After all the intense backlash they faced, they made it a 'limited' webview feature rather that dropping it entirely. Now that it's away from a standardization body, what's to prevent it from being developed unimpeded by public opposition? What's to stop them from expanding it to browsers once the 'feature' is ready? After all, this is exactly the pattern we saw with FLoC, 'privacy' sandbox and the Topics API.
It will come back again and again, and each time there will be less public outcry. It'll end up being normalized and eventually accepted. General purpose computers give the unwashed masses too much power.
And after that's normalized, then Google will enhance your user experience by bringing "Android Webview security" to Chrome on android, you know, it makes you really secure, it's really to help you keep safe.
A few years down the road, a surprising amount of companies insist you can only use their product on those secure smartphone browsers because of it's enhanced security, so Google helps you out by adding a special "Android Secure Mode" to desktop Chrome.
Web sites want you to visit them, they have no reason to barrier you. Some sites I use still have http and if a site wanted you to visit it in a specific way they'd use an app. If the model is to make web sites less accessible for profit it would need a compelling reason to visit it in spite of the barriers. It will never happen.
Nothing unreasonable or unsubstantiated. This is exactly what happened with app geolocking, privacy sandbox/topics, SafetyNet/Play Integrity API, etc. All of these are supposed to improve security and privacy and yet none of them are under the control of the user. Clearly implying that the user is the biggest security/privacy threat to them.
Which sites require those? How would that allow them to make more profit?
I literally said if they want people to visit anywhere they use a site and if not they lock down the experience with an app, and you said they lock down apps as 'proof' that they'd lock down web sites because somehow they are equal. Apps have never been about freedom. Starbucks doesn't want user choice and privacy when they ask you to download their app.
And I'm yet to see what business model it would work for. I'm going with 'none'.
> Which sites require those? How would that allow them to make more profit?
Practically every banking site (or more importantly banking apps). And a lot of weird cases like bus/train timings app, mobile operator apps, etc. You don't see that a lot with websites yet because the web isn't so severely constrained as mobile apps are. But the moment they appear, it will go the other way. One good example of this is AMP - which thankfully fizzled out for other reasons.
> And I'm yet to see what business model it would work for. I'm going with 'none'.
You can go with whatever you feel like. But the real world experience corroborates what the other commenter said. And one good reason for this is the corporate security culture. 'Our app isn't secure if it doesn't use the PIntegrity' type of argument. They'll all fall for it even if it's detrimental to their users.
Making a website less accessible doesn't make any sense. You've given an example of apps like before and you've yet to substantiate any points you made, maybe bank logins have a reason to be secure but that forum you go to doesn't, and wouldn't do this.
If they wanted to make it less accessible they could easily do that by forcing you to use newer browser versions which some boilerplate sites with frameworks do, from lack of expertise. No "safety" required. I'm not going off feeling, I'm going off facts. It will NEVER happen.
Publishers, already pushing back against ad blockers and now suing because their sites were scraped and incorporated into LLM weights, would love to have clients "attest" to the "humanity" of the user and "integrity" (read: no ad blockers) of the browser. It's not hard to imagine that, if given access to the feature, they'd jump on it as soon as it ways feasible and make the user experience for non-attesting browsers progressively worse to force the change.
Your point is that struggling publishers will stay relevant, gain subscribers and afloat/make more money by implementing ad blockers, worst user experience and safety checks to make their sites less accessible. I'm sure it'll happen any day now.
Absolutely, yes. They will be empowered by tools they don't yet have to make it feasible to slowly "boil the frog". Remote attestation is just such a tool.
The frogs already moved onto 4chan, twitter, TikTok, reddit, or YouTube for news. Even here at HN everyone uses archive. Publishers are dead. Nobody checks fox/cnn for the latest breaking news or needs to hear some anchor/journalist tell them what their handlers told them to say.