Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Confirms iOS 17.4 Disables Home Screen Web Apps in the European Union
- Thread starter MacRumors
- Start date
- Sort by reaction score
In some instances they would not even be able to provide security warnings.
What you want is for them to forgo all the work they put into making iOS, iOS and creating a new OS. One that is Open with every design for it to be integrated well with other 3rd party everything's.
That isn't Apple. So, i would suggest not purchasing Appel products if that is what you want. They aren't going to do it. No matter the regulation placed on them.
You and everyone in the EU should have expected this. Apple didn't build an OS for the rules that are now in effect.
The security flaws are showing up because of having to open up more of the OS because of these new laws. The reason it works with Safari is because it is tied to WebKit and not any other browser engine. Doing so will open up other security issues that again, did not exist due to WebKit being the gatekeeper. Preventing 3rd party browsers from accessing your Mic, Speakers, Bluetooth, network, storage, etc. Without your knowledge (potentially). You could not even be promoted while it did that.
Forcing it to work with 3rd party browsers was the issue. They "could" potentially go around those pop-ups and notifications. Since Apple would not have any control over those browsers functions (they didn't make it). You would be at risk (potentially) if those browsers choose not to behave differently than Apple intended. OR, any malware could utilize to gain access to your device via that browser. You simply may never know something is accessing your device.
Yes, Apple does control them today. But, will not be allowed to under the EU rules. Which require them to provide the same level of access Apple enjoys with Safari. They have to allow it to other browsers too. So, remove the feature. We are the same. Simple. IF more folks used it in the EU. They could have worked on fixing it. But, that isn't the case. It would take time and working with those 3rd parties to get everyone to "work" right so it's secure.
Ahhh, they didn't have to "in the beginning". They had to make it work "first". There was not a 3rd party anything in the beginning.
Whom at the time thought Apple was even going to succeed with the iPhone other than Apple?
While at the same time, everyone had a bunch of choices for mobile phones. NO ONE thought there would come a day when the EU would create such a rule to create this problem. Apple made the decision to limit access which simplifies the design and makes it more secure all at once.
It wasn't a security problem until the EU's laws went into effect. The decision was made before anyone other than Apple believed the iPhone would be successful enough to even matter. Plus, you had more options on the market AND no EU regulation or any regulation stating they could not do this.
There will always be security issues. With everything. Everywhere, forever. It was easier for Apple to address it over time when they had full control over it. Now they don't, in the EU. So it will get worse.
Sad indeed.
While that is technically true, it's not how it works in practice. Every browser that has any significance in the marketplace strictly enforces the security model that is specified in the standards. I use Firefox, but the same applies to Chrome. If an app want's to access sensitive functions, I'm asked for permission. There is no reason to assume that things would not work the same way on iOS. Also, even browsers have to ask the OS for permission to access sensitive services like microphone or camera access. So a privacy concious user could just block all those functions in the OS and that's it. Or, if you don't trust any other browser vendor, just don't install other engines.
Technically is the issue. Yes, it should work correctly. But, Apple's control over it is removed. So they don't have any ability to confirm this every time Firefox or Chrome update their browsers or another "new" browser comes along.
Can't make assumptions. While those browsers would be trusted (for the most part). Can you confirm any new browser will comply? As they would have the same rights as Safari and the rest. With 3rd party stores and the same level of access (potentially). Apple may have prevented that from happening by having the ability to reject those 3rd party apps even not sold on their store. But, again. It's an assumption. We have to live in that reality to know 100%.
Some users will absolutely turn off access to everything and anything. But, that isn't how most folks operate. They use the device, and expect it to work. Period.
Don't install any 3rd party app store and don't sideload any 3rd party app. And everything will be as it is now. That Apple removes PWA from iOS 17.4 is Apple's fault of not doing their home work. Because Apple proves that it can be done. It is non-issue on macOS. Which only got the feature recently for Safari but Chrome was able to create PWA for a while on macOS. Also if your describtion of Apple's view on security is correct, it is deeply flawed and shouldn't be trusted. Again, if iOS were more like macOS Apple wouldn't have any issues complying with the DMA.
They could but instead they said, whatever, it is Friday let's go to the pub instead.
To not do anything? It's like you replied without even reading the other poster's comment.
So what Apple is saying is that disabling PWA support on the EU marketing, a simple OS flag, is a direct result of DMA? Crazy.
If there was any doupt how Apple regarding the App Store is ill intended against business and consumers is this one. