Found a new doctor, because anyone that thinks this way I do not trust my heath to.
We never went back to the restaurant in Cupertino where the table QR code tried to force downloading an app that onboarded you into a food delivery service. That restaurant was treating on-site customers as delivery orders with a very short delivery distance. The food wasn't very good, either.
The crazy part is how many teams still treat the web as the demo and the app as the “real” product. For a lot of stuff it's the opposite now.
I know there are edge cases, but most of the time “download our app” just means “please care way more about our product than you currently do.”
That's just my thinking... I try not to install apps most of the time, I don't want them to have access or even the greater chance at breaking security/isolation. On a similar vein, I still can't believe that LinkedIn didn't get permanently banned from Apple and Google stores when they broke security to spy on emails.
Made me realize that for a lot of people who get cheaper phones with less storage installing a new app is actually a pretty big decision.
When I use, say, the Signal app:
- I can audit it, download it or even compile it myself from sources
- Once I have installed it, Signal doesn't get to change it "in my back"
- As a result, I don't need to trust Signal for the end-to-end encryption, which is the whole point of end-to-end encryption.
When I use a webapp, say ProtonMail:
- Every time I load the webapp, it is downloaded from the Proton servers. Even if I once stop to audit it, next time I load it, it may totally be a different codebase (that e.g. adds a backdoor, potentially just for me, and just this one time).
- I need to trust that Proton doesn't inject a backdoor to extract my key, then end-to-end encryption is useless. I could also trust Proton to not read my emails, right?
- If a webapp is served by a CDN, I have to trust that the CDN doesn't tamper with it. Actually Meta has an extension made for verifying that for WhatsApp Web. The extension is a bulky way to make sure that you loaded what Meta wanted you to load (i.e. that Cloudflare did not tamper with it), but it DOES NOT ensure that Meta did not inject a backdoor just for you, just this time.
It only needs to be "an app" if it is using hardware to do it's main job. There is never another reason to make it an app.
But on the other hand, I’d love to pay you $0.99 if it meant I could get an ad free version of your little widget and I’m not sure how to do that easily with web
When Chrome started supporting PWAs you couldn't bookmark the content at all. They seem to have fixed that now.
Most of folks on HN here are much older than todays "first customers" of 16y/17/18
For them: The "Smartphone is the internet", while for most of us the "Smartphone is an extension of the internet from our desktops" that we were used to (remember the years before dot com bubble, saying: "I will be down in the basement at the computer to surf on the net little bit" ? :-)
But today, the very first touchpoint with "the internet" for younger folks is a smartphone display. The even do homework on this small screens!
Companies are seeing this switch, so they adapt.
Personally, a service which is "only an app" will be not used by me as I prefer to have a larger screen with more information (actually I use my mobile phone only when Im in public transport or similar, at home I have a notebook laying around if I need something)
* Reddit won't let you read "unreviewed" content on mobile web (but will on desktop web)
* PayPal won't let you pick your 5% rewards category, or set up balance auto-replenish without their app
* Robinhood Banking won't let you see your credit card statement or pay your balance without their app
* Instagram won't let you share posts as stories without their app
* SeatGeek won't let you attend events without their app (no will call, mailed tickets, print at home, or mobile web)
Before I built the app, people were constantly asking me to build a mobile app. Yes, I had a PWA but people still wanted an app.
I thought it was kind of silly but I eventually built that wrapper app. It immediately got thousands of downloads, users upgrading to paid plans increased by 10x, and app users have way better metrics that website users.
It's pretty interesting, but as a website owner, having an app is valuable.
With responsive design becoming mainstream I'm fine with using my browser for 90% of my internet work. In some cases like Google docs it's painful to use the web version so I just use the app.
EDIT: I wish they'd add a console to mobile web browsers though.
Whether I prefer an app to be web or native is purely based on the use case (I probably would choose native for a dozen use cases and web for the remaining one million use cases), but that's orthogonal to the fact of which one is actually better.
Edit: And to be clear, I'm not referring to cases where the web app is purposefully restricted or injected with dark patterns to drive users to native. Even if you ignore those cases, this pattern still stands in my experience. Though, that doesn't mean there is no indirect quality bias, e.g. more money spent on the native devs than the web devs.
For companies these are all downsides but for me they are all upsides. It really is us vs them when it comes to apps vs browsers. The only reason they offer websites at all is out of fear of losing a big chunk of users.
They didn't grow up with the world wide web. They only started using technology when Android and iPhone was popular. They only know Whatsapp, Youtube, TikTok. They're not used to using the browser.
There's a meme that "Gen Z Kids Don't Understand How File Systems Work" [0]
So, it'll depend on your target audiences.
At the end of the cycle I can barely run the base phone let alone the menagerie of apps the world would like me to run.
I have opted out of app only service such as a Loyalty programs that forced me to transfer point from a partner only if I installed an app on my phone. They have enough info on me from purchase, they don't need more. (I even offer my card to strangers in the grocery cash if they did not have the loyalty card so they would get a discount and I would get a list of products I never buy in my loyalty list. Its a small, willful act of rebellion )
I too love the web, but throughout my career the idea of web-first/web-only has been DOA. There is some level of perceived prestige from having an app.
I've told this story countless times but on multiple occasions I've written cross-platform apps using web technology. Throughout the development process, I have urged or even begged the stakeholders to try out the web-based version on their phone. It's almost identical. You just see the browser chrome in the web version. And yet it's not until I provide native builds that some people will even bother to look at.
I provide web interfaces as part of the package but I could probably skip that and no one would bat an eye (I won't though, it's practically free to do that alongside the native apps and I prefer it).
There are a handful of things you can only do, or only do well, in an app so I do understand that argument. Also, I find some PWA-advocates to clearly not be living in reality: "You can do X in a PWA" - only if you hate yourself and enjoy silly limitations that clients do not and will not understand or care about ("Just make it work, an app can do this!").
Notifications is a big obvious one. Not sure if they've changed it since I last looked into it, but having an app installed was the only way to send a notification to someone for a long time.
I do agree that this seems to be exception rather than the rule - so having both is actually nice IMHO.
The worst offenders are services that literally work fine in mobile Safari but pop a banner saying 'for the best experience download our app' covering half the screen. The web version is already the app, you just painted a door on the wall.
1. Phone storage wasn't paid at an absurdly premium price. Sometimes the option with just higher storage may be $300 more.
2. High speed Internet was available cheaply everywhere.
If I'm in a town in the middle of nowhere. I'm not going to use my expensive data plan (because in the US mobile data is extremely expensive compared to EU) To download a 500Mb app that will take 5 minutes to download because the Internet is slow just to pay for parking
The samsung fold7 in particular is the same thickness/weight as slab phones, but unfolds to become a tablet. Please don't vote if you haven't held one. The compromise is cost, durability (dust, water), some battery life & some camera. Huge gains in productivity and night-to-day difference consuming video and photos. Google Maps FTW.
I can just use the web version instead and skip all that, along with the memory usage (for the most part).
Something that has been happening for a long time on iOS Safari that I only recently realized: pinch to zoom on sites like Reddit, instagram, shopping sites, and many others cause what I’m calling “website seizures.” Where I try to zoom in and half the time the page reloads completely or triggers a reload but ends up throwing an error.
Also the fact that people here would rather have their info stored in the cloud vs local on device is interesting.
Sometimes the mobile app experience is better than the mobile browser for me, though. Examples are Twitter, Spotify, Upwork, Google Keep Notes.
If I'm on my computer I don't even download the apps, I just use the browser. It just feels more convenient.
I haven't thought much about why they all feel good on my laptop browser while some apps offer better experience on mobile.
Edit: It's also why I keep procrastinating on getting into mobile app development. I just generally prefer web experience. With some exceptions as already stated here.
I would much prefer a really well-crafted ios Native App with extensive attention to detail than anything, even a web app made with similar detail (in most cases). And also ios apps are far more likely to receive that level of attention than just about anything else.
You’re confusing cause and effect here.
Companies are pushing apps very hard because it gives them a lot more ability to wield their various revenue enhancing dark patterns.
That kids see apps as the primary option is a corporate success metric, not an organic choice.
Anyway, the premise that “phone screen ==> native app not web app” is rather faulty, is it not?
The OP Blog post is comparing web versions vs applications. Both on the phone. And arguing that browser representation is often better than app functionality. Using desktop vs small screen phone is a different matter.
For years now, often multiple times with the save vendor, I've been installing some vendors software, using it to complete a purchase that I had started in a web interface, then uninstalling the software, all so I could take advantage of ann unrealistically good promotion. I'm not talking about the type of savings that might be in an exceptionally good holiday promotion, that eats into most of, if not all of, the margin in the transaction. I'm talking about the type of promotion that would be used to promote a credit card, banking account, or gambling platform-- the kind of promotion that costs months worth of income from a customer but is worthwhile because the customer will be milked for years to come.
This appears to be more related to modern security features that lock the vendor out of your computer, but lock you out of your phone, shifting which interface gives the vendor the advantage in future transactions.
Google Chrome does seem to catch spam sites that abuse notification permissions to send ads, though, so for a certain category of crapware websites aren't an option.
Then, unfortunately, apps are a better choice for such phones (unless the app itself is just a thin webview wrapper). These days too many websites would fry a budget phone.
Obligatory: The Performance Inequality Gap https://infrequently.org/2025/11/performance-inequality-gap-...
I went to a gas station and they had someone offering to pay customers if they'd install their app. Discount gas for X months. No one seemed interested.
People do want apps for things they do quite often, but that's mostly social media or video games. The hassle of install and account setup simply exceeds the benefit of rarely used apps.
Mapped it out here if curious - https://vectree.io/c/enshittification-how-digital-platforms-...
that used to be true, especially on ios. but web push has existed there for a while now for home screen web apps.
so that explains some of the history... doesn't really excuse today's habit of shipping the web as a second-class client.
Isnt there are similar feature in iOS browser as in Firefox these "desktop notifications" that some webpages request?
This is by design to force you install the app. Most of these days, I just treat it as a signal to neither use the app nor the website.
My take on it is that frequent users perceive apps as desktop launchers/shortcuts.
They don't care about the difference between app and web, per se, but the bookmarking situation in mobile browsers is awful (desktop too, honestly), and an app presents a convenient launcher for the service/site/data they want.
