[Fischgericht]

How would suddenly disallowing users to run a PWA that worked for years improve platform security? How would having Spotify be able to use their own subscription system compromise platform security?

Being able to install software without needing an OK from the hardware manufacturer has been standard for over 40 years now. People do it on Windows PCs, on Linux PCs, on MacBooks and on Android phones, and that very clearly has not caused the extinction of the dinosaurs yet :)

The document Apple has published to me reads like it's written by a 5 year old that just was served too many sweets shortly before bed time.

IMHO this is about revenge, not about platform security.

[interpol_p]

They are not allowed to give their browser an advantage under the DMA. If you take a look at BrowserEngineKit and BrowserKit there is a significant API surface area they offer for third-party browser engines. They must have been building this for some time. It's really detailed, down to allowing developers to implement their own JIT! [1] they have custom UI components replacing their standard scroll views with ones that better support nested scrollable DOM elements. It's a staggering amount of engineering effort

I can totally believe that there is not enough time to re-think and re-architect how to implement push notifications, local storage and whatever other perks PWAs get for non-Safari third-party browser engines running as "apps." They may have lots of money and engineers, but throwing more of them at this problem is not going to build a well designed, thoroughly tested, and secure implementation any faster

[1]: https://developer.apple.com/documentation/browserenginekit/p...

[Fischgericht]

I am not even sure that the EU has mandated that PWAs must be able to run in other browsers. Did you see any such regulation?

From what I understand, the regulation is about allowing users to install third-party apps including browser and of course PWAs. I doubt they mandate what browser engine the app uses, that's the apps business only.

[interpol_p]

I think the DMA mandates that Apple not give Safari advantages over other browsers. Being able to run PWAs seems like it could be considered an advantage? Not sure though

[thimp]

It's pretty obvious. They're not disallowing it. They are removing the integration with the home screen so that it will run in third party browsers. That limits it to the smallest common API surface which is "open link". Everything else was a luxury.

I don't think you work in IT if you haven't had an infested windows, android or macOS box before. Hell I just spent the other day cleaning my father's Mac out of two VPN turds fighting with each other he installed after watching crap on YouTube. My daughter's windows machine got destroyed by unsigned crap from a Sims mod. You just don't get that on iOS apart from the odd calendar subscription turd.

As for spotify, they use their own subscription system, not the app store.

[Fischgericht]

Not my intention to brag about it, but I run an R&D company and have invented and patents on quite a lot of network technologies :)

The only time in my life where I had an infected devices was in the year 1993 - a boot sector virus on a floppy disk I got from someone.

Luckily my wife is a nerd, too, by sister is trained and has not yet fallen for any of the social engineering tricks before. So no, I do not have to deal with other people's infected boxes either.

[thimp]

I envy you :)

[Fischgericht]

Well, on the other hand it implies that most of my family is dead and buried already, and therefore would have a hard time annoying me with their IT problems.

If that's a good deal is a matter of perspective ;)

[thimp]

A very good point.