest
| of them flat out froze and I had to kill my browser. Stop
| trying to tell us that the browser is the answer to everything
| when most web apps cant do the job of Notepad.exe or vi
| turblety wrote:
| Sorry, I couldn't recreate this. I just built a tiny
| texteditor app:
| https://65cd02a1-8f00-47cb-b1d1-231493de5fc2.paged.net/
|
| Tried putting 20k lines into it. Loaded instantly, allowed me
| to scroll and edit flawlessly.
|
| But I get your point. I'm on a pretty decent 2022 iPhone, and
| I'm sure at some stage I would run into a performance hit.
| But not at 20k lines.
| eknkc wrote:
| Note taking apps generally do formatting, markdown like
| stuff or at least linking to urls in the text etc.
|
| You cant slap a plain text field and assume that emulates
| the actual experience in any way.
| esperent wrote:
| > With the exception of Google Docs
|
| So, one out of three webapps that you tested could handle
| this much text. It suggests that the problem for the other
| two is their implementation, rather than any limitation of
| the browser.
|
| Of the two that failed, did you also try the app versions to
| see if they failed too? I really doubt the Notion app could
| handle 16000 lines of text.
| YetAnotherNick wrote:
| Now try VSCode in chrome and compare it with apple notes. I
| use both and VSCode wins hands down in long lines and files.
| ulrikrasmussen wrote:
| There are also an increasing number of services which are ONLY
| available as apps now, including, but not limited to, many
| financial apps such as Revolut.
|
| A big issue with this trend is that unlike the web, the whole
| Android ecosystem is a walled garden which is strictly
| controlled by Google. In principle you can run your own custom
| Android ROM, but in practice this will lock you out from any
| app which uses Play Integrity API to enforce Google's
| totalitarian regime which dictates what software YOU are
| allowed to run on "your" hardware.
| IshKebab wrote:
| The worst one is the UK's NHS app, which is _only_ available
| as an app, despite being just a webview wrapper! I have no
| idea what they were thinking.
| cyberpunk wrote:
| Sometimes it's a compliance thing, e.g we can only show
| health data if your device passes some security controls
| first.
| WesolyKubeczek wrote:
| What happens when you visit whatever URL is being wrapped?
| IshKebab wrote:
| I dunno, I haven't reverse engineered it to find the URL.
| But I would imagine it gets confused about
| authentication.
| donalhunt wrote:
| Would put money it on it using something like
| '?device_verified=1'.
| whstl wrote:
| IME those apps often have the HTML/JS embedded, so you
| would have to extract the contents, host them somewhere
| and proxy the API calls.
| pasc1878 wrote:
| You go to the nhs webpage and it works in the same way.
|
| Login is better on the iOS app as you can use touch
| id/faceId and not userid/password also the webpage asks
| for cookies as it can't seem to remember the choice
| IshKebab wrote:
| Really? What's the URL that would allow me to see test
| results and book appointments?
| elric wrote:
| Not only that, but these companies are effectively letting
| Google decide who they can do business with. It's insane.
| xenator wrote:
| During earthquake in Bangkok in Friday Grab (local superior
| version of Uber) helped me to order taxi and get my kids home.
| Needless to say that cell phones network collapsed for most of
| the day. All people want to know what happens and is their
| family and friends are safe. They definitely have very
| optimized network layer for poor connections. I bet they can
| switch to udp or something. I'm glad that it wasn't web app.
|
| In many other cases I agree with you.
| PaulRobinson wrote:
| 99% likely they're using a REST API, which is... HTTP.
|
| Even if it's gRPC or something more exotic, it'll be over TLS
| (you best hope it is).
|
| You can have a webapp cached locally on your device. PWAs
| allow developers to create an SPA you can open from your
| homescreen, and to do that API interaction the same way as a
| native app.
|
| I hope you and your family are well, and it's great that tech
| helped. But please, don't think that because this tech worked
| in this instance it can't be made safer and securer.
| YetAnotherNick wrote:
| Switching to UDP won't magically improve your network
| connectivity. The overhead of WebRTC over UDP isn't too high
| as well.
| halper wrote:
| For me, there are a lot of applications that I want to be able
| to load regardless of whether I have a connection to the
| Internet or not: calendar, notes, mail etc. They can
| sync/send/whatever whenever I am next online.
| turblety wrote:
| Ah yeah. While this is mostly implemented terrible, a web app
| can absolutely do this for you using service workers. So you
| can install a webapp to your homescreen and use it without an
| internet connection at all.
| wruza wrote:
| Emulate a network layer to serve a pre-packaged bundle.
| Neat "platform", but as a developer no thanks.
|
| While apps are spying etc, making them is usually a no-
| brainer compared to churning and leaky web stacks. And
| probably not a single time a webapp loaded for me when I
| tried it outside standing in the wind trying to figure
| something out. It was always an app that started and helped
| and didn't ever scroll horizontally while doing so.
| ablob wrote:
| In that case the only difference between a webapp and a
| normal app would be the permissions, wouldn't it?
| jspdown wrote:
| Permissions and performances.
|
| But we could argue that if webapps were more used on
| mobiles, new APIs would have been opened to facilitate
| cross-app integrations.
| sgt wrote:
| You seem to miss the fact that most web app experiences are
| inferior to that of native app.
|
| The disadvantage of native is barrier to install. Once
| that's done, the experience to the user is simply superior.
| True native experience, fast and predictable. As a
| developer it's easier to build those types of apps as well.
|
| People who haven't used iOS might not understand this
| though as they've never seen "how things should be".
| PaulRobinson wrote:
| PWAs can do this.
| baxtr wrote:
| How would you make a video app in a browser? ie taking videos
| and then editing them afterwards
| psychoslave wrote:
| Do you mean something like
| https://commons.m.wikimedia.org/wiki/Commons:VideoCutTool ?
| baxtr wrote:
| I mean something like CapCut that has access to the phone
| camera for capturing video.
| worksonmine wrote:
| Browsers have camera and local file access if the user
| grants permissions, what do you mean isn't possible with
| the browser?
| psychoslave wrote:
| I think that the name browser is basically just what is
| putting people in the wrong track of interpretation. They
| have been fully fledged VM sandboxes, which incidentally
| happen to also embed html and pdf interpreter natively.
| sph wrote:
| GP used hyperbole but was not all wrong. The issue is that
| _most_ native apps could very well have been web apps. I
| appreciate that on iOS adding a web app to homescreen is
| possible, albeit obscure and not many use that feature. I
| hate that Firefox never really supported PWA for some
| unfathomable reason.
| baxtr wrote:
| Exactly. But GP deliberately said all, not most or many.
|
| GPs comment is something that people in politics would
| called sensational. Extreme rhetoric is great for upvotes
| because it stirs emotions but it's not rational.
| josfredo wrote:
| I think it's completely justifiable, since it illustrates
| the core of the idea. Also, HN users, unlike voters, can
| see through the framing. If anything, it's a great way to
| spark a debate.
| scbzzzzz wrote:
| The commenter says about most apps. The use case you
| mentioned requires computing resources. You can do the whole
| thing on browser too but it is not efficient way . But in the
| case of delivery apps, finance apps, you don't need much
| compute as can work exclusively with APIs .
| baxtr wrote:
| No GPs says there are no apps, which is not most.
| tossandthrow wrote:
| Performance is likely not a reason anymore - and if it is,
| then it is the platform that imposes it (rust was runs
| fairly fast in a browser).
| djaychela wrote:
| Working offline?
| unethical_ban wrote:
| There is nothing inherently evil about an app, or inherently
| good about a website - it's only because historically we have
| allowed crappy app permissions structures and allowing apps to
| ask for things they don't need.
|
| Apps are faster, are more predictable (no auto-reloading or
| rendering issues) and generally perform better IMO.
|
| On the other hand, in reality, you're correct. I think the
| NYTimes app will collect more data from me than the NYTimes
| website.
| chme wrote:
| I get your point partially. All these apps that companies put
| out in order to collect and manage shopping tokens or to
| contact their customer service would have been much better as a
| website.
|
| However I still do like to have apps on my devices that just
| work offline, without distributing my data across services I do
| not control. And I also do not want to depend on a internet
| connection, when I am anywhere.
|
| I like my offline Osmand/Organic Maps app to show me the trails
| when I am somewhere in the woods or mountains. I like my apps
| that instead on using some third party server, connect directly
| to my other local devices to share data.
|
| IMO all (where possible) apps should be developed offline
| first, and only require internet when necessary, and those apps
| that cannot work without internet should be web apps, they do
| not need to be on my devices.
| oarsinsync wrote:
| It's totally possible to distribute a webapp that works
| offline and stores all your data offline too.
|
| Platform owners introduce a bunch of restrictions that create
| reliability and usability concerns, but the standards already
| exist to enable a website operator to create a webapp that,
| after the initial 'install', runs entirely offline on the
| user's device, and has no need to communicate with the
| website.
| layer8 wrote:
| It's not really possible in practice, see
| https://news.ycombinator.com/item?id=43522667.
| rzz3 wrote:
| Im sorry. I really just can't understand or relate to this at
| all. Mobile web still feels like such a terrible experience,
| and apps generally don't. When's the last time you tried
| booking a flight on mobile web? And how do you deal with all of
| the real estate the browser steals? Having to log in every time
| when the app can just cache my authentication and FaceID me?
| andelink wrote:
| Not who you replied to, but I more so do not rely on my phone
| for anything where I would prefer more screen real estate
| such as doing comparisons like buying flight tickets. I have
| never bought flight tickets on my phone, only on my computer.
| I prefer the bigger screen and keyboard for most things
| actually
| renegat0x0 wrote:
| Not so sure. There are a ton of bad apps. They also do not
| work properly often.
|
| Besides companies focus on apps, not on web pages. Less
| money, less focus, therefore worse experience
| wodenokoto wrote:
| Seriously, booking hotels and flights is so much better on
| the web. You get multiple windows for easy flight and price
| comparisons, within and between providers.
|
| I don't understand people who use apps for this. It is such a
| pain.
| pasc1878 wrote:
| You are comparing desktops to phones.
|
| I do most things on my desktop for the reasons you say but
| on a phone multiple tabs etc is a pain.
| wodenokoto wrote:
| No, I'm saying that the booking.com app, or the
| Skyscanner app or any of their competitors don't support
| multiple tabs.
|
| Their websites do (although even on new phones you are at
| a greater risc of a tab being purged and needing a
| reload, but still you can multi tab on the mobile
| website)
| wiseowise wrote:
| > When's the last time you tried booking a flight on mobile
| web?
|
| A week ago, via TravelPerk which is literally a web wrapper.
|
| > And how do you deal with all of the real estate the browser
| steals?
|
| What?
|
| > Having to log in every time when the app can just cache my
| authentication and FaceID me?
|
| I literally use the same FaceID for my passwords/proton pass.
| Also, this depends on a website.
| whstl wrote:
| _> Having to log in every time_
|
| Sounds like a broken web app.
|
| You are currently using a webapp that doesn't do this. It's
| called Hacker News, and it never asks me to login every time
| on my phone.
|
| _> when the app can just cache my authentication and FaceID
| me_
|
| Sounds like a broken login form.
|
| Hacker News also allows me to login with Face ID on my phone,
| thanks to my password manager.
|
| Optionally webapps can also provide Passkeys.
| terinjokes wrote:
| > Sounds like a broken web app.
|
| >
|
| > You are currently using a webapp that doesn't do this.
| It's called Hacker News, and it never asks me to login
| every time on my phone.
|
| Every time I visit Hacker News on my iPad I'm logged out.
| Apple has decided that if you don't visit a website often
| enough it will expire all your cookies for the site.
|
| In practice that means I can log in to HN while I'm at the
| cafe one weekend and be logged out by the time I visit the
| next weekend.
| nxjx wrote:
| https://en.m.wikipedia.org/wiki/Platform_economy
|
| Becoming the middle man is the default model that supports
| scale. No one has come up with anything else to support a world
| where avg disposable income is close to 0
| hgomersall wrote:
| > Becoming the middle man is the default model that supports
| rent extraction
|
| FTFY
| ezequiel-garzon wrote:
| In the case of termux, by far my favorite app, I have more than
| 2GB of locally installed packages. How would that work with a
| browser?
| hk__2 wrote:
| OP talks about apps in general, of course there will always
| be anecdotic cases like this one (see also
| https://xkcd.com/1172/).
| setopt wrote:
| > I still, will never understand the need for native "Apps". To
| this day, I have never seen an "App" that couldn't simply have
| been a website/webapp.
|
| In cases where a native app and web app are both available on
| iOS, there's often a huge difference in battery usage and
| sluggishness. Also, as a sibling poster mentioned, I like
| having fully "offline" apps as well, for example for maps and
| notes.
|
| I'm not saying that I like how Apple and Google have done this
| in practice, but I don't think going webapp-only is the future.
| For the same reason I won't replace my real computer with a
| Chromebook for the foreseeable future.
| wodenokoto wrote:
| When the iPhone came out, you had full offline access on PC
| to Gmail and google docs using Google Gears.
|
| Google Gears got deprecated because something something move
| to standard HTMl and browser features and now we don't really
| have any offline web apps.
|
| The ability to have non sluggish, offline web apps has
| existed for decades now, but the interest from providers has
| been declining and the understanding that this is possible is
| also declining on the consumer side.
| wiseowise wrote:
| > In cases where a native app and web app are both available
| on iOS, there's often a huge difference in battery usage and
| sluggishness.
|
| Yeah, like single native instagram draining battery faster
| than combination of multiple websites that I visit in Safari.
|
| > For the same reason I won't replace my real computer with a
| Chromebook for the foreseeable future.
|
| > real computer
|
| Where most of the modern applications are either web wrappers
| or Electron apps.
| carlosjobim wrote:
| > Where most of the modern applications are either web
| wrappers or Electron apps.
|
| Only if you're stuck on a depreciated platform like Linux.
| If you are on Mac, native applications - real applications
| - are much more powerful and usable than any web wrapper on
| Linux.
|
| I've noticed Linux users have taken a habit of proposing
| their broken way of using a computer through the browser
| for other platforms as well. But on other platforms we are
| already spoiled with quality software.
| rlpb wrote:
| Native applications are way better on Linux, too. But
| only where they exist. There are plenty of "apps" where
| there developers have taken shortcuts by getting "Linux
| support" by using Electron. These app perform noticeably
| worse and are generally disliked by their users.
| mattl wrote:
| Good native Mac apps are on the decline too.
| carlosjobim wrote:
| What are you missing?
| mattl wrote:
| I was lamenting the lack of native UI in Blender last
| night.
