Posted by gniting 5 days ago
Google refuses to patch this. I wonder what would happen if you submit it to the Android VDP as a permission bypass.
There’s also this SO question by the author about the bypass: https://stackoverflow.com/q/79527331
At that point, Android prompting if random game you just downloaded should be your defaut launcher seems pretty dangerous interaction for sneaky apps to risk. They either cause the user to bounce and report or the fools select it as default launcher, replace their launcher, can't provide the launcher functionality and break the user's home screen and end up getting reported in Play Store. I also assume actually getting published as a launcher-class app at that point brings automated testsuites and other requirements that will be burdensome for developers.
That's why projects like XPL-Extended (and previously XPrivacyLua), are an absolute need. I never run an android phone without these.
I think, for the tech-savvy, the latter is more accurate and I think it is very important to be able to crack open these sandboxes and tinker with processes. Be it to inject ad blockers, automate them, modify their appearance, etc. It should be a right of a user to be able to do these things.
Malicious apps sneak through the vetting process all the time.
Genuine, honest apps have to process unsafe content (be it we pages, messages) all the time.
One exploit should at most make single App vulnerable, not expose everything I have on my phone.
Strong, restrictive sandboxing, memory and execution protections are the only safe way.
And how is destroying the sandboxing related to having more rights as a consumer? You could still patch and repack them in the way Lucky Patcher does with ads, for example?
Anyone tech-savvy that wants to mod their Android (like they'd mod Linux distros), should consider purchasing Android devices (like Pixel) that support ownership transfer (that is, unlocking then relocking the bootloader), and flash CalyxOS/GrapheneOS usereng/eng builds.
For a few months all the UK banks I have accounts in send the list of all apps to the mothership.
I noticed it first when suddenly Revolut refused to start up because I had an app installed, Natwest and Nationwide at least inform prior to the data collection, but weren't concerned.
It ended up with the long overdue confinement of all the banking apps in their dedicated profile, but I'd love to be able to confine them further.
This is disgusting and the reason I don't use iOS. The utter lack of firewall! (plus the batterygate scandal)
not recommended to run insular anymore. use Shelter for a14
Granted, I'm not suggesting that everyone should root their phones, in fact in recent years I even stopped suggesting it to my tech-savvy friends (that is unless they approach me for advice).
I don't need to lecture about these things but all those who've rooted their phones know the huge advantages—power and control one has over one's phone is enormous.
For example, some apps contain so many trackers that normally you'd never use them except they're the only apps suitable for one's purpose. Rooting allows you the user to take control and have them do what you want and not that of the developer.
Yes, rooting has its risks but for my purposes its benefits far outweigh them.
With absolute security, you can rest assured that only Google has access to all of your data, and only Google is allowed to turn off the siphoning.
> The term [rooting] generally also includes the functionality for making runtime code patches (eg. with Zygisk) and making runtime filesystem modifications (eg. Magisk modules).
> Out of the many root-enabled apps I've studied or reverse engineered, the vast majority fail to handle arbitrary inputs properly (especially filenames). For example, some root-supporting file managers turn a seemingly benign action like listing a directory into local privilege escalation. This is trivially exploitable, especially with browsers auto-downloading files with server-provided filenames to /sdcard/Download/.
To avoid repeated root access UI prompts, some apps spawn a long-running shell session, write commands to stdin, and rely on parsing stdout and searching for the shell prompt to determine when commands complete. This approach is prone to desync, which can lead to commands being skipped or other inputs being interpreted as commands.
All in all, I simply do not trust most root-enabled apps to not leave a gaping security hole, so I avoid them entirely. There are apps that do handle root access in what I would consider a more proper way, by spawning a daemon as root and then talking to the daemon over a well defined binary protocol. Unfortunately, this approach is the extreme minority.
Hopefully GrapheneOS deliver on their promise to provide a better backup solutions than seedvault.
> these are user, platform, and developer (implicitly representing stakeholders such as content producers and service providers). Any one party can veto the action.
How is this not anti-user? It explicitly states that the app developer should be able to veto my decisions...
I can see how such a setup is hostile to power users, but then Android is used by 50% of all humanity, and your guess is as good as mine as to just how many want "sudo make me a sandwich" level of control.
> Google refuses to patch this
While I don't believe Google engineers are not aware of this widely used loophole, do you have any source that they refused to fix it?
Do you need someone from Google to explicitly write an official note, notarized, indicating they are refusing to fix it?
Google addressed similar isolation concerns (without breaking a tonne of APIs in incompatible ways) with Private Space and Work Profile: https://source.android.com/docs/security/features/private-sp...
I also think that private space do not fix the underlying issue. If you have four apps and you don't want them to know about each other you can put one of them in main profile, work profile, app locker and you run out of profile for the last one. The way app locker work doesn't scale to tens of sandbox.
You can have more users on the "standard" AOSP Android as well, but with a certain AOSP-derived you can also have notifications forwarding.
Until they add Application List Scopes (I believe it's on the road map), in the exactly the same way users can now lie to apps they have only specific contacts in their contact list and only one or two specific folders in the Storage.
they keep releasing overly complicated features to sidestep the obvious reported vulnerability, to silence power users and please corporate enterprise sysadms.
the rest of the 99.9 of users keep the vulnerability, which is very profitable for ad networks. wonder why an ad networks who maintains android would do that.
The only benefits I can see of "Apps", are the developer get's access to private information they really don't need.
Yeah, they get to be on the "App Store". But the "App Store" is a totally unnecessary concept introduced by Apple/Google so they could scrape a huge percentage in sales.
Web browsers have good (not perfect) sandboxing, costs no fees to "submit" and are accessible to everyone on every phone.
The reality is, most webapps for mobile just suck. The UX is nowhere near that of a native application. I don't want any text to be selectable. I don't want pull to refresh on every page. I don't want the left-swipe to take me to the previous page.
You can probably find workarounds for all these issues. The new Silk library (https://silkhq.co/) is the first case I've seen that get's very close to a native experience. But even the fact that this is a paid library comes to show how non-trivial this is.
Strange. This inability to select any text has always felt like one of the most hostile things developers could ever do. It feels like pure vandalism.
Another thing that causes massive productivity degradation is not being able to keep multiple pages open so you can come back to some state. I cannot imagine how anyone could possibly use these apps for any serious work.
The UX of almost all native mobile apps is absolute crap. But it's not their nativeness that makes them crap. I'm not complaining about the idea of operating systems offering non-portable but high performance UI primitives that make use of OS facilities.
Many native desktop apps don't have these UX issues (at least not all of them at the same time). It's the mobile UX patterns, conventions and native UI frameworks that are causing this catastrophic state of affairs.
Use Circle to Search? Native capability that works on every single app, and is close to perfect (with the exception of handling text at the very bottom/top of your screen that's covered by your navbar/Google logo).
Reddit on iOS was one that did it.
- text is selectable
- content is zoomable
- you can have an ad/nuisance blocker
- page source is open
While native apps have their own advantages:
- much smoother experience esp. navigation, scrolling, animations, etc.
- better overall performance (JavaScript will always lose to the native binary)
- access to hardware opens new possibilities; audio, video accelerators etc.; there's a ton of things you can't do in the browser with audio for example
- widgets, some of them are nice and useful too
- for publishers: an app icon on the home screen is a reminder, a "hook" of sorts; this is the main reason they push apps over web versions
There are cases like media apps, camera apps, videogames, terminal emulators, clipboard managers etc. that won't become Web apps any time soon.
Either because they need to operate closer to the OS, or for performance expectation reasons.
But I've just had a quick scroll through the apps on my phone, and I can confidently say that 90% of them are basically HTTP clients that interact with an HTTP server.
And even those that do more could probably be wrapped into a WebAssembly artifact with comparable performance in a near future.
The reason why they are not PWAs, and why engineers are often expected to do triple work (iOS, Android, Web), and why there aren't more products released as PWAs, keeps eluding me.
Sure, you have to tell folks how the "Install/Add to home screen" process works from a mobile browser, but is it that really that much more friction compared to an App Store paradigm to justify the abuse of native apps that either reinvent the wheel multiple times, or are just unglorified Web browsers running an Electron app just to show you the discounts at the supermarket near your house?
These are more like byproduct of the fact that web apps are built on the stack not suited for modern UI apps. It's literally a text typesetting engine pretending to be a rendering engine for high-performance UI.
So, it can also be framed as:
- everything is selectable, even what shouldn't be - buttons, drawers, video players, etc - content is zoomable, which most of the time just breaks UX in hilariuous ways. Developers have to do extra-work to either disable zoom or make hacks/workarounds.
"Everything is selectable" and "everything is zoomable" makes total sense if it's a blog post. If it's a UI for the modern app, it does not.
This is an outdated view of the web. Catch up or be left behind.
But mainly don't expect any good web app integration on mobile, because it would hit the store 30% tax.
Disabling text selection is not just worse UX, it is actively user-hostile
In the past, occasionally there would be an error message in a message box dialog that I wanted to copy and paste. And then I discovered that despite it not looking selectable, it actually was.
I don't want to accidentally select the text of my menu bar, or of a text box label, or a dialog tab title.
Lots of limitations for you to not accidentally do something, maybe there is a way to not accidentally do those things and also help people that need them.
You're awfully arrogant in making a judgement about my empathy... if you want to make this personal.
Or maybe you can justify why people need to be able to select menu labels in the first place? That's not standard on any OS I've ever used, so it's up to the person who wants to change things to justify why.
Maybe be less judgmental of people here on HN, and contribute something factual instead? I at least gave a factual account of my personal experience, which is a data point. Describing one's experience isn't egoism.
At least in recent versions of Android there is that OCR (?) powered functionality to select text when you're in switch-app view.
I would suggest that these days you'd be much better off taking a screenshot and putting that into Google Translate.
That way all the text remains in-place, and you can keep it as a visual reference to refer to.
If you were selecting text, it would wind up in a kind of jumble that would be much harder to use.
Browsers are some of the very few apps that work well on a phone. Most of the other ones feel like a mess (except games I guess).
I've had enough browser apps try that on my phone. Usually they start to lag out and become unbearably slow due to the framework bloat, compared to native apps that have no such issues.
Real question here, what are you trying to do when you "swipe back"?
By instinct I swipe back like I am in Safari, and that does something else in those.
Other than that, I'd like text to be selectable! I don't like it when apps don't allow you to copy text.
I use Copy [1], and when that doesn't work I use the OCR text selection feature on my Pixel phone.
[1] https://play.google.com/store/apps/details?id=com.weberdo.ap...
Guess which one of us has way more problems, due to both functionality and a constantly changing layout?
Iconic mirrors a lot of it, but Apple/google could have just as easily made them native components triggered in the browser
Can we stick to "by and large"? Every year many youtubers make that video of trying to use ipad/samsung dex as the productive computer for a day. Last I checked they always end the same way.
Not really. And this is why native apps are necessary. You can't use the built-in camera on an iphone successfully in this way, and I don't know any director who has. They use specialized third-party apps which give them the appropriate control.
In cases where a native app and web app are both available on iOS, there’s often a huge difference in battery usage and sluggishness. Also, as a sibling poster mentioned, I like having fully “offline” apps as well, for example for maps and notes.