Adding a springboard launcher for a PWA is easy but still apparently more frictional than installing an app.
if you ever end up making one im very very curious about how much market share that would gain
Now you've triggered me lol. At that point I'll ask for a physical menu, and leave if they don't have one. And no, I'm not going to look at my friend's phone. It's ridiculous!
Additionally, apps allow for good offline functionality (for times when you're not near a cell tower), which I feel is important even with ubiquitous internet access in the 1st world.
The solution I feel is to have better sandboxing functionality in mobile Operating Systems.
When it took ages to download the same app to my work iPhone as I was downloading to my normal Android I thought there was something wrong with the iPhone at first, but it was literally spending five times the data to download what seemed to be an identical app.
There's something to be said for downloading a 50MiB app to save yourself from downloading 1MiB every time you pull out the website, but with modern app sizes, things are getting ridiculous.
Not just dust and water but folding screens are plastic with a mohs hardness of 2-3, as opposed to normal phones with glass screens which are a 6-7 hardness. I like having phones that can't be permanently damaged by pressing my fingernail a little hard into it.
Example: https://www.youtube.com/watch?v=8hgg4YEdPak&t=140s
Another example: https://www.youtube.com/watch?v=8uS90jakOuw&t=107s
I also can trivially replace the screen on my regular phone at home, whereas I'd have to get a folding phone professionally repaired for many hundreds of dollars.
But I'll also say some apps don't really need to be apps (like ordering food from one specific store) but I won't complain about having those apps if it is a convenience.
I think it's somewhat misguided, but companies gonna company.
I saw a tweet recently that perfectly encapsulates this: for most people over 30, certain things are "big screen tasks". I use my phone for a lot, but for some things I put the phone down and use my computer instead. I am most comfortable using a large screen and a keyboard for anything that requires writing more than a few words or using any interface for more than a few clicks.
For example, I read your comment on my phone and went to my computer to type this reply.
I personally find the idea of doing homework on my phone horrifying but I suppose kids today are either used to it and comfortable with it, or they've simply never used a computer and don't know what they're missing. Though I'd wager they probably aren't comfortable typing on a keyboard.
Honestly I think Apple perfectly captured it with their "what's a computer?" ad for the iPad. I seem to remember them getting some flak online for it but I think they were right on the money with regards to the younger generations.
I find much of the HN community insightful and interesting, but in terms of consumer feedback (especially in a B2C environment) I wouldn't touch feedback here with a 10-foot pole.
I don't mean that to be an insult, quite the opposite. Most people here are power users. But that is a galaxy away from how the average user interacts with the internet.
There seems to be a disconnect between some developers and the younger folks.
Companies have for ages pushed apps due to more control and data. That’s why younger folk grew up with apps.
The push to apps was absolutely not due to companies responding to consumer sentiment. Yes now it has been ingrained so now there are expectations, but those are due to companies pushing people to apps for years and years
But this may be on purpose by Bank of America.
Wow. I guess it's been a few years since I've used SeatGeek but this is news to me. Stuff like this and MSG's facial scanning regime (I'm sure the venues are all doing it to differing extents) make me not even want to bother with big concerts. Club shows are almost always a better time, anyways.
I think the problem is also that PWAs don't have any discoverability, and no standardization. I did some consulting work for a company that had a PWA. They had a 200-line long react component that was intended to determine what modal to show the user depending on what web browser and OS they were using to instruct them how to install PWA depending on the combination of OS and browser.
This is a lot of friction for the dev, and it's not clear to an average user what a PWA is. But they are familiar with, and for better or worse, trust, the App store. If I didn't know what a PWA and a site said "open menu and click on 'install!'" I'd be very wary of following those instructions!
I think Android and iOS should provide some sort of hook between the app store and PWAs before they really start to catch on.
I think once you've seen the actual possibilities of what e.g. an iOS app can do, when done correctly, everything changes for you.
Facebook seems to be in this game. Constant notifications to install the app, and as well increasingly degraded experience in the web version (both desktop and mobile).
Did you read the article? One of the author's main points is this is a deliberate result by vendors.
- Autoplaying videos on the front page with no pause button. I expect video from CNN, but not a newspaper. That's not what I'm there for.
- The send you many "introductory" emails with no way to unsubscribe.
I mostly gave up on the front page, but it's marginally useful for reading the occasional article linked to from elsewhere.
If I'm paying for your service, you should not be degrading my experience using UX anti-patterns in any way, for any reason.
For example, let's say I'm an airline. I don't want you in the browser, where you're going to have my competitors in the adjacent tabs. I want you in my app, where all you see is my version of the world. (I mean, yes, you can have multiple apps open, too, and switch between them. It's still a bit more friction than moving between tabs. Or maybe that's just my mental model, and young people see apps as just another kind of tab?)
I think I should be able to completely cut it off from the network and/or local storage; prevent it from running even though it is installed; and prevent it from having any personalizing information about me, my movements, my network connectivity status or patterns, my device usage (i.e. screen on versus locked, any proxy like battery state of charge), etc.