|
| I've been using Nova for the last few years. Increasingly
| native non-Xcode development tools seem to be few and far
| between. I have BBEdit and Nova, but a lot of people have
| switched to VS Code it seems.
| alabastervlog wrote:
| I'm still bitter about Apple backing off their stance
| against using web tech in apps. Most apps that are really
| bad, are really bad because they're just wrapping websites.
| jampekka wrote:
| PWAs can be fully offline. Are you sure you understand what
| you criticize?
| jtrn wrote:
| Have you tried building PWAs for large user bases?
|
| Here are some of the frustrations I had with PWA's.
|
| There are massive differences between browsers and
| Android/iOS when it comes to storage, access to local
| files, and size limitations. Proper backup/sync of large
| files using IndexedDB, Cache API, or localStorage is not as
| straightforward as native storage.
|
| Service workers aren't designed for complex or long-running
| computations, But they're more like lightweight assistants,
| and you would have a HUGE pain trying to accommodate all
| the different browser/OS limitations if you need
| predictable background sync/backup. This seems maybe to be
| better going forward due to frameworks like Ionic/Capacitor
| or Workbox.js tho.
|
| PWAs are tethered to the web's security model, which means
| they're generally restricted to HTTP and HTTPS for
| communication. This limits direct access to protocols like
| SMTP (email) and FTP (file transfer). You're stuck with
| web-friendly options like WebSockets or WebRTC, or you'll
| need a server to act as a middleman. Building a torrent
| client would be really annoying due to the limited protocol
| access. The WebTorrent JavaScript framework, which can run
| in the browser, does not fully support traditional TCP/UDP
| torrent protocols directly but instead relies on WebRTC
| data channels. Therefore, your app will only connect to
| peers supporting WebRTC, which significantly reduces
| available torrents and peer counts. Also, there often is an
| added level of restriction to background processes on
| mobile.
|
| There are also limits to access of the devices APIs: - NFC
| (partial Web NFC support in Android Chrome) - Bluetooth
| (Web Bluetooth limited to Chrome Android, absent in iOS) -
| Native contacts, SMS inbox, telephony, or system-wide
| calendars. - Some system-level sensors (barometer, precise
| accelerometer data).
|
| Also: Web apps often perform slower on heavy graphics or
| computation than native apps due to lack of direct GPU
| access. I have not tested this myself, but I know this has
| gotten better.
|
| Onwards: - PWAs can't directly register as the default
| handler for specific file types or URL schemes across the
| OS. - PWAs cannot reliably run background tasks (like
| precise location tracking, audio playback, VoIP callbacks,
| or continuous data monitoring) when inactive. - WebAuthn
| supports biometrics, but native biometric APIs (like Face
| ID/Touch ID) offer deeper integration for specific app
| functionality. This is a HUGE need for our firm, as we rely
| on it for easy authentication for our app, and customers
| love it over other authentication methods. - PWAs can't
| easily embed widgets into the OS home screen or system-
| level UI components like control center integration.
|
| YES, PWAs are much more capable than some people think and
| could, in many instances, work just as well as a native
| app. (I use GeForce Now on iOS with not many problems.)
|
| And this is not even touching on how much easier it is to
| use Android/iOS SDKs to put together an application, and
| user expectations (which might be WRONG when they think
| PWAs are lesser or more insecure, but these attitudes are
| still reality).
|
| All that said, I prefer PWA over native myself due to
| publication freedom, but I get annoyed when you talk down
| to people, and you seem to be the one that doesn't
| understand that there are actual limitations.
| jampekka wrote:
| The post mentioned offline usage for maps and notes.
| Neither are significantly limited by service workers'
| capabilities. Platform differences are annoying indeed,
| especially due to the deliberate sabotage by Apple.
|
| Sure there are limitations to PWAs, but quite a vast
| majority of apps don't need the missing features.
|
| I find native Android and especially iOS SDKs vastly more
| difficult and cumbersome to develop for. Doubly so of
| course if you have to develop for both. Maybe if you're
| already used to the Android/iOS development mess it is
| easier short term than to learn something new.
| elric wrote:
| > The only benefits I can see of "Apps", are the developer
| get's access to private information they really don't need.
|
| That's exactly the point. More developer control, less user
| control. Can't change cookie settings in an app, can't (easily)
| block ads, can't use developer tools to remove annoying UI
| elements, can't disable phone home mechanics, can't prevent the
| developer from profiling you.
| ustad wrote:
| Its funny to read negative replies to your comment on the
| shortcoming's of web apps.
|
| The browsers are controlled and manipulated by the likes of
| Apple and Google. These companies have a significant influence
| on the direction of browser features and limitations, often
| shaping them to suit their business interests. For example,
| Apple's Safari and Google's Chrome have been criticized for
| implementing features that reinforce their own ecosystems, such
| as limiting web push notifications or restricting certain web
| API functionalities to encourage users toward their native
| apps. This ultimately means that even in the browser world, the
| same forces that drive the app store monopolies can still
| control and restrict what's possible, even if the web is
| inherently more open. So while web apps offer more flexibility
| than native apps in theory, the reality is that Apple and
| Google's control over the browsers still limits the true
| potential of a completely open web.
| jampekka wrote:
| > The browsers are controlled and manipulated by the likes of
| Apple and Google.
|
| Who do you think controls Android and iOS native APIs?
|
| Web standards at least have public forums and specs, with
| multiple parties involved. And all the major browser engines
| are open source and apps built for them are relatively cross-
| compatible.
| xxprogamerxy wrote:
| Simple, UX.
|
| The reality is, most webapps for mobile just suck. The UX is
| nowhere near that of a native application. I don't want any
| text to be selectable. I don't want pull to refresh on every
| page. I don't want the left-swipe to take me to the previous
| page.
|
| You can probably find workarounds for all these issues. The new
| Silk library (https://silkhq.co/) is the first case I've seen
| that get's very close to a native experience. But even the fact
| that this is a paid library comes to show how non-trivial this
| is.
| leipie wrote:
| As a user I usually want all of those features to work. I
| regularly get ticked off at apps, because I cannot copy paste
| like in the browser or the app just closes (and loses all
| state) because I tried to use the back button. I also
| encountered apps that just reset, because I dared switch to
| another app for a second because I wanted to copy paste
| something into it...
| ffsm8 wrote:
| Mmh, the examples you've listed are actually super easy to do
| if you're using a framework such as angular with it's plugins
| for pwa and touch controls. And prolly tailwind for
| css/disabling selection if you _really_ want to, but I 'd
| call that an anti feature in almost all cases.
| xg15 wrote:
| In theory. In practice not so much.
|
| I've had enough browser apps try that on my phone. Usually
| they start to lag out and become unbearably slow due to the
| framework bloat, compared to native apps that have no such
| issues.
| wiseowise wrote:
| UX is when you have less features - got it.
| mojuba wrote:
| To be fair, browser apps do have their advantages:
|
| - text is selectable
|
| - content is zoomable
|
| - you can have an ad/nuisance blocker
|
| - page source is open
|
| While native apps have their own advantages:
|
| - much smoother experience esp. navigation, scrolling,
| animations, etc.
|
| - better overall performance (JavaScript will always lose to
| the native binary)
|
| - access to hardware opens new possibilities; audio, video
| accelerators etc.; there's a ton of things you can't do in
| the browser with audio for example
|
| - widgets, some of them are nice and useful too
|
| - for publishers: an app icon on the home screen is a
| reminder, a "hook" of sorts; this is the main reason they
| push apps over web versions
| blacklight wrote:
| All the features you mentioned can also be achieved by a
| well developed PWA. Of course, minus the widgets or some
| deeper system integration (like controlling phone calls
| etc.)
| mojuba wrote:
| Try to build a more or less serious music synth in the
| browser that won't kill your battery.
| firtoz wrote:
| Heh, I was actually building one. Haven't considered the
| battery... Are the web audio APIs bad, or are you forced
| to use the CPU? I guess with webgpu it may be easier?
| mojuba wrote:
| I think on iOS you need access on the CoreAudio level if
| you want to be efficient, ie fill audio buffers on a high
| priority thread with some lower level static language.
| divan wrote:
| > browser apps do have their advantages:
|
| These are more like byproduct of the fact that web apps are
| built on the stack not suited for modern UI apps. It's
| literally a text typesetting engine pretending to be a
| rendering engine for high-performance UI.
|
| So, it can also be framed as:
|
| - everything is selectable, even what shouldn't be -
| buttons, drawers, video players, etc - content is zoomable,
| which most of the time just breaks UX in hilariuous ways.
| Developers have to do extra-work to either disable zoom or
| make hacks/workarounds.
|
| "Everything is selectable" and "everything is zoomable"
| makes total sense if it's a blog post. If it's a UI for the
| modern app, it does not.
| rblatz wrote:
| Disabling zoom is so hostile, why not disable screen
| readers and put bollards on handicapped ramps while you
| are at it. It's literally a middle finger to older people
| and people with vision issues. If you disable zoom I will
| not be using your website.
| divan wrote:
| Luckly most popular operating systems have concept of
| global text size that can be adjusted, and non-web UI
| frameworks respect that.
| mvdtnz wrote:
| > It's literally a text typesetting engine pretending to
| be a rendering engine for high-performance UI
|
| This is an outdated view of the web. Catch up or be left
| behind.
| divan wrote:
| This is factual view. No matter how many layers of
| abstraction you put on top, the foundation is always
| there. Luckily we have better and better support for wasm
| in browsers, so it's a matter of time when this outdated
| stack will be replaced with solutions designed from the
| ground up for the task.
| Aerroon wrote:
| Most _apps_ for mobile suck too. A lot of them are worse
| because they are not in a web browser, eg YouTube or Reddit
| or similar apps that work via urls.
|
| Browsers are some of the very few apps that work well on a
| phone. Most of the other ones feel like a mess (except games
| I guess).
| jonplackett wrote:
| You have to wonder about the motivations of the company
| making the browser that makes it impossible to disable some
| of these things, and therefore makes real apps so much
| superior (like swipe to go back on safari - I have never ever
| swiped back intentionally in over 100000 swipe backs).
| jodrellblank wrote:
| "I have never wanted to type the letter 'e' in any of the
| 100,000 times I hit the 'e' key on the keyboard; it's
| always felt suspicious to me why keyboards even have an 'e'
| key which can't be disabled" said the perfectly normal
| hacker news commenter.
| rezonant wrote:
| > I have never ever swiped back intentionally in over
| 100000 swipe backs
|
| Real question here, what are you _trying_ to do when you
| "swipe back"?
| bluedino wrote:
| Dating apps.
|
| By instinct I swipe back like I am in Safari, and that
| does something else in those.
| jonplackett wrote:
| Swipe UP
| miramba wrote:
| Touching something on the left side, like a link, and let
| my finger touch the glass a tiny bit too long while
| pulling the finger back. Unwanted swiping happens to me
| all the time in all directions - may the developers use a
| touch screen for everything forever!
| buyucu wrote:
| webapp UIs suck because nobody cares about them. They could
| be a lot better.
| silisili wrote:
| That's funny, I use Amazon on mobile web, my wife insists on
| the app.
|
| Guess which one of us has way more problems, due to both
| functionality and a constantly changing layout?
| fauigerzigerk wrote:
| _> I don't want any text to be selectable. I don't want pull
| to refresh on every page. I don't want the left-swipe to take
| me to the previous page._
|
| Strange. This inability to select any text has always felt
| like one of the most hostile things developers could ever do.
| It feels like pure vandalism.
|
| Another thing that causes massive productivity degradation is
| not being able to keep multiple pages open so you can come
| back to some state. I cannot imagine how anyone could
| possibly use these apps for any serious work.
|
| The UX of almost all native mobile apps is absolute crap. But
| it's not their nativeness that makes them crap. I'm not
| complaining about the idea of operating systems offering non-
| portable but high performance UI primitives that make use of
| OS facilities.
|
| Many native desktop apps don't have these UX issues (at least
| not all of them at the same time). It's the mobile UX
| patterns, conventions and native UI frameworks that are
| causing this catastrophic state of affairs.
| whstl wrote:
| Inability to select text is a pain in the ass when you're
| midway through learning the language and only wants to
| translate certain parts. In native apps it's understood
| (app makers don't really give a shit about me), but when
| it's in websites it's like a slap in the face :)
| hombre_fatal wrote:
| Yeah, the app model of one page open at a time ever is such
| bad UX. Huge regression from the web. Funnily enough you
| get around it on an app like Reddit by opening pages in the
| web browser.
| tshaddox wrote:
| Also, if my memory serves, native MacOS apps by default
| support selecting most text that isn't part of a clickable
| element like a button.
| criddell wrote:
| On modern mobile and desktop operating systems, you can
| always copy that portion of the screen to the clipboard and
| it will recognize the text so you can paste it anywhere.
| mattl wrote:
| I've noticed that apps can tell when you're taking a
| screenshot and often will pop up a little message first
| which appears in the screenshot.
|
| Reddit on iOS was one that did it.
| herrvogel- wrote:
| Every time I try to select a single word in a WhatsApp
| message I surprised for a second. It's so strange that most
| apps that have text as their fundamental content don't
| allow you to do this.
| blacklight wrote:
| It doesn't sound like anything that a PWA (paired with some a
| sync mechanism like Websockets) can't solve. And with
| WebAssembly the convergence is even more compelling.
| starfezzy wrote:
| That is not an objection. Two decades of webapp progress
| instead of native app progress would have (and still would)
| addressed all of that.
| nodar86 wrote:
| > I don't want any text to be selectable
|
| Disabling text selection is not just worse UX, it is actively
| user-hostile
| divan wrote:
| In Photoshop panels, title (like "Layers") are not
| selectable. How is it worse UX or user-hostile?
| crazygringo wrote:
| I have literally never needed to select text in a UX
| element.
|
| In the past, occasionally there would be an error message
| in a message box dialog that I wanted to copy and paste.
| And then I discovered that despite it not looking
| selectable, it actually was.
|
| I don't want to accidentally select the text of my menu
| bar, or of a text box label, or a dialog tab title.
| sitkack wrote:
| I, I, I. Empathy is a weakness.
|
| Lots of limitations for you to not accidentally do
| something, maybe there is a way to not accidentally do
| those things and also help people that need them.
| crazygringo wrote:
| No, not providing concrete examples is a weakness.
|
| You're awfully arrogant in making a judgement about my
| empathy... if you want to make this personal.
|
| Or maybe you can justify why people need to be able to
| select menu labels in the first place? That's not
| standard on any OS I've ever used, so it's up to the
| person who wants to change things to justify why.
|
| Maybe be less judgmental of people here on HN, and
| contribute something factual instead? I at least gave a
| factual account of my personal experience, which is a
| data point. Describing one's experience isn't egoism.
| nazgul17 wrote:
| A simple and concrete example is, go to Japan, find
| yourself in need of using any Japanese-only app, be
| extremely frustrated in not even being able to select
| text to translate it.
|
| At least in recent versions of Android there is that OCR
| (?) powered functionality to select text when you're in
| switch-app view.
| IshKebab wrote:
| It's worse _on desktop_. On mobile it just leads to
| accidental selection when you were trying to do something
| else.
| sota_pop wrote:
| To go along with this UX argument: it's always been my
| perception that native apps often lean towards a stateful
| design while web apps try for stateless. Maybe that's too
| abstract (read - incorrect), but was always just where my
| intuition landed.
| andoando wrote:
| Nothing prevents fhe same UI being available in web though.
|
| Iconic mirrors a lot of it, but Apple/google could have just
| as easily made them native components triggered in the
| browser
| renegat0x0 wrote:
| Many things needs to be an app, but so so many do not require.
|
| Many apps are apps just because they can collect your data, and
| create walled gardens. It is harder to create extensions for
| existing apps, for web pages it is easier.
| nottorp wrote:
| Imagine a world in which your smartphone's battery lasted more
| than a day...
|
| ... and ram requirements for good performance went down by 66%
| ...
| WesolyKubeczek wrote:
| ...but give it one little webview...
| xlii wrote:
| Any kind of offline cryptography. Imagine Apple Pay being an
| app. So all sort of digital signatures, documents, checks,
| payment codes and vouchers, tickets etc.
|
| IMO this is in the range of ,,why we use machines to transport
| if we all have legs". Technically true, but applications do
| more than only UI.
|
| I've heard this argument for the past 30 years (we won't be
| using apps, everything will be remote
| console/terminal/webpage/web). Chromebooks were meant for web-
| first access, and yet native apps are still alive and kicking.
| usrusr wrote:
| Push notification is the big one. Yes, there is web push, but
| that's hardly scratching the surface of feature completeness.
| And incentives to change that aren't really there.
| wiseowise wrote:
| That's a feature.
| HSO wrote:
| _> the "App Store" is a totally unnecessary concept introduced
| by Apple/Google so they could scrape a huge percentage in
| sales._
|
| Actually, when the iPhone was introduced, Apple _wanted_ it to
| have only a few select native apps (like Maps or Mail) and all
| the rest to be web apps.
|
| They were _browbeaten_ into opening an app store by the
| developers, who wanted to do native apps, not the other way
| around like you say.
| jb1991 wrote:
| This is a bizarre take. Are you also suggesting there's no
| reason to have a native app on a laptop? Because it's
| essentially the same question. There are many things which a
| native app can do that a browser just cannot do well, or at
| all. I don't know what your needs are, but for example if
| you're doing heavy video or audio editing, accessing heavy
| amounts of RAM or utilizing GPU compute or doing other things
| on the bare hardware, doing that all from a browser is
| definitely not there yet.
| miki123211 wrote:
| Yeah, good luck writing a screen reader, a demanding mobile
| game, a (local) music player, or a warehouse parts lookup app,
| supporting fully offline use and barcode reading functionality.
|
| In 2025? Sure, you can do some (but not all) of that in a
| browser? In 2010, when those systems were becoming popular?
| Absolutely not a chance.
|
| People forget that Apple initially tried this exact approach.
| On the first iPhone, that's how you were supposed to do apps.
| People wanted native so much that they were willing to go the
| extra mile, jailbreak their device, document the undocumented
| iPhone SDK and write their own toolchain. The user demand for
| native was clearly so overwhelming that Apple finally relented
| and gave in.
|
| Even a few years later, Facebook tried hard to have a single,
| cross-platform HTML5 website instead of bothering with apps.
| Even then, browsers just weren't there yet, and they probably
| had the best engineers and resources on that project one could
| have had for any money.
| roncesvalles wrote:
| It's an advertisement that you see each time you use your
| phone.
| ErigmolCt wrote:
| So many apps are glorified wrappers around web content anyway,
| and in those cases, native just adds bloat (and tracking)
| NooneAtAll3 wrote:
| ...not every app is a worse reddit website?
|
| there are games, there are offline programs
|
| ---
|
| website-as-an-app do needs to be squashed, that's something I
| do agree with you
| dustingetz wrote:
| Zuck: Betting on HTML5 was a mistake (2012)
| https://www.infoq.com/news/2012/09/Facebook-HTML5-Native/
|
| https://www.sencha.com/, the vendor of the ExtJS framework
| tried to argue that Facebook was wrong (2012):
| https://www.infoq.com/news/2012/12/Fastbook/
|
| I worked for a company that used Sencha back in the day and
| wrote the first React integration over their form/datagrid
| components in 2013. React ate their lunch
| tim333 wrote:
| Pokemon Go. You couldn't really do that as a webapp with the VR
| and stuff.
|
| Also with the bank apps I think there's extra security over a
| webapp - on the iphone they often scan my face.
| graemep wrote:
| Maps and navigation apps? Desktop integration and sync apps?
|
| That said most of the time you are right.
|
| I am fairly convinced that some apps are just wrappers around
| web apps. The Virgin Money (Uk bank brand) app used to ask for
| cookie permissions on launch and felt very like their website
| used to (until it was removed and they went app only).
| LtWorf wrote:
| Speed, and from that follows battery life.
| immibis wrote:
| In other words, you believe all computers should be
| Chromebooks, which can only run Chrome and nothing else?
| Aachen wrote:
| For one, you couldn't access those webapps without a browser,
| so that's the need for one app. It would also be a bit annoying
| if you had to load a webpage when trying to dial a number
|
| Or am I not understanding what you mean when you use the quoted
| name "Apps"?
| dbtc wrote:
| I agree, mostly, but there are definitely some programs I want
| running on my phone and outside of the default browser.
|
| - Timer / alarm clock - Camera - File browser - Offline maps -
| Another web browser
|
| But not 250MB banking app.
| miniBill wrote:
| Access to Bluetooth devices is a good reason to have an app. I
| definitely do not want a Bluetooth API in my browser (although
| Chrome does have something in that direction, I think it's a
| bad idea)
| impossiblefork wrote:
| It has the potential to be faster, more private and more
| efficient.
|
| Absolute absence of lag, glitches, rendering issues, memory use
| in the kilobytes etc. is possible with native applications.
| dangus wrote:
| So you never use native apps on your desktop? Why should a
| computing device not be able to run programs?
|
| I feel like an actual security-driven design is a lot better
| than just relegating everything to the browser.
| hedora wrote:
| It's clearly for data collection. Take the yelp web app for
| example. It used to be much nicer than the native one. Then,
| they intentionally defeatured it until it was useless.
|
| Also, this situation benefits the google-apple duopoly, since
| it means superior products (remember Windows Phone 8?) or
| privacy focused devices (FirefoxOS) have no chance of getting a
| foothold in the marketplace.
|
| The objections I see in sibling comments are nonsense. Modern
| web supports high frame rates, developer control over the UI,
| etc, etc.
| chamomeal wrote:
| To me a mobile app is usually just a shorter web app that you
| can't zoom on
|
| Edit: and I'll venture a guess that since mobile apps can't use
| things like ad blockers, companies probably prefer them. More
| control over what you look at.
| prinny_ wrote:
| Honestly I wonder the same. App stores have big % cuts for the
| provider, I believe Apple has a 30% cut? Surely this number is
| big enough to justify spending the resources for a mobile first
| site?
