[mpalmer]

I don't think they're advocating that any random page you happen to land on has the capability or permissions of an app. I think they're saying that the web app experience should be more aligned and integrated with the native app experience, including installation and granting of permissions.

[mtomweb]

Privacy is worse on native, and we shouldn’t copy that.

If others read the section on Bluetooth it outlines how poor native protections are.

Full integration of web app settings into the OS is essential for users to be able to control their privacy.

[the_other]

> Privacy is worse on native, and we shouldn’t copy that.

When I create a document locally, or copy a photo from my camera to my computer, I'm responsible for how far it leaks, and it's fairly easy to manage and understand.

When I create similar data in a web app, I have no control over what happens to it.

How is "privacy worse on native"?

[easrng]

You're comparing apples to oranges. Trusted local software and trusted web software aren't the issue. The issue is untrusted software. If you run untrusted native software on a (either non-mobile or non-updated) system, it can usually read and potentially exfiltrate all your files. On the other hand, an untrusted web pages can only access and exfiltrate the files you choose to let them access.

[the_other]

I understand. Thanks.

I think the key here is "trusted". That's the bit that needs work. Vendors need to work on their trust; our industry needs to work on its architectures and business models.