I am very reluctant to install apps because I see that the platform is designed for needs and a mindset that is not my own. I do not see it as essential or preferable that an app be able to monetize my usage or really gather any telemetry at all.
As someone who prefers using services via their websites, I’ve gotten terribly jaded lately. Almost everyone wants me, and by extension, you, to use their darn apps to consume content and off their web versions.
Whether it's the obvious social media apps or something as basic as parking, the app is the priority and the site the red-headed stepchild. And they aren't too subtle in the push either. It might be a modal covering half the web version with links to the App Store, an immediate popup after a bit of scrolling, or a header screaming “the app is 10x better,” but it's always there and it's always grating.
Let's not even go into the cases where the app is the only option to access the service. A minor annoyance for ordering food, but a major hassle when it's a public service or utility.
On principle, I like control over what I see and how I see it. Apps are super limited; while in a browser, I can do a lot of very nifty things to improve usability.
A service lacks a dark mode? I can use any number of user scripts. Reddit introduced a gaming section in the sidebar? Two-second fix that I bundled into my extension [1]. Between userscripts, ad-blockers, and custom extensions, I'm basically a god, swaggering through my realm.
This control, or lack thereof, also explains the app maker's adversarial stance towards users. They are often a black hole of dark patterns, and they'd like nothing getting in their way. Apps make it easier for them to push notifications, collect intrusive telemetry, and keep you inside their walled garden. A better user experience is the pitch but securing better user retention is the end goal.
Most apps are just that. Text and media in a never-ending, all-consuming feed or a multi-page form, cleverly disguised by the user interface.
Excluding heavy 3D gaming or utilities that genuinely require deep integration with your phone's hardware (like accessing the LiDAR scanner for AR), what are we actually left with? A thin client whose main job is to fetch data from an API and render it onto native views.
Why do I need to download a 100+ MB app, give it permission to track my location, and let it run background processes just to browse through a restaurant menu, buy a ticket, or scroll through a list of posts? At the end of the day, it is almost always just JSON being parsed and rendered. Yet, companies insist on rebuilding their basic content as native shells just to claim a permanent square of real estate on my home screen.
If a service is going to pull you out of the browser, it should at least offer a polished, native experience. But more often than not, the app you just downloaded is a compromise.
Anyone who endured the iOS-specific shader compilation jank in early Flutter apps [2] knows exactly how grating this can be (this specific bug was fixed 2023ish fwiw). Before they swapped Skia out for the Impeller engine, I had to capture and ship precompiled shaders with my apps just to stop the UI from stuttering the first time an animation ran.
The result is often the uncanny valley of user interfaces. It’s not broken, but it is subtly different, sometimes janky. The scroll velocity doesn't quite match the rest of the OS. The swipe back gesture hesitates for a few milliseconds.
Human brains are remarkably good at detecting when a system's timing is off. This is how the XZ backdoor was caught: an engineer noticed their SSH logins taking a fraction of a second longer than usual. It's not that unique -- my old FPS buddies could tell our server region just by firing a shot and feeling the lag. [3]
These micro interactions matter, because without that final layer of polish, the entire facade of a native experience falls apart. Not every app is like this, obviously, but enough of them are this way that it sours the entire experience.
When that full-screen modal pops up demanding you download the app to read the rest of a thread, users choose the path of least resistance. They download and they move on.
To a PM staring at an analytics dashboard, I'm an acceptable casualty, an inconsequential minority. If degrading the web version successfully funnels 80% of users into the App Store, that PM gets a promotion and a big pay bump. As always, actions follow the incentive. Our demographic is simply too small to factor into their quarterly metrics.
This is the enshittification loop in its full glory, working exactly as intended. A service builds its initial audience on the open web because it's frictionless and indexable. Once the user base is sufficiently locked in, the web version is deliberately hobbled to force everyone into the native app. Once you're inside the app, the walls close in: you are now a captive audience for a feed full of ads that your ad-blocker can no longer touch.
There is no financial incentive to maintain a stellar web experience anymore. The browser, once the great universal platform, is increasingly being reduced to a top-of-funnel marketing channel for the App Store. The depressing part of it is that the numbers prove it works.
[2] https://blog.flutter.dev/whats-new-in-flutter-2-2-fd00c65e2039 Search for "Preview: iOS shader compilation improvements"
for me, this is signal that i wasn't supposed to be visiting that resource in the first place
That's already the norm.
I default to building web applications. Actually getting people to install your special app is in any case a race to the bottom. Some will, most won't. It's onboarding friction. If you can shave a few steps of your onboarding process, the chance that somebody comes out the other end is simply higher.
As a user, I rarely install apps to begin with and frankly the appeal of "native" is limited to well guarded APIs into jealously magical device capabilities that phones have that most applications don't actually need. I know how the sausage is made and there just isn't that much there.
Even native apps that were built with cross-platform frameworks feel a bit "off" sometimes.
So I take this is a security concern. How do you feel about the fact that when you open a webapp in your browser, you re-download that app code every time? That the server can send you a backdoor every single time, made just for you, and nobody else will ever know? And that you can't check the "hash" of the webapp, like you can with an app?
On the other hand, an app is sandboxed, too (on mobile OSes like Android and iOS). When you download it, you can check a hash that you can (if you want to) compare with a friend to see if they got the same app. With an app, there is intermediary (the "app store") that would need to collude with the developers to send a backdoor just for you, and even then you would still have the app binary as proof.
That's always a question I have with "secure" web services: if you use ProtonMail, you trust that Proton doesn't send you a web page that leaks your key. But if you trust Proton for that, what's the point of the end-to-end encryption? When you use the Signal app, the whole idea is that you don't have to trust Signal for the end-to-end encryption, at all.
It's not like an app is getting those without your knowledge, and many times it's useful for an app to have your contacts or location...
i don’t get this take. “Web browser is sandbox by default”. sure, it has to do the rail grind with a rake to access system calls, but in a modern system apps are also sandboxed, especially on a smartphone or when downloaded with a managed app service. the OS gives you the ability to specify permissions, although to what degree depends on your provider. your browser _obviously_ also has the permissions you’re talking about. and now we have introduced yet more vectors in the form of cookies where web _applications_ can track activity _between applications_ with that just kinda being part of the spec, and it totally neuters the protections that the OS gives you because once you configure Firefox to get your location for Open Maps, now you’ve totally given control to your location permissions for _all web apps_ to yet another corporate driven point of failure.
don’t even get me started on the UI mess.
my tinfoil hat theory is that the browser is pushed by mostly bad actors trying to get data, while anyone providing a real user experience has a nice native app.
press F for my reputation.
I just randomly looked at Railway and for $20 a month you get a whole lot. I've hosted many a web project (successful personal projects and enterprise projects alike) and I don't see a large barrier to entry on "hosting a website" here.
Blocking AI scrapers and crawlers is not a huge ordeal. Planning for a unicorn before just putting a product up isn't the way to go.
Then with ChatGPT he had to enshittify his website with all these cloudflare capture stuff, making the site leeesssssssss fun to use; when complaining he mailed me that AI scrapers are slashing his servers
On the other hand, I've noticed lots of people use voice on their phone instead of a keyboard.
Many friends of mine send occasional nonsense in the middle of a text message, and it becomes obvious they're using voice to text.
As a young kid, why would I laboriously type a homework paper when I could dictate it from the couch or some other better location than a desk?
My wife is the opposite. It doesn't occur to her that the problem may be with the janky website, not with her. She'll ask me for help with a thing out of frustration and my first troubleshooting step is to reach for my laptop. This is almost inevitably followed by "hey, wait, how come you're able to press the Submit button but I wasn't able to?" "Because the dev never tested this on a phone and it's broken." "So it's not just me being incompetent to use this website?" "Nope, never was."
Thanks for the honor! :)
Sometimes I even copy links from here and send them by mail to myself so I can reply later - maybe Im getting tooo old? :-D (on the iPhone I would store it in a simple textnote)
In my experience, apps can figure out a lot more about the user, than a Web site.
I just reported a game to Apple, that, after the app has been resident for 24 hours, pops up an unescapable modal to sign into their Web site. I am sure the 24-hour delay, is so they don't get caught by the App Store folks. I suspect that what happens, during this "daily checkin," is that the app sends a bunch of encrypted data that it got from your device, to the servers in China.
Basically, they can learn more about you from the app, than from the Web site.
I generally avoid apps, where the Web site will do. I won't install banking apps, at all.
It's infuriating. I have literally tried all of their paid products in various forms (they are expensive but the value is clearly there if you're a business). If only they invested as much in making them actually good as they did in preventing you from using extensions or other tools to implement the features they can't or won't, I'm sure they'd get a lot more business.
Why would someone try to force me off of my browser (that has ad-blocking and tracker-blocking mitigations) and on to a locked-down app that may want permission to run in the background, display notifications, access my files or camera, etc?
Maybe it really is to "improve my experience"... yeah, right.
There are several sites I use regularly for which I refuse to install the app. There are a lot more sites that I visit only occasionally because someone links to it, and that site immediately wants me to download the app and refuses to show me the content that was linked to. Fuck off with that.
I also think app development requirements are too high. Just to compile your app and run the build process you need a very high end computer. I could never do it with my modest laptop and therefore gravitated towards web programming and more backend work. Thankfully I avoided all the pain of building apps and getting them approved by store owners. But I do have respect for people who have to deal with this bs.
It may sound too opinionated and may hurt some feeling but I don't like android at all. I think it sucks. But I have little choice. So I grin and bear.
The worst kind is French banking apps or IBKR app: many features are native, but then because of some weird tech debt or incompetent tech leadership, they'll sometimes show you web pages in a shitty, slow, completely different UI-wise built-in WebView for mundane tasks like downloading a PDF statement.
I assume the reason they are pushing me to the app is that it benefits them not me (longer dwell times, maybe easier tracking for behavior/ads), and that is precisely why I want to stay in the browser. Covering up a good portion of the article and preventing me from scrolling until I click the tiny link to decline is hostile and is the only thing degrading the experience on the website for most articles I read.
There is no "backdoor" when the browser is sandboxed. "backdoor" is a specific thing, I think you need to read up on it before you keep using it incorrectly:
https://en.wikipedia.org/wiki/Backdoor_(computing)
>On the other hand, an app is sandboxed, too (on mobile OSes like Android and iOS). When you download it, you can check a hash that you can (if you want to) compare with a friend to see if they got the same app.