| dagmx wrote:
| While many native apps could be web apps, you're ignoring a
| very large reasons for native apps:
|
| 1. Better UX and responsiveness for users, including better
| offline use.
|
| 2. Using native hardware APIs. How are you going to do things
| that require on device video compression, or realtime graphics
| that are more advanced than GL ES, etc
|
| 3. Battery life and performance. A native app can use less
| power than a web view for doing its work, and it can also make
| use of better async/concurrency/threading than a web view
| allows for.
| gtsop wrote:
| Very narrow take, it so far fetched i would consider this a bad
| faith comment.
|
| How could you possibly consider intensive games to be "simply"
| web apps? How about network apps like vpns, wifi analyzers?
| Have you really not come across such apps or are we meant to
| think every app is a TODO application?
|
| Both web and native has been driven by the same corporate
| forces, the argument here should be technical only - what can
| you do on native that you can't on the web. Mixing this
| technical matter with corporate policies muddies the waters.
| sbierwagen wrote:
| Push notifications. Apps have them on by default, websites have
| them off by default. 100% of Temu's valuation is because they
| pester users all the time with nudges to buy stuff, which
| works.
|
| Normies don't turn off notifications. Over the last few years
| all my relatives have picked up smart watches, (thanks to cell
| carriers upselling them hard during phone replacements) and in
| any given conversation at family events they'll be glancing at
| their wrist every 100 seconds.
| retrac wrote:
| Registering for push notifications ought to be a protocol
| much simpler and lightweight, compared to this spinning up a
| virtual machine and running a downloaded binary for each
| channel of notification you wish to receive.
| zer0zzz wrote:
| My solution to this is to use the apps that come with my phone
| and avoid relying on anything else. Problem solved. I use signal,
| uber, MyChart (for my doctor), and some apps for banking but that
| is about it.
| nindalf wrote:
| > Beyond the usual categories, I see there are checks for apps
| like Tamil Calendar, Odia Calendar, Qibla Direction Finder,
| mandir apps, astrology apps. They know what they're doing.
|
| This loan app is profiling people on the basis of race (Tamil,
| Odia) and religion (Qibla Direction Finder is used by Muslims,
| mandir apps by Hindus).
| photonthug wrote:
| > It's worth acknowledging that there are some legitimate reasons
| for an app to check which other apps are installed on your phone.
| For example, an app might check which UPI apps are installed to
| show relevant payment options.
|
| Nope! Nope, nope, nope. If you're wondering how we got into this
| situation.. well, it's exactly stuff like this. Weird to see
| someone who's digging into it at all also making excuses for it.
|
| No one ever said "I want to avoid a single extra click once every
| other month, so I guess I better irrevocably open my
| data/phone/life up completely to megacorp forever". And they
| certainly did not say this about tinycorp. People just absolutely
| suck at adversarial thinking, and good guys need to do it for
| them before bad guys can. Do you want organized crime
| blackmailing your politicians about dating apps and infidelity?
| Do you want to make it easy to do large scale targeting of
| ${vulnerable_people} the next time the cultural or political
| climate shifts?
|
| Come on. Anyway shouldn't the phone OS itself handle this rather
| than apps launching apps?? If not.. just let people pick a
| payment option, and then throw an error if the option is not
| available.
| qwe----3 wrote:
| > "I want to avoid a single extra click once every other month,
| so I guess I better irrevocably open my data/phone/life up
| completely to megacorp forever"
|
| Nah, it's super annoying when I click on a link and don't get
| redirected to the native app. This happens way more then once a
| month. Web experiences are much worse for many things.
| photonthug wrote:
| Cool but the attitude of "bring on the dystopian future as
| long as it's more convenient for some people some of the
| time" is still confusing to me. Do you imagine that leaked
| information like this has never gotten someone killed before,
| and never will in the future?
| hollow-moe wrote:
| Good, because this is what Intents are for. No app needs to
| know all your installed apps to launch them with a link.
| Yaggo wrote:
| The title should read: "Everyone knows all the apps on your
| _Android_ phone "
| DeathArrow wrote:
| >Please remember the next time you casually install an app on
| your Android device, this information is being broadcast to the
| whole world. Data brokers will use it to profile you, cross-
| reference it with data about you from other ad networks and
| eventually it will be used to decide how much you'll be asked to
| pay the next time you order a samosa.
|
| Who are those data brokers? Are they publicly known? Do they have
| an API where a business sends customer ID, mail or something and
| get an spending profile that helps adjusting price for a
| particular customer?
|
| I know this sounds evil. But didn't banks and insurance companies
| collaborate to profile their customers since tens of years ago?
| That is not similarly evil?
| DeathArrow wrote:
| TLDR, want privacy, don't use Google products.
| weinzierl wrote:
| _" the one that blue tick twitter accounts living in certain pin
| codes of Bengaluru passionately discuss amongst themselves for a
| week every year"_
|
| To someone embarrassingly unfamiliar with Indian culture, what
| does it mean?
| moi2388 wrote:
| The PowerPoint he talks about and is displayed the line below
| it
| weinzierl wrote:
| I know but that does not clarify the connection between blue
| tick, certain pin codes and a certain week in the slightest.
|
| Sure, these are probably all hints to affluent members of
| society but I was hoping for a more detailed explanation.
| banqjls wrote:
| Blue tick/check = verified Twitter accounts, from when
| Twitter staff chose who to give the blue tick and only gave
| it to journalists, technologists, etc that the twitter
| staff wanted to amplify. Nowadays a blue check simply means
| you purchased premium, but we remember the original
| meaning. This is not an Indian thing.
|
| PIN codes = postal codes.
| weinzierl wrote:
| Yes, the interesting question is which PIN codes is the
| author hinting at and which week of the year and why.
| This is what I want to know. I think I can figure out the
| rest myself.
|
| But while we are at it: What is the significance of a cow
| trading app. Is it used by people who treat cows as
| sacred or the opposite?
| Slitted wrote:
| I'm sorry but I have to bring this up: are these comments
| bait? The questions are a little too naive yet
| purposeful.
| xolve wrote:
| Bengaluru/Bangalore has hotspots (PIN codes are postal address
| codes) where there are lots of startups, mostly in ecommerce,
| ad-tech, online education etc. and they have incentive to
| upsell you a lot.
|
| I guess its referring to someone wannabe influencer buying
| Twitter(X) premium and posting based on half baked info on
| customers.
|
| Mostly sarcasm, so take with a grain of salt. I can't tell
| about accuracy, but explaining the cultural context here.
| weinzierl wrote:
| Thanks, this is helpful. Is the certain week referring to a
| specific festival?
| xolve wrote:
| I don't know, sounds like any week.
| evertedsphere wrote:
| presumably the report comes out every year and it's
| discussed for some time after that
| thatloststudent wrote:
| I want to expand on this more as someone more familiar with
| Bangalore/Bengaluru.
|
| Almost like clockwork, Blume Ventures releases a report every
| year about the state of the Indian startup ecosystem that year,
| and since Bengaluru startups are almost all concentrated around
| Koramangala or HSR layout (these are places inside Bengaluru
| with their own PIN/address codes), you'll find a lot of people
| talking about that online.
| gopkarthik wrote:
| ^ This.
|
| You can read the reports at https://blume.vc/reports/indus-
| valley-annual-report-2025 or archives at
| https://www.indusvalleyreport.com/ .
