[jsgo]

As someone who is both, there are times where you'd like to create a quick web application to do a task that is either very specific to one's needs or only needed for a brief period of time rather than going wholesale application development.

In this particular user's case, they just need some API features accessible to web and they'd be golden. As a user, if I have the ability to approve and later revoke the permissions (in the event WebAppX is a bit malicious in its permissions usage), I'm game. That's value added.

[saagarjha]

> they just need some API features accessible to web and they'd be golden

But now you have every single website asking for permission to use the microphone and camera and accelerometer or battery sensor. Every time some sort of device hardware is exposed to web applications, it needs to be rolled back in some way or the other because someone's found a way to use for fingerprinting.

[danShumway]

> Every time some sort of device hardware is exposed to web applications, it needs to be rolled back in some way or the other because someone's found a way to use for fingerprinting.

This is odd to me. Do you think it's harder for a native app to fingerprint you? At least on the web I can block specific domains or scripting in general.

A native app will always be a net loss for privacy and sandboxing.

[saagarjha]

No, of course it's a lot easier for a native app can fingerprint you. The difference is that with native apps, I can trust that someone has already looked at this app to ensure that it's not doing anything malicious. Plus, I, myself, have to install the app, which shows that I put my trust in it.

[danShumway]

I used to have this perspective, but recently I've started to find it problematic.

Curation, while effective, is always a monkey patch on top of security. Ideally, I want to sandbox code. I don't want to have to trust it. I think it's unnecessarily limiting to assume that users should only ever run code that they trust.

In fact even native apps already try to do some sandboxing through a permission model. It's just that their permission model is less effective than the web, gives users less control, and leaks more information.

I'm also not sure that this matches my real world experience. I might use Facebook messenger or Twitter on my phone's browser. Installing something like Matrix makes me feel even better about that. I would never install their native app.

In theory I trust apps more than websites, but in practice I find that I usually view the app store with just as much suspicion as I do a random website.