[simonh]

I'm not sure who you're quoting with those quote marks. It's not Apple though, because I don't believe they ever said any such thing.

The reason Apple has always given is security. This is the reason they gave for not allowing third party access to the JIT version of the javascript engine. Their critics at the time claimed this was really because they didn't want other browsers competing with Safari, and they'd never let anyone have it because of that. Then when Apple developed the XPC framework allowing secure remote execution, they opened up the JIT engine to third party browsers in a secure way.

So far Apple's actual behaviour has been completely consistent with their stated reasons, which are not the reasons you are 'quoting' from somewhere, and in several respect contrary to the predictions of their critics. Isn't it possible that they are being honest about their motives?

But on the other hand, yes, the Mac App Store is a broken mess. Right now it's part of the problem with app distribution on the desktop, not part of the solution.

[pcwalton]

> The reason Apple has always given is security. This is the reason they gave for not allowing third party access to the JIT version of the javascript engine.

This doesn't make sense. You could disable the JIT, compile WebKit to native code, and ship it on iOS without the app requiring any more technical permissions. Apple just doesn't want you to do that for business reasons.

If you want to maintain that it's a security measure, there should be a specific attack concept you can describe that preventing alternative browser engines (suitably modified to work with W^X) stops.

[simonh]

Your comment doesn't make sense. You've always been able to embed the renderer with non-JIT JavaScript. Now you can build an app with full JIT embedded, so saying they don't want you to for business reasons is obviously false. They do let you do it.

The attack vector they're concerned about is to do with the JIT exposing access to shared memory. As for alternate engines, any such engine would need to include a JavaScript engine, which immediately opens up vectors for attack. That's why the ability to download and execute code is restricted. now, thanks to a robust and secure cross process communications framework, many restrictions that were supposedly 'for business reasons' have been lifted.

[pcwalton]

> Your comment doesn't make sense. You've always been able to embed the renderer with non-JIT JavaScript.

Apple's renderer. Not your own custom one.

> The attack vector they're concerned about is to do with the JIT exposing access to shared memory.

I don't know what "exposing access to shared memory" means. All applications that download data place potentially-hostile data into memory.

> As for alternate engines, any such engine would need to include a JavaScript engine, which immediately opens up vectors for attack.

Such as? Describe a specific attack that is prevented by forbidding interpreters of remote content.

> That's why the ability to download and execute code is restricted.

Downloading and interpreting code is something that even a PDF viewer does. Why is that not restricted?

> now, thanks to a robust and secure cross process communications framework, many restrictions that were supposedly 'for business reasons' have been lifted.

But not the restriction on alternate Web engines.

[hapless]

You're free to do exactly that. Nothing stops you from publishing a web browser that renders static HTML. But the only way to include a JS interpreter is to use the Apple-provided WebKit.

Language interpreters are forbidden to download any code from the internet, so you cannot use JS found on a web page in your own interpreter.

[pcwalton]

> Nothing stops you from publishing a web browser that renders static HTML.

That would not remotely be a practical Web browser in 2015.

> Language interpreters are forbidden to download any code from the internet, so you cannot use JS found on a web page in your own interpreter.

Which is a business decision.

I don't understand why this is controversial; it's well-established that many of the iOS restrictions are business-related. Note that I'm not even arguing here that those business-related restrictions are a bad thing.