|
| The ppt in the blog is from the 2024 report -
| https://docsend.com/view/zqgfupfzyud499hn. The India 1-2-3
| framework is old though. IIRC it was coined by a retail
| sector founder (Kishore Biyani) in the 2000s.
|
| Also Koramangala, HSR layout are also the more affluent
| localities in Bengaluru.
| pavel_lishin wrote:
| Would it be analogous to Silicon Valley in America?
| weinzierl wrote:
| Thanks a lot. That makes total sense!
| ErigmolCt wrote:
| This is equal parts fascinating and horrifying
| tmtvl wrote:
| ...On Android. I'm sure I don't have that problem on my Ubuntu
| Touch phone (if only because there are hardly any apps for it).
| nolist_policy wrote:
| Interesting, how does Ubuntu Touch sandbox apps? Does it have
| one-time permissions (like Android)?
| tmtvl wrote:
| I actually don't know, I was just making a joke about the
| dearth of applications on UT. I'd expect it to have Snap-type
| sandboxing, but the Security and Privacy section of the
| settings app doesn't tell me much.
| surmoi wrote:
| Exodus Privacy will let you know about this kind of Android apps
| you should avoid installing https://exodus-privacy.eu.org/
|
| Swiggy is actually a small player in terms of permissions
| requested, with 'only' 47 Compare it to Weibo with 104, Wechat
| with 93, Facebook with 85, Snapchat with 71 (granted those apps
| may offer additional services that require some additional
| permissions, but they are definitely not worth giving them all
| your data...)
| graemep wrote:
| The HSBC UK Android app look s at what apps you have, and refuses
| to run if you have apps with certain permissions (such as an
| alternative launcher) and now refuses to run if you have any apps
| from outside the Google app store.
|
| I have complained about this here before, but the end result was
| that I asked for a hardware security device and use the website
| instead.
| switch007 wrote:
| That's beyond absurd. Sounds par for the course with HSBC!
| odiroot wrote:
| Interestingly FirstDirect app (also part of HSBC) has no such
| problems. It even ran on my previously rooted phone.
| qbane wrote:
| Tired of apps using shady, fragile tricks to refuse to work and
| claiming that you are "secured" by them
| bpbp-mango wrote:
| android lmao
| Tewboo wrote:
| It's true, our phones are like little windows into our lives. The
| apps we have reflect our habits and interests.
| TekMol wrote:
| So I downloaded a few dozen Indian apps I could think of
| on top of my head and started reading their manifest
| files
|
| How do you download apps from the Android app store and read
| their manifest files?
|
| Does this mean one could make a website that lists all those
| manifest file, so the users could decide against using apps that
| use this loophole?
| Etheryte wrote:
| Yes, it's called alternative app stores and there's quite a few
| of them around.
| TekMol wrote:
| Hmm.. how do the apps from the Android app store get into the
| alternative app stores? And how do you know they are the same
| app and not altered?
| turrini wrote:
| I don't know if it is just me but I run every class of app in
| isolated "islands" (like work profiles) on Android. Browsers,
| banking apps, social media, instant messaging, tools, etc. Almost
| everything is isolated from another non related group.
| olejorgenb wrote:
| How?
| anonym29 wrote:
| You don't have to sacrifice your privacy to use Android.
| GrapheneOS is a tremendous alternative, and even if you still
| need some Play Store applications, you can install a GMS
| compatibility layer and Play Store in either a secondary profile
| (recommended) or your main profile (not recommended) without
| granting Google unfettered control over your entire operating
| system. This compatibility layer offers a better reduction in
| attack surface and stronger hardening than microG.
|
| Alternatively, you can continue with the standard setup,
| accepting that you're willingly providing companies with an
| unprecedented level of access to your personal data. It's
| puzzling that many seem more concerned about breaking a familiar
| routine than about the risks associated with sharing every detail
| of their lives with companies that, in turn, share that data with
| one (or more) hostile government(s).
|
| There is certainly a lot of justified concern about government
| overreach and abuse of power on HN. It remains difficult to
| understand why many with these warranted concerns do nothing to
| adopt a more coherent and rational approach -- such as merely
| _attempting_ to protect their personal data by not deliberately
| and voluntarily feeding it entirely to companies that are
| secretly coordinating with the very same hostile governments
| these people _claim_ to seriously fear and detest.
| anymouse123456 wrote:
| IME, Apps usually represent an overly generous amount of contempt
| for the people who use them.
|
| At best, it's a designer's hubris (mixed with contempt) like,
| "You want to select some text out of your SMS message? I've
| decided. NOPE."
|
| But mostly we're treated with contempt simply because we're an
| annoyance that is obstructing the goal of serving the actual
| customer (advertiser) who is paying for the work.
|
| App Stores are no mystery. They are a funnel for rent-seekers and
| adtech info brokers.
|
| If you think they are intended to benefit you in any way at all,
| you are badly mistaken.
| bloomingeek wrote:
| Perhaps crazy question: is it a good idea to have two phones now?
| One for making calls only, with as many apps as possible removed.
| And another phone for email, web surfing, photos, etc...?
|
| edit: Oops, I left out texting. Which phone for that?
| monsieurbanana wrote:
| You still make calls with your phone?
| bloomingeek wrote:
| Of course, amazingly that's one of it's best features,
| enabling you to actually speak to a real person. (it's a type
| of personal connection that fleshy robots have, for some
| reason, derided.)
|
| But I digress, excusing your bad form of answering a question
| with a question, I am interested in your opinion of the
| possible conundrum of the two phone idea.
| subscribed wrote:
| If you don't need ANY apps on your main number, good dual-Sim
| feature phone (but be extremely picky, some are utter trash).
|
| The for all the smart stuff, Pixel 6 with GrapheneOS. You can
| confine various "classes" off apps to dedicated profiles, so
| they'll never know of each other, and you get a vastly improved
| security (multiple releases in the month) and significantly
| improved privacy.
| RKFADU_UOFCCLEL wrote:
| This is to be expected though, a phone platform isn't exactly Tor
| Browser. The big API as with any platform will have plenty of
| ways to fingerprint people even without this one example, unless
| the developers went far out of their way from the beginning to
| build prevention in. Much like how on UNIX you can see what
| processes everyone is running and their command lines.
| aucisson_masque wrote:
| That's why I like hacker news.
|
| I found this article yesterday and posted it on reddit android,
| here :
| https://old.reddit.com/r/Android/comments/1jmwg4w/everyone_k...
|
| 0 upvote, comment filled with what is either depressed sad people
| or just bots.
|
| Here it's top 2... With mostly interesting comment.
|
| Some subreddit are more dead than other but r/android got to be
| one of the worst.
| hnuser123456 wrote:
| The subreddit is mostly younger folks more aligned with the
| "fanboy" attitude, they downvoted because it was a critique of
| Android.
|
| Hacker news understands the concept of constructive criticism.
| aio2 wrote:
| I wouldn't say understand, but _better_ understands
| SV_BubbleTime wrote:
| Exactly this can be seen here if the discussion is about
| climate.
|
| Even better understands might be pushing it. "Better
| tolerates"
| wruza wrote:
| Thread success is hit and miss. You can post and there's
| crickets, or you can post and people pile in. If you click the
| "past" link under the title, there's a thread from 2 days ago,
| completely dead.
| diggan wrote:
| > Some subreddit are more dead than other but r/android got to
| be one of the worst.