I’m not saying that I like how Apple and Google have done this in practice, but I don’t think going webapp-only is the future. For the same reason I won’t replace my real computer with a Chromebook for the foreseeable future.
Google Gears got deprecated because something something move to standard HTMl and browser features and now we don’t really have any offline web apps.
The ability to have non sluggish, offline web apps has existed for decades now, but the interest from providers has been declining and the understanding that this is possible is also declining on the consumer side.
Yeah, like single native instagram draining battery faster than combination of multiple websites that I visit in Safari.
> For the same reason I won’t replace my real computer with a Chromebook for the foreseeable future.
> real computer
Where most of the modern applications are either web wrappers or Electron apps.
Only if you're stuck on a depreciated platform like Linux. If you are on Mac, native applications – real applications – are much more powerful and usable than any web wrapper on Linux.
I've noticed Linux users have taken a habit of proposing their broken way of using a computer through the browser for other platforms as well. But on other platforms we are already spoiled with quality software.
I’ve been using Nova for the last few years. Increasingly native non-Xcode development tools seem to be few and far between. I have BBEdit and Nova, but a lot of people have switched to VS Code it seems.
Here are some of the frustrations I had with PWA's.
There are massive differences between browsers and Android/iOS when it comes to storage, access to local files, and size limitations. Proper backup/sync of large files using IndexedDB, Cache API, or localStorage is not as straightforward as native storage.
Service workers aren’t designed for complex or long-running computations, But they’re more like lightweight assistants, and you would have a HUGE pain trying to accommodate all the different browser/OS limitations if you need predictable background sync/backup. This seems maybe to be better going forward due to frameworks like Ionic/Capacitor or Workbox.js tho.
PWAs are tethered to the web’s security model, which means they’re generally restricted to HTTP and HTTPS for communication. This limits direct access to protocols like SMTP (email) and FTP (file transfer). You’re stuck with web-friendly options like WebSockets or WebRTC, or you’ll need a server to act as a middleman. Building a torrent client would be really annoying due to the limited protocol access. The WebTorrent JavaScript framework, which can run in the browser, does not fully support traditional TCP/UDP torrent protocols directly but instead relies on WebRTC data channels. Therefore, your app will only connect to peers supporting WebRTC, which significantly reduces available torrents and peer counts. Also, there often is an added level of restriction to background processes on mobile.
There are also limits to access of the devices APIs: - NFC (partial Web NFC support in Android Chrome) - Bluetooth (Web Bluetooth limited to Chrome Android, absent in iOS) - Native contacts, SMS inbox, telephony, or system-wide calendars. - Some system-level sensors (barometer, precise accelerometer data).
Also: Web apps often perform slower on heavy graphics or computation than native apps due to lack of direct GPU access. I have not tested this myself, but I know this has gotten better.
Onwards: - PWAs can't directly register as the default handler for specific file types or URL schemes across the OS. - PWAs cannot reliably run background tasks (like precise location tracking, audio playback, VoIP callbacks, or continuous data monitoring) when inactive. - WebAuthn supports biometrics, but native biometric APIs (like Face ID/Touch ID) offer deeper integration for specific app functionality. This is a HUGE need for our firm, as we rely on it for easy authentication for our app, and customers love it over other authentication methods. - PWAs can't easily embed widgets into the OS home screen or system-level UI components like control center integration.
YES, PWAs are much more capable than some people think and could, in many instances, work just as well as a native app. (I use GeForce Now on iOS with not many problems.)
And this is not even touching on how much easier it is to use Android/iOS SDKs to put together an application, and user expectations (which might be WRONG when they think PWAs are lesser or more insecure, but these attitudes are still reality).
All that said, I prefer PWA over native myself due to publication freedom, but I get annoyed when you talk down to people, and you seem to be the one that doesn't understand that there are actual limitations.
Sure there are limitations to PWAs, but quite a vast majority of apps don't need the missing features.
I find native Android and especially iOS SDKs vastly more difficult and cumbersome to develop for. Doubly so of course if you have to develop for both. Maybe if you're already used to the Android/iOS development mess it is easier short term than to learn something new.
However I still do like to have apps on my devices that just work offline, without distributing my data across services I do not control. And I also do not want to depend on a internet connection, when I am anywhere.
I like my offline Osmand/Organic Maps app to show me the trails when I am somewhere in the woods or mountains. I like my apps that instead on using some third party server, connect directly to my other local devices to share data.
IMO all (where possible) apps should be developed offline first, and only require internet when necessary, and those apps that cannot work without internet should be web apps, they do not need to be on my devices.
Platform owners introduce a bunch of restrictions that create reliability and usability concerns, but the standards already exist to enable a website operator to create a webapp that, after the initial ‘install’, runs entirely offline on the user’s device, and has no need to communicate with the website.
I don’t understand people who use apps for this. It is such a pain.
I do most things on my desktop for the reasons you say but on a phone multiple tabs etc is a pain.
Their websites do (although even on new phones you are at a greater risc of a tab being purged and needing a reload, but still you can multi tab on the mobile website)
Sounds like a broken web app.
You are currently using a webapp that doesn't do this. It's called Hacker News, and it never asks me to login every time on my phone.
> when the app can just cache my authentication and FaceID me
Sounds like a broken login form.
Hacker News also allows me to login with Face ID on my phone, thanks to my password manager.
Optionally webapps can also provide Passkeys.
>
> You are currently using a webapp that doesn't do this. It's called Hacker News, and it never asks me to login every time on my phone.
Every time I visit Hacker News on my iPad I'm logged out. Apple has decided that if you don't visit a website often enough it will expire all your cookies for the site.
In practice that means I can log in to HN while I'm at the cafe one weekend and be logged out by the time I visit the next weekend.