That isn't what "sandboxed" means, it has nothing to do with checking hashes. And no, mobile apps are not really sandboxed, they have full access to your mobile device once you install it and give it access - and let's be real, most people are just going to blindly click "allow" for anything the app requests after installing an app.
>With an app, there is intermediary (the "app store") that would need to collude with the developers to send a backdoor just for you, and even then you would still have the app binary as proof.
You keep referring to "backdoor", and I don't think you really know what that means.
>That's always a question I have with "secure" web services: if you use ProtonMail, you trust that Proton doesn't send you a web page that leaks your key. But if you trust Proton for that, what's the point of the end-to-end encryption? When you use the Signal app, the whole idea is that you don't have to trust Signal for the end-to-end encryption, at all.
That isn't how any of this works. The main value proposition of Signal is that we do trust its end-to-end encryption. Protonmail sending a "web page" that "leaks your key"? WTF?
Nobody wanted to share their location with these data brokers, but thanks to underfunded privacy watchdogs, you have no idea what happens to any app that you give any kind of permission.
I think they're counting on these popups wearing people out.
After GDPR made these incessant annoying cookie popups mandatory, I just robotically click any button to dismiss it as fast as possible. Some website could probably write "Give root access" in that box and I'd probably click it without thinking.
Seriously though, I appreciate this perspective. While I prefer using a browser whenever possible, I'm well aware of modern fingerprinting techniques. But I didn't know about permission "sharing" between apps in the same browser. Thanks!
Privacy and security have always been a game of cat and mouse. Doesn't seem like that's going to change anytime soon.
If you have content they want, then it is a huge ordeal. You can pay some one like CloudFlare to take care of it for you, but if you can't or won't make a deal with those types of companies, it's going to take up a significant chunk of your time.
For college aged kids, most people are definitely not doing their homework on their phone. Many are still using paper and pencil. The one person I know who did do their homework on their phone tried to evangelize it to their friends and got ridiculed for it.
-------------------
Hardware/software companies have, historically, targeted power users because regular users listen to them. The companies producing these apps do so because they can benefit from exploiting the data of regular users, but risk little blowback from power users if they keep their web versions up to date and in good shape.
That doesn't mean power users should ignore the presence of these apps however. We should be telling regular users to avoid them for their own safety. We should also be worried that, if we stay quiet and let regular users flock to apps, the motivation to maintain web access will be eroded. When all power users vanish into a single percentage point and a platform achieves total dominance over the alternatives, companies might well choose to focus on only apps.
Exactly! Esp if you just move away "one tile" from tech/IT or business-power-users, most people are more or less clueless what they are doing/have to do with a computer.
Yes, we are in a bubble here - as with every niche/special interest topic: It would be same for me if I would join a "car tuning event" or similar - Im just a car user, and I do not know of all these details and nuts & bolts
As an actual power user, I take exception to this comment.
Most people here are NOT power users. I've lost count of how many arguments I've seen for example where someone Just Can't Believe anyone would have a good reason to have more than 5-10 browser tabs open at a time. Meanwhile I've got a list of thousands and growing.
Or look at the dogged adherence to Windows even to this day after decades of Microsoft abuse, and long spiels about the difficulty and complexity of the Linux command line. Especially when it comes to systemd for example, where one of the most common complaints against sysv is "eww, shell scripts? yuck!"
I don't call these people power users, or recognize them as peers in the realm of technology. The difference between them and me is like the difference between them and the commoner who knows nothing at all about tech.
Maybe we need a geek ranking system or something.
I read a UI book in the early 2000s that cited research showing that most users didn't understand filesystems. They would seem to, but then the idea that the same filename in two places was two unrelated files would just lead to a mental block. Those who got it, didn't find it hard. It's just that some people can't get it.
The disconnect is not between some developers, and the younger folks. It is between some developers, and most of the world.
I think that the software industry, especially operating systems, have completely failed to provide a balanced product between the overly bloated and messed up (Windows), the overly complicated (Linux) and the overly simplified (Android/iOS).
Maybe some Linux distros are now at the right spot, I was positively surprised by PopOS to give an example, but it's too late. With AI this is only going to get worse.
Some insiders know about this disconnect and fewer still can bridge it easily.
Those that cannot even sense this disconnect, they're a bit of a pain in certain situations. You know, like talking to project stakeholders or customers.
I am very frugal (to save money on webcam, in online classes, I had droidcam /wo-mic setup with one of my parents old phones that were so old that online classes couldn't work or were just too slow) but spending money on a decent personal computer is genuinely one of the best investments personally.
One thing my cousins did which I am sorta grateful in retrospect is they didn't buy me a gpu so my computer was really nice/smooth in everything but gaming, I still ran some games like portal series , inscryption and many other games like valorant and it was playing valorant when I started realizing its chinese company roots and kernel level access meaning that there was no proper way to guarantee to have piece of mind unless I reinstall it
So I felt like if I was reinstalling, I was watching some the linux experiments video anyway and was fascinated by linux, so I just decided to choose myself to use nobara-linux for the first time which was another one of the best decisions that I made as it opened me up to the terminal.