|
| Yeah, I'm not sure what exactly is going on with reddit but if
| dead-internet theory would hold anywhere, it seems to be there.
|
| Besides, all the topic/subject subreddits seems moderated by
| people who hold a vested interest in the topic/subject, to the
| detriment of their community. I made a submission which went
| into details about the proprietary license that Meta's Llama is
| under, and what exactly that license means, and it was removed
| manually by the moderators of r/LocalLlama without any
| reasoning + they refuse to answer why it was removed even after
| trying to understand the rules of the subreddit better.
|
| I'm guessing when the last "reddit purge" happened where they
| replaced a bunch of community moderators with employees from
| reddit, most of the platform was sold to companies to moderate
| their own spaces, unfortunately.
| Mistletoe wrote:
| Moderation is one of the huge Achilles' heels of Reddit. I'm
| confused why Reddit thinks a monarchy with no term limits
| will work on a website when it has never worked in human
| history. There is no voting whatsoever where users can give
| feedback on how they think the moderation or the subreddit is
| going. You get entrenched subreddits like /r/movies and their
| obsession with movie posters instead of movie discussion or
| /r/running, which is incredibly unused because the mods
| insist on removing almost any discussion of running outside
| the weekly threads except for idiotic race reports in obscure
| places that no one reads or cares about.
| xmprt wrote:
| The nice thing about reddit is that no one is forcing you
| to follow such broach subreddits which appeal to the common
| denominator. In my experience, any subreddit which has more
| than a few millions members is going to be pretty terrible.
|
| Find a more niche subreddit like /r/<city_name>running
| (although location subreddits fall into a similar trap) or
| /r/longdistancerunning and you'd probably find them to be
| more interesting simply because moderators are beholden to
| a smaller community and their job is more about making
| things interesting for their niche and cultivating a
| community rather than just dealing with slurs, bots, and
| spam.
| hn_throwaway_99 wrote:
| I agree with your comments about the large subreddits,
| but I also agree with Mistletoe that even many niche
| subreddits (or at least "midsized" subreddits) suffer
| from the same moderation problem.
|
| Namely, once a subreddit becomes popular or has basically
| "the default" subreddit name, it's _extremely_ difficult
| to just start a new subreddit if you don 't like the
| moderation on the old subreddit, because it's so hard to
| get people to know about or move to the new subreddit.
| There was some drama years ago where some r/lgbt mods
| went on a major power trip, which caused other folks to
| start the r/ainbow sub, but still most folks go to the
| lgbt reddit as it's what comes up first if you just
| search for "gay subreddit" or similar.
|
| You say "because moderators are beholden to a smaller
| community", but that's the point - mods aren't really
| beholden to anyone at all, as it's not like electing mods
| is a democratic process. Note nor do I think it should
| be, as being a mod is a ton of grief and labor that
| people donate for free. But I do think Reddit could make
| it a lot easier and "fairer" if people wanted to "fork" a
| subreddit if people wanted to discuss the same topics
| with the same community, just with different moderation
| rules.
| SV_BubbleTime wrote:
| You are confused.
|
| You seem to think Reddit Inc wants anything but control
| over the users. They are not at all interested in
| discussion or being a social network. If they could achieve
| their real goal without all the annoying comments, they
| would shut those off instantly.
|
| Reddit is a narrative pushing machine first and foremost.
| The money they make on advertising - IS NOT - from the one
| of two ads you see per page.
|
| The Reddit stock price is not at all reflective of their
| tech. It's based on ability to push thoughts to users.
| dghlsakjg wrote:
| Their annual report, and their advertiser platform
| doesn't really back up whatever it is you are implying
| here.
|
| I would be incredibly surprised to find that reddits
| officers are willing to risk life ruining fines to lie in
| their filings about this.
| Seattle3503 wrote:
| As someone who has moderated multiple subreddits, and
| single handedly brought a subreddit from 0 to 100,00
| subscribers, this misunderstands subreddits, moderation,
| and the relationship between Reddit and moderators. IMO
| subreddits were supposed to be like random forums on the
| internet of old, but with a shared substrate. Those forums
| were singularly owned as well and if you didn't like the
| operators you moved on, because there was no one you could
| escalate to.
|
| There is fundementally a social contract between Reddit and
| its moderators. Moderators get autonomy and control, and
| reddit gets content that keeps users around. As long as
| Reddit does not pay moderators, autonomy and control is all
| they can give moderators. I'm investing a lot of effort,
| and I'd like to retain some control. IMO creating a
| community is more like starting an open source project on
| Github with a lot of community contributions.
|
| If you take away autonomy and control from moderators, what
| is in it for the moderator? Imagine if github started
| seizing projects wholesale, taking them over and installing
| new maintainers. People would move off the platform.
|
| Some people say that moderators are unpaid employees, but
| IMO that is only to the degree that moderators are required
| to carry out Reddit's agenda and priorities. We don't call
| OS maintainers github employees. I don't mind if Reddit
| benefits from my communities, as long as I can run it the
| way I want. If you take away autonomy and control,
| moderators absolutely _become_ unpaid employees.
|
| If Reddit didn't like my policies and took my subreddits, I
| would take that as a strong signal that Reddit is not the
| place to build my communities. The API debacle, protests,
| and mod removals caused me to decentralize my community
| more. I spam a linktree in my subreddit that links to
| Discord and other resources, exactly to protect against
| community seizeure by Reddit.
|
| I think you touch on some real issues. One is of
| namespacing; folks can sit on valuable portions of the
| namespace and basically extract rent. We have the same
| issues for domains, and haven't solved it there. Some
| places like github semi-solve it by putting repo's in
| organizations, but that shifts the namespace issue to the
| organizational level.
|
| The other problem is second generation moderators. Most
| moderators are terrible at succession planning, and so
| generally chose terrible successors. Many second generation
| moderators don't understand the original decisions that
| shaped the community, and what makes the original community
| successfully. Reddit should do more to encourage succession
| planning, and teach moderators how to do it.
| lisnake wrote:
| On the other hand, many interesting links (IMO) I submit to HN
| also get zero comments
| kleiba wrote:
| Worse, I've had submissions (both links and comments) get
| flagged in the past, and I have no idea why. I suppose they
| must have validated some HN policy, but if I had more
| information about the rationale, I could avoid making the
| same mistake again in the future (all of my submissions where
| that happened were for genuinely interesting contents or 100%
| non-offensive opinion comments).
| zkiihne wrote:
| I used QUERY_ALL_PACKAGES among other things for my app Limit
| Buddy (https://www.limitbuddy.com). It would be impossible to
| make the app without it. But for more normal use cases there's no
| reason to have it.
|
| Apple has a much more robust solution privacy wise with their
| ScreenTime API but it makes an app like Limit Buddy much harder
| to build.
| therealmarv wrote:
| It's a known fact in the rooting community because some banking
| apps searching for root only apps!
|
| If you root (I advice against doing that) and have LSPosed
| installed you can hide apps to be seen by every other app with
| Hide My Applist (HMA) [1] or HMAL (which I like more because it
| is more minimalistic) [2]
|
| [1] https://github.com/Dr-TSNG/Hide-My-Applist
|
| [2] https://github.com/pumPCin/HMAL
| whalesalad wrote:
| android* phone
| HackerThemAll wrote:
| Thank you Google's "top talent" Android devs for this permission
| system full of loopholes.
___________________________________________________________________
(page generated 2025-03-30 23:01 UTC)