Apparently HN does it on purpose and kills alls sessions on all devices when you log off.
Besides companies focus on apps, not on web pages. Less money, less focus, therefore worse experience
A week ago, via TravelPerk which is literally a web wrapper.
> And how do you deal with all of the real estate the browser steals?
What?
> Having to log in every time when the app can just cache my authentication and FaceID me?
I literally use the same FaceID for my passwords/proton pass. Also, this depends on a website.
A big issue with this trend is that unlike the web, the whole Android ecosystem is a walled garden which is strictly controlled by Google. In principle you can run your own custom Android ROM, but in practice this will lock you out from any app which uses Play Integrity API to enforce Google's totalitarian regime which dictates what software YOU are allowed to run on "your" hardware.
Login is better on the iOS app as you can use touch id/faceId and not userid/password also the webpage asks for cookies as it can't seem to remember the choice
There seem to be sites for your GP (which mine does via a .nhs.uk domain it used to be via https://account.patientaccess.com/ which still shows appointments but does not allow booking but still allows requests for repeat prescriptions.) or hospital portal for results.
The browsers are controlled and manipulated by the likes of Apple and Google. These companies have a significant influence on the direction of browser features and limitations, often shaping them to suit their business interests. For example, Apple’s Safari and Google’s Chrome have been criticized for implementing features that reinforce their own ecosystems, such as limiting web push notifications or restricting certain web API functionalities to encourage users toward their native apps. This ultimately means that even in the browser world, the same forces that drive the app store monopolies can still control and restrict what’s possible, even if the web is inherently more open. So while web apps offer more flexibility than native apps in theory, the reality is that Apple and Google’s control over the browsers still limits the true potential of a completely open web.
Who do you think controls Android and iOS native APIs?
Web standards at least have public forums and specs, with multiple parties involved. And all the major browser engines are open source and apps built for them are relatively cross-compatible.
Actually, when the iPhone was introduced, Apple wanted it to have only a few select native apps (like Maps or Mail) and all the rest to be web apps.
They were browbeaten into opening an app store by the developers, who wanted to do native apps, not the other way around like you say.
In many other cases I agree with you.
Even if it's gRPC or something more exotic, it'll be over TLS (you best hope it is).
You can have a webapp cached locally on your device. PWAs allow developers to create an SPA you can open from your homescreen, and to do that API interaction the same way as a native app.
I hope you and your family are well, and it's great that tech helped. But please, don't think that because this tech worked in this instance it can't be made safer and securer.
Also, this situation benefits the google-apple duopoly, since it means superior products (remember Windows Phone 8?) or privacy focused devices (FirefoxOS) have no chance of getting a foothold in the marketplace.
The objections I see in sibling comments are nonsense. Modern web supports high frame rates, developer control over the UI, etc, etc.
1. Better UX and responsiveness for users, including better offline use.
2. Using native hardware APIs. How are you going to do things that require on device video compression, or realtime graphics that are more advanced than GL ES, etc
3. Battery life and performance. A native app can use less power than a web view for doing its work, and it can also make use of better async/concurrency/threading than a web view allows for.
That's exactly the point. More developer control, less user control. Can't change cookie settings in an app, can't (easily) block ads, can't use developer tools to remove annoying UI elements, can't disable phone home mechanics, can't prevent the developer from profiling you.
GPs comment is something that people in politics would called sensational. Extreme rhetoric is great for upvotes because it stirs emotions but it’s not rational.
Apps are faster, are more predictable (no auto-reloading or rendering issues) and generally perform better IMO.
On the other hand, in reality, you're correct. I think the NYTimes app will collect more data from me than the NYTimes website.
While apps are spying etc, making them is usually a no-brainer compared to churning and leaky web stacks. And probably not a single time a webapp loaded for me when I tried it outside standing in the wind trying to figure something out. It was always an app that started and helped and didn't ever scroll horizontally while doing so.
But we could argue that if webapps were more used on mobiles, new APIs would have been opened to facilitate cross-app integrations.
The disadvantage of native is barrier to install. Once that's done, the experience to the user is simply superior. True native experience, fast and predictable. As a developer it's easier to build those types of apps as well.
People who haven't used iOS might not understand this though as they've never seen "how things should be".
Becoming the middle man is the default model that supports scale. No one has come up with anything else to support a world where avg disposable income is close to 0
FTFY
https://www.sencha.com/, the vendor of the ExtJS framework tried to argue that Facebook was wrong (2012): https://www.infoq.com/news/2012/12/Fastbook/
I worked for a company that used Sencha back in the day and wrote the first React integration over their form/datagrid components in 2013. React ate their lunch
How could you possibly consider intensive games to be "simply" web apps? How about network apps like vpns, wifi analyzers? Have you really not come across such apps or are we meant to think every app is a TODO application?
Both web and native has been driven by the same corporate forces, the argument here should be technical only - what can you do on native that you can't on the web. Mixing this technical matter with corporate policies muddies the waters.
Absolute absence of lag, glitches, rendering issues, memory use in the kilobytes etc. is possible with native applications.
Also with the bank apps I think there's extra security over a webapp - on the iphone they often scan my face.
That said most of the time you are right.
I am fairly convinced that some apps are just wrappers around web apps. The Virgin Money (Uk bank brand) app used to ask for cookie permissions on launch and felt very like their website used to (until it was removed and they went app only).
Or am I not understanding what you mean when you use the quoted name "Apps"?
I feel like an actual security-driven design is a lot better than just relegating everything to the browser.
Many apps are apps just because they can collect your data, and create walled gardens. It is harder to create extensions for existing apps, for web pages it is easier.
Normies don't turn off notifications. Over the last few years all my relatives have picked up smart watches, (thanks to cell carriers upselling them hard during phone replacements) and in any given conversation at family events they'll be glancing at their wrist every 100 seconds.
IMO this is in the range of „why we use machines to transport if we all have legs”. Technically true, but applications do more than only UI.
I've heard this argument for the past 30 years (we won’t be using apps, everything will be remote console/terminal/webpage/web). Chromebooks were meant for web-first access, and yet native apps are still alive and kicking.
this is the actual reason why companies push people to install and use their apps instead of their website.
Edit: and I’ll venture a guess that since mobile apps can’t use things like ad blockers, companies probably prefer them. More control over what you look at.
- Timer / alarm clock - Camera - File browser - Offline maps - Another web browser
But not 250MB banking app.
In 2025? Sure, you can do some (but not all) of that in a browser? In 2010, when those systems were becoming popular? Absolutely not a chance.
People forget that Apple initially tried this exact approach. On the first iPhone, that's how you were supposed to do apps. People wanted native so much that they were willing to go the extra mile, jailbreak their device, document the undocumented iPhone SDK and write their own toolchain. The user demand for native was clearly so overwhelming that Apple finally relented and gave in.
Even a few years later, Facebook tried hard to have a single, cross-platform HTML5 website instead of bothering with apps. Even then, browsers just weren't there yet, and they probably had the best engineers and resources on that project one could have had for any money.
Just to confirm:
I dumped all of my notes from my insanely large apple notes (about 16000 lines of text) and pasted them into Google Keep, Notion, Google Docs. With the exception of Google Docs the rest of them flat out froze and I had to kill my browser. Stop trying to tell us that the browser is the answer to everything when most web apps cant do the job of Notepad.exe or vi
So, one out of three webapps that you tested could handle this much text. It suggests that the problem for the other two is their implementation, rather than any limitation of the browser.
Of the two that failed, did you also try the app versions to see if they failed too? I really doubt the Notion app could handle 16000 lines of text.
Tried putting 20k lines into it. Loaded instantly, allowed me to scroll and edit flawlessly.
But I get your point. I'm on a pretty decent 2022 iPhone, and I'm sure at some stage I would run into a performance hit. But not at 20k lines.
You cant slap a plain text field and assume that emulates the actual experience in any way.
... and ram requirements for good performance went down by 66% ...
there are games, there are offline programs
---
website-as-an-app do needs to be squashed, that's something I do agree with you
I found this article yesterday and posted it on reddit android, here : https://old.reddit.com/r/Android/comments/1jmwg4w/everyone_k...
0 upvote, comment filled with what is either depressed sad people or just bots.
Here it's top 2... With mostly interesting comment.
Some subreddit are more dead than other but r/android got to be one of the worst.
Yeah, I'm not sure what exactly is going on with reddit but if dead-internet theory would hold anywhere, it seems to be there.
Besides, all the topic/subject subreddits seems moderated by people who hold a vested interest in the topic/subject, to the detriment of their community. I made a submission which went into details about the proprietary license that Meta's Llama is under, and what exactly that license means, and it was removed manually by the moderators of r/LocalLlama without any reasoning + they refuse to answer why it was removed even after trying to understand the rules of the subreddit better.
I'm guessing when the last "reddit purge" happened where they replaced a bunch of community moderators with employees from reddit, most of the platform was sold to companies to moderate their own spaces, unfortunately.
Find a more niche subreddit like /r/<city_name>running (although location subreddits fall into a similar trap) or /r/longdistancerunning and you'd probably find them to be more interesting simply because moderators are beholden to a smaller community and their job is more about making things interesting for their niche and cultivating a community rather than just dealing with slurs, bots, and spam.
Namely, once a subreddit becomes popular or has basically "the default" subreddit name, it's extremely difficult to just start a new subreddit if you don't like the moderation on the old subreddit, because it's so hard to get people to know about or move to the new subreddit. There was some drama years ago where some r/lgbt mods went on a major power trip, which caused other folks to start the r/ainbow sub, but still most folks go to the lgbt reddit as it's what comes up first if you just search for "gay subreddit" or similar.
You say "because moderators are beholden to a smaller community", but that's the point - mods aren't really beholden to anyone at all, as it's not like electing mods is a democratic process. Note nor do I think it should be, as being a mod is a ton of grief and labor that people donate for free. But I do think Reddit could make it a lot easier and "fairer" if people wanted to "fork" a subreddit if people wanted to discuss the same topics with the same community, just with different moderation rules.
the only feasible way (short of like, scraping every comment made on a subreddit and dm'ing each of those users) to reach the audience you're trying to convince to switch to your alternate subreddit is by... posting on the original subreddit. the original subreddit has no incentive to allow your post, and public moderation logs aren't a thing on reddit, so...
Maybe that works in the US, since half of all reddit users seem to be from there, and for very general topics like running.
But for discussing local LLMs, you have just about one place to chose between, and if the moderators somehow are silencing discussions there, there doesn't seem to be much you can do about it.
You seem to think Reddit Inc wants anything but control over the users. They are not at all interested in discussion or being a social network. If they could achieve their real goal without all the annoying comments, they would shut those off instantly.
Reddit is a narrative pushing machine first and foremost. The money they make on advertising - IS NOT - from the one of two ads you see per page.
The Reddit stock price is not at all reflective of their tech. It’s based on ability to push thoughts to users.
I would be incredibly surprised to find that reddits officers are willing to risk life ruining fines to lie in their filings about this.
There is fundementally a social contract between Reddit and its moderators. Moderators get autonomy and control, and reddit gets content that keeps users around. As long as Reddit does not pay moderators, autonomy and control is all they can give moderators. I'm investing a lot of effort, and I'd like to retain some control. IMO creating a community is more like starting an open source project on Github with a lot of community contributions.
If you take away autonomy and control from moderators, what is in it for the moderator? Imagine if github started seizing projects wholesale, taking them over and installing new maintainers. People would move off the platform.
Some people say that moderators are unpaid employees, but IMO that is only to the degree that moderators are required to carry out Reddit's agenda and priorities. We don't call OS maintainers github employees. I don't mind if Reddit benefits from my communities, as long as I can run it the way I want. If you take away autonomy and control, moderators absolutely become unpaid employees.
If Reddit didn't like my policies and took my subreddits, I would take that as a strong signal that Reddit is not the place to build my communities. The API debacle, protests, and mod removals caused me to decentralize my community more. I spam a linktree in my subreddit that links to Discord and other resources, exactly to protect against community seizeure by Reddit.
I think you touch on some real issues. One is of namespacing; folks can sit on valuable portions of the namespace and basically extract rent. We have the same issues for domains, and haven't solved it there. Some places like github semi-solve it by putting repo's in organizations, but that shifts the namespace issue to the organizational level.
The other problem is second generation moderators. Most moderators are terrible at succession planning, and so generally chose terrible successors. Many second generation moderators don't understand the original decisions that shaped the community, and what makes the original community successfully. Reddit should do more to encourage succession planning, and teach moderators how to do it.
Hacker news understands the concept of constructive criticism.
Even better understands might be pushing it. “Better tolerates”
This loan app is profiling people on the basis of race (Tamil, Odia) and religion (Qibla Direction Finder is used by Muslims, mandir apps by Hindus).
It is for fingerprinting purposes
Same with banks apps, if you are a scammer it's really useful to know beforehand what kind of bank the target uses.
There are probably a whole bunch of groups who have a purposes for this kind of info, especially if they can link it to the phone number.
Hopefully the El Salvador deal is a far cry from the internment camps from the 19th & 20th century.
Here is some more information about the conditions in these prisons in El Salvador, CECOT being the most notable one:
> Able to hold 40,000 inmates, the CECOT is made up of eight sprawling pavilions. Its cells hold 65 to 70 prisoners each. They do not receive visits. There are no programs preparing them to return to society after their sentences, no workshops or educational programs. They are never allowed outside. [2]
I believe the term gulag makes sense in that context despite it not being a forced labor camp. Not sure how this relates to Russia at all (apart from the origin of the term obviously).
[1] https://apnews.com/article/rubio-trump-deportations-usaid-f7...
[2] https://apnews.com/article/el-salvador-us-rubio-prison-de912...
Well, not yet, anyway.
Fingerprinting is an identification mechanism. It is most commonly used for targeting and profiling.
I have complained about this here before, but the end result was that I asked for a hardware security device and use the website instead.
Why would browser need to enumerate the installed apps?
Why?!
In other words, blame Google product management.
Instead of the browser enumerating all apps, why can’t it check when you visit a page if the current page (ONLY the current page) is installed as an app?
Maybe i’m missing something, but it sounds like it would be easy for google to support this functionality by letting developers configure this in their app “bundle”. A property that tells the OS “my app is related to domain example.com”. Make it an array of domains if you must.
Elaborating on the sibling's comment: There is already such a property that apps must set in their manifests in order for them to be able to react to links/intents for domain-associated-with-the-app.com.
But it doesn't address the question of how a browser is supposed to be able to open links to domain-associated-with-the-app.com in that app, without Android revealing to the browser whether the app is installed or not. In short: The browser will, by construction, be able to determine which apps you've got installed or not.
But it doesn’t leak that information to web pages.
Obsidian for example asks for permission for entire filesystem, while it really needs to access the files which the user needs it to see.
On Android phones. iPhone doesn’t have this privacy deficiency.
https://blog.verichains.io/p/technical-analysis-improper-use...
On Android if they use the work profile (which is the standard method these days) they can only see the apps inside there.
Regardless, MDM installed app visibility is limited to those users who opt-in to an organization managing their personal device, and isn't an effective way to broadly gather what apps a given person has installed. What's described in this post would work on any user/device, and there's no way to deny/opt-out of specific permissions.
[1] https://developer.apple.com/videos/play/wwdc2021/10136/ [2] https://support.apple.com/guide/apple-business-manager/use-m...
The reason is that Apple demands that the UPN (the account ID) and the email address are the same. For us this is not the case (our UPN is our employee number as an email address, whereas our email address is just our name). And obviously we're not going to change this for ten thousand users because Apple wants to (most of which don't have Apple devices because we're a European company). Also, you have to manually decide what happens to each user that has already created an account with their corporate email address and what to do with the content they purchased on it. This is not feasible for a large corp. We have commented this to our Apple account manager for years and years but they simply don't care. If you work in this realm you probably know that Apple doesn't really care about things that matter for their corporate customers anyway. The consumer is their main client and it shows (unlike with Microsoft where it's the opposite).
So the whole account-driven enrolment (User Enrolment) as well as everything else depending on managed Apple IDs like DEP for Macs is completely out of the window.
The problem in my opinion is that I as an admin can simply query for example all the employees that have something like Grindr installed. Considering the current political climate in the US (or worse, the middle east where this can lead to a death sentence in some cases) it's obvious why this is super bad. And really, why should we be able to do this at all?
Fun fact from the MDM implementation - the most private way (at least to the company policies) to have a company-connected device is to buy a separate phone and install company's MDM on it. On company provided devices, the company may locate company's assets at any time but doing so on a personal device is a privacy breach.
The bad part of this is that apps have to specifically support the multiple profiles option, otherwise they can't be used for this.
And yes, I agree, that is the best way. We have the same restrictions for personal devices. Though I as an admin know we never use the locate functionality (and I know every person who has access to it).