It used to frustrate me that people didn't care about their own privacy, because I genuinely didn't want evil people to hurt them. But, it's even more angering that people don't have the common decency to consider whether their friends and family would want them sharing their phone numbers, email addresses, photos of them, etc.
That said only on some platforms is it possible to stop a native app from getting them.
I'm not sure if it is intentional to push you to the mobile app, but I have to imagine the mobile app doesn't have all these issues.
What kind of sad, self-loathing software developer sits down and says "OK boss, whatever you say, boss, gonna go make it bad now..." I mean, I know to a lot of people, it's just a 9-5 and you do what your boss says, and "pride in your work" is not really a thing anymore, but come on. Who gets even a shred of satisfaction doing this?
I think a better explanation is just incompetence.
I don't think so. A majority don't want to. But they are forced by geeks/nerds. Geeks/nerds often show off especially in family/friends parties with older/common folk - telling - I can do this/that. Then average CEO or parent is forced to get a smartphone.
Next the geek/nerd - has no time to maintain the computer/laptop of the parent. Or loses patience explaining updates/double-click/avoid scammer installing software. Then - boom - geek son/daughter - if smart gets a decent pixel/iphone - otherwise gets a shitty Android device - installs everything there. Moves on.
And finally remember it is the young same geek/nerd that will eventually do programming for FAANG/palantir etc. which forces people to install apps, degrade privacy, worsen webapp/websites - all for money.
Or the people who absolutely refuse to give up Chrome, despite the whole adblock situation. "But I don't like the way Firefox tabs look!"
I've frequently saved on OneDrive instead of locally, by accident, and then been perplexed when I try to reopen the file later.
And I've been using filesystems for 35+ years, so I feel sympathy for those who don't understand the abstraction. At this point Android is more transparent about its files.
Because in the analog world, each "document has usually a single/unique headline" and file names are often perceived as some type of unique identifier as well, Id guess?
> It is between some developers, and most of the world.
sigh
If you're using a flip phone in this day and age, then it's not about the money.
It's natural that people who enjoy programming and hacking and related fields are very comfortable with such abstract types of thought. But I really think that isn't all that common amongst most people. I think the average person has to learn such thinking abilities with difficulty (though they can). I'm sure many people here got into programming precisely because abstract thinking came easily to them.
> the idea that the same filename in two places was two unrelated files would just lead to a mental block.
Which is actually why the "files and folders" metaphor is apt. In a filing cabinet in a school office (once upon a time) there were likely hundreds of documents labeled "Report Card" in many different folders, each labeled with a different name.
Internet to my parents and other old folks is YouTube and WhatsApp
That's becoming dangerously true of my wife and I as well, to be honest.
The friction is just so much lower than Google Drive or whatever. As long as I handle it right away. It's just finding something from more than an hour ago that's intolerable.
Great sentence! I will apply this to my kids as well, I guess.
I always tell them already: "In the future, you can game as much as you want, IF you learn a good programming language [which will be defined by me]" - let me see how this will work out in 1-2 years :-D
https://qz.com/333313/milliions-of-facebook-users-have-no-id...
then they asked me to square while reverse printing or something too. so printing 100 81 64 .. 1 each in new line.
> let me see how this will work out in 1-2 years :-D
Keep me updated haha! To be honest, I will admit though that I am not the greatest within coding itself right now as much as I love tinkering with open source. Personally I am wishing to learn coding with better interest when I get into college, I will have 4 years to learn peacefully (well hopefully if I get into decent college ie) :D
For me the challenge after using Linux was that I wanted to use archlinux because my brother (not cousin, real), flexed me his iirc distrotube archlinux once when we were eating something and I thus always considered arch to be the final boss of Linux lol and so I decided to install it and then I fell in love with arch (currently on cachy on desktop, but right now on mac which my brother gifted me :D)
On my birthday iirc once long time ago I think in 5-6th not sure, my brother gave me his laptop, I wanted to do python but python wanted admin password on windows to install properly. So what I did was I dont even remember how, but download one operating system which could then crack the windows password so that I can set new and I used that to then set a new password to then install python. to then only print hello world :D (I think only because one of the cousins I really admire mentioned that he made 2k loc of python once and I thought during that time, python is the endgame). We are talking about windows 7 but I think that windows 10 security must've gotten better. So these are some things that I have done, I wouldn't call it coding as much as tinkering but I love doing these things from as long as I can remember :D
I think this all started because I tried pirating pokemon-yellow so that I can play it. My brother just said to me google it, or told me the word rom and asked me to figure it out and I was in 2nd or 3rd grade maybe 4th grade lol and I pirated it (Hope nintendo doesn't sue me now xD)
Sorry for making this long but your comment somehow made me remember somethings that I had forgot/weren't touched in a long time xD! I think the main takeaway is that I just treated all of these as challenges I guess, like I wanted to prove myself that I can do that or if a thing is possible/not. I haven't done too much coding myself so I just say that I am tinkerer :D
I hope that this can be helpful to you to teach your kids what you mention. I mean make it a challenge where if they fail, they don't feel pressure but they also feel competitive just enough to try their best as much as they can :D and I think in some sense personally I just wanted some respect/to impress my elder cousins/brothers as they were really elder/mature than me. It's also not been all good though if you are too young than most of your cousins.