Account driven MDM enrolment pushes the Pareto front when it comes to privacy/conveniency compromises from my point of view. I will ask my IT if they have already looked at it.
If you have the self control to refuse to ever check Slack and disable all notifications/etc on your personal phone when not on call, this doesn’t apply as much. But for me I default to trying to stay on things and forcing myself to disconnect is a net good, even if it does mean I carry two phones at times. My pockets are large.
Android has this really well worked out with their work profile. It's like having a company VM on your phone. Really great separation.
But on Apple we can't use a similar option which I admit does exist, but there's too many strings attached (see the discussion above).
The problem is of course carrying two devices with you.
One of the biggest incentives for creating apps is to scrape all kind of data from the users. Look at how many apps require permission to see you contacts. And how many actually need your contacts to function. That's why I'm still a bit surprised that many seem to be surprised by findings like this one here.
I read a fiction book years ago where there were cameras everywhere. To get privacy, instead of hiding their identities the protagonist paid companies to insert bogus information into the information brokers’ network. So if they tried to figure out where they were on a certain day, 20 records would match. I think this is a much more likely vision of the future.
That is, again, not require but ask for on iphone. I have zero non-functioning apps on my iphone due to denied access to contacts. Even a chinese bluetooth light controller doesn't dare (while refusing to work on android for the same reason).
You can hate apple/iphone ecosystem all you want, but let's not sneak false claims into how they actually work.
You don’t have WhatsApp then.
It is so annoying that it’s either "give access to ALL my contacts and ALL their information (yes, even the notes I took on their favorite things for next Christmas)" or "don’t give access". I wish we could limit the number of contacts and the level of information we give.
iOS added fine-grained (at the contact level) access to contacts data last year.
https://lifehacker.com/tech/you-can-control-which-contacts-a...
Many apps have not updated and perhaps never will.
For example I know Slack still doesn’t use the single picture picker. They still want access to everything.
So iOS lets me limit what they can see, but it’s still a pain compared to just letting me pick the one picture I want.
Same with storage scopes: one directory and that's it.
You could try to communicate with an app via the custom URI scheme and if it succeeded, it would know you have the app installed. Twitter used this for finger printing.
An app has to get a special intent and has to list the apps it wants to use it for.
Recently, they released a major update to their LLM feature and I installed the app to check it out. While I had the app installed, every time I checked the mobile website there was a large banner directing me to go to the app. Ad blockers and distraction blockers would not get rid of it. When I deleted the app again, it was gone. What gives? Why does the mobile website know whether I have the app installed? How come content+distraction blockers are enough to block all reminders to use the app when it's not installed, but are irrevocable if I have the app installed?
https://developer.apple.com/documentation/webkit/promoting-a...
You can get rid of them with the Unsmartifier extension.
https://old.reddit.com/r/apple/comments/q55753/unsmartifier_...
The StopTheMadness extension can also remove them (among many other things... this extension is a must have for me):
JFC. Are they disabled if you ask for the desktop site?
To clarify - the mobile website doesn’t. It has meta tags that tell safari what app it’s tied to, and safari displays associated the app banner.
I’m amazed Android still allowed this in 2022.
Just a different business model, not a display of moral values.
Sure, Pegasus exists but I don’t think it is commodified yet.
What evidence is there/can you present that Apple is making use of this information in a negative way?
How can Apple not have a list of installed apps on your phone while maintaining basic functionality (automatic updates, reinstalling apps from backup, etc)?
If they went beyond that, or disclosed that knowledge, or allowed an app to get that manifest without your permission, it would destroy their brand image built around privacy, in a way that would cause long-term irreparable damage.
They decided to not comply with laws compelling them to add back doors to optional encryption on iCloud storage, rather than tarnish that image, because they know how valuable that trust is.
You can dump on Apple all you want, but compared to Google who plead with people to use their browser and phones to improve adtech surveillance they can monetize, I think they're doing OK and are a lot more trustworthy.
In a relative way, they definitely are.
They were using this trick to detect unauthorized apps on the phone.
https://blog.verichains.io/p/technical-analysis-improper-use...
[0] - https://gist.github.com/wh1te4ever/c7909dcb5b66c13a217b49ea3...
On iOS an app developer will need to register in advance which external applications their app intends to query, and the list needs to be very short and motivated. [1]
Incidentally, “I have a friend who says...” isn’t really a good citation anywhere outside Reddit - which HN resembles more and more each day.
[1] https://www.hackingwithswift.com/example-code/system/how-to-...
I suppose a more appropriate term of phrase would've been "I'd heard anecdotally...", but I agree I was lazy with my original reply. I appreciate the feedback.
A simple thought exercise for me is "Which of these two comments is more Reddit?" - I'd say the one that came with curiosity is HN, the one that bats around half truths combatively and invoking Reddit isn't.
Also the bots have not invaded HN, which is a truly massive distinction.
I think this is probably true of any online community. I’d wager that an online community needs more users to grow and be sustainable, and more users inevitably means more content, and more content means less _high-quality_ content overall.
I snorted when I got to the self-important haughtiness about reddit.
Why?
- You immediately recognized what they meant.
- They weren't advancing a claim, they were indicating a basis for their interrogative, likely to avoid seeming naive when claiming it out of nowhere.
- The article we're commenting on describes the same mechanism you claim differentiates iOS. ("register in advance...which applications...intends to query, and the list needs to be very short and motivated.")
- I've worked heavily on iOS and Android since 2009. As close to a graybeard as you can get in mobile. I'm searching, reaching, grasping for any sign you've done anything other than Google and link the first article you saw, and I can't find _any_. At all. But I don't think that's wrong. You're trying. Why is it wrong for the person you asked to try too?
- There's strong signs you didn't read the article we're commenting on.
- If you had, it is unlikely you would have said iOS was differentiated, then laid out the exact same mechanism described in the article.
- There's strong signs you didn't read the article you linked.
- On iOS you can register URL schemes in a plist, these aren't "external applications you intend to query" and the list does not have to be "very short and motivated"
I get cranky too, but, I am grateful I recognize it is very reddit to cry Reddit and edit it out, or delete.
What could possibly indicate I didn’t read the article? Of course I read it. Isn’t your assumption of my bad faith also explicitly against HN’s guidelines?
> On iOS you can register URL schemes in a plist, these aren't "external applications you intend to query" and the list does not have to be "very short and motivated"
I’m also an iOS developer- and yes it does.
What I laid out, namely, that you described iOS the same as the article, while simultaneously claiming iOS differs significantly.
> On iOS you can register URL schemes in a plist, these aren't "external applications you intend to query" and the list does not have to be "very short and motivated"
> I’m also an iOS developer- and yes it does.
Which part is "yes it does"?
We both can agree quite quickly that URL schemes in a plist aren't "registering apps." You can drag this out a couple turns by playing shell games first by ignoring the URL schemes difference, then by making me do the leg work to show it's trivial to find apps with dozens of apps in that list.
Either which way, I continue to be taken aback by your snarkiness towards the original post and cries of Reddit given you know you were 100% wrong on this.
You're in a really bizarre situation where too much territory was staked out and you're defending it all: you can't claim this was a remotely accurate description and you read the article about Android and iOS is different. It's already a farce, then throw in scolding about how HN is Reddit because of low quality posts...my goodness, my friend.
> Of course I read it. Isn’t your assumption of my bad faith also explicitly against HN’s guidelines?
No, because I said "There are strong signs", I didn't say "You didn't read it."
Also, why would not reading be "bad faith"?
You are extremely focused on making attacks and perceiving them in others, please take a step back and note: "But I don't think that's wrong. You're trying. Why is it wrong for the person you asked to try too?" - you shouldn't have to make up an interpretation where gently chiding you for being rude turns into invoking rules and accusing you of bad faith
[1]: https://lsposed.org [2]: https://github.com/M66B/XPrivacyLua / https://github.com/0bbedCode/XPL-EX [3]: https://appops.rikka.app
Interestingly XPrivacyLua is not supported anymore and the pro companion app will be removed from the Play store by Google because it uses the permission QUERY_ALL_PACKAGES.[1]
[0]: https://github.com/M66B/NetGuard [1]: https://xdaforums.com/t/closed-app-xposed-6-0-xprivacylua-an...
Legit question. ChatGPT isn't super helpful here since it agrees with everything when I'm really looking for someone to say why this isn't really feasible in the real world.
There are functions EnumWindows() and EnumChildWindows() specifically for this purpose.
See utilities "Windows Modifier v2.00" (when I first downloaded it there were many pages about it, but it's a sign of how forgetful the Internet has become that I barely get any results about it now even searching for that exact name) and Microsoft's own Spy++ (SPYXX.EXE) for an example of this functionality.
The solution to an app you don't trust is to not use it at all, or use it in a VM.
A solution is to not use third party apps but most people aren't going to go that route. The VM idea is a good option though.
Because this architecture predates the existence of the current privacy nightmare.
In fact it predates the general availability of the internet. How could a program you would install from a floppy/compact disk bought on a store behave maliciously if you didn’t or barely had access to the internet ?
And then it stayed like this because Windows is heavily marketed as being retro compatible.
This is at least true for Windows and most traditional (X11 at least) *nix systems.
That is one thing I think Android got right... by default it runs every application as a different user. That means different home folders and no visibility into other apps.
Permissions are difficult to get right, and Android is unfortunately pretty slow to react.
I'm not sure if we'll get away from these anytime soon as any out of the box solution will inherently limit the user's freedom that has persistently been there for decades on PCs
Although not terribly accurate (because of the high variability of page titles), tools like ManicTime and ActivityWatch use windows titles to track your browser history if you don't install the browser plugin.
The way privilege escalation works on Windows is that pretty much everything gets launched with a standard user access token by default, and processes can request an admin access token in a few ways, UAC being the main one. When a process is supplied that token, that process is elevated.
It is more akin to 'sudo' rather than 'su', which makes sense because its progenitor is 'runas' from Windows 2000.
From an API point of view, only one process is elevated. From a security point of view, if one process is elevated they all are, due to a lack of any effective mechanism that actually stops them.
I do fully agree that desktop OSes are a legacy security model and they can't hold a candle to that of iOS. Android is getting there, but because it also started from mostly an open all-access model it's been having the same warts.
Oh, and the UAC confirmations to elevate your apps permissions to root? People will gleefully confirm them without reading what needs access anyway, so you’re golden to do whatever you want.
The security model of Windows doesn’t exist.
Can’t tell if serious or not [1]. Also any program can read any saved password out of Windows Credential Manager.
_Windows Recall to the rescue!_
not that windows is keeping passwords in plaintext, but that it's not immediately obvious that un-sandboxed apps that run on your windows/linux/mac desktop have virtually unlimited other avenues to capture passwords given they can read the entire state of other windows at the very least.
I dunno maybe macos is slightly better, and wayland definitely has some things which are better about this, but desktop os and $locally_installed_app means $locally_installed_app basically has root, there is just an exploding amount of vectors.
I'd like to see a linux based distrubution use some of the sandboxing in Android, it would be a order of magnitude improvement over what is going on now.
This prompt got me some mostly looks OK Python
> Can you make a simple windows program that will get all the window titles from active programs running