The thing is, I don't have any measurable advice, a lot of what I have done till now is just unquantified. Coding on the other hand is quantifiable in some sense (it works or it doesn't). I just do things because I wanted to, and I think I still do that same way. Sometimes I wish if the things that I want are something measurable but my mind doesn't work that way.
The thing is, which depresses me sometimes, is that I am just a number at the end of the day to many if not all whether including in future job/business etc., nobody to whom I interview when I wish to get a job from sometime from now is going to read a lot of this and with AI and some genuine problems in the industry like too many people, this problem gets even larger, sigh. So in that sense I just want to be happy sometimes.
Sorry for the long comment once again and the depressing end, but I recommend watching some cat videos though and I wish you and your kids to have a nice day! :D Say hi to them from my side!!
Just look at how most people do a search, for instance. These days for me it often involves 20-30 tabs, or even more, due to the horrific state of internet search. Many results have to be explored, many links from those results also explored, more searches done to narrow in on the precise keyword needed to bring up some hopefully good results, etc. And I can't close all that until the answer is found, as I may need to backtrack, so they just pile up. It's really quite ridiculous how much work it takes to find a good answer these days.
Compare with the typical person who just does one search with some suboptimal keywords then clicks on the first link, or starts dutifully absorbing the AI-generated garbage. Orders of magnitude difference.
I have dozens of projects I'm actively working on just for my Linux distro. Dozens of tabs open for things like X11 window management, for instance, or some info on C++ modules for another project. Lots of tabs open for a hardware project. All kinds of balls are up in the air here. Why put any of this stuff in bookmarks which is a waste of time and energy to manage, when I can just leave it in the tab list, organized in multiple windows spread across different desktops? (I have 64 desktops on my 55" plasma display.)
(lol @ the other guy's reply. That didn't age well.)
Counter here: When I wanted to switch from TurboPascal during school (14y/15y) to C++ (because it was "more cool" and that was the tool that the 'big boy' game-dev-pros were, we thought), it was so damn hard for me - really! I was struggling so massivly, I head massive problems with this pointer stuff - it took me years to fully understand it.
And I was hell-bad at math in school (or maybe just too lazy), the only thing to which I a relation was all this geometric stuff (because this was needed for .. game dev! :-D )
It's a starting point, but I certainly wouldn't say it's the best metaphor that there could be. The idea of subfolders just doesn't make sense in a filing cabinet analogy, because you have to consider paper size - any folder which could fit into another folder is not going to be able to contain your regularly sized documents.
That said, I can't think of a better metaphor.
(1) or referencing them from the same directory, which was the earlier metaphor.
He showed me his WhatsApp: People are sending _ALL_ type of critical documents by WhatsApp to him. Everything. (and bank statements are among the class of "less critical" documents in his case)
My theory here is: "If you have any function in your product, people will use it for anything appropriate to them in a given minute"
Are there other platforms that can't even manage this basic level of user protection?
The website can be objectively bad, but still better than the app experience.
The kicker is that the text is so small and to make the site usable (and readable) you need to rotate your phone to landscape mode.
This works well enough that I haven't downloaded the reddit mobile app or used their mobile site ever since they killed Apollo.
it groups sessions, not just tabs, so i can (for example) have all my banking websites together as a session that i can open and close as a window of tabs. the convenience is it organizes the sessions as named things that i can manage in a UI. transfer tabs from one session to another, close tabs, check tabs that have been closed in that session, etc.
if you know of any tools like this or an easy way to manage it independently without a 3rd party browser extension, I would be interested. Sounds like maybe you are doing something similar but at the desktop level, creating a new desktop to pick up and put down? are they savable and transferable between devices? I like to close everything down at night to run some games with friends, and am going to be building a new comp soon and for various reasons starting fresh with software and importing things as i need them rather than flashing my current setup forward to the new hardware
It looks like you're either showing off your own ignorance of tools that enable workflows you can't imagine, or you're assuming that everyone's organization methods must resemble your own habits.
What some people struggle with is recursive hierarchy where each step doesn't change the kind of container. I guess they never saw a Matryoshka doll when they were little.
Sure it does. The document is located in Building C, Sub-basement 2, Room 123, cabinet 415, folder labeled "Accounts". And a physical folder can certainly contain other folders. Nit-picking the analogy wastes everyone's time.
The ability to deny permissions without the app noticing or filling it with fake data doesn't exist on either system.
Sending it via WhatsApp (which also has desktop clients, btw) strikes me as a perfectly reasonable solution. (Which is somewhat of an indictment of the current state of cryptographic software, but that's a different topic.)
there are surprisingly many of them for pretty much every social media website.
I used to care a lot about app designs feeling "native" but when I actually took inventory of the apps I use, I came to the conclusion that all app developers (including Apple and Google themselves) will force their own designs and theming into every app. The only exception seems to be coming from a bunch of open-source apps that don't have branding concerns to worry about.
With the realisation that most apps look and navigate must as bad as their website equivalent, I found it much easier to use web apps.
That has to be one of the worst features ever added to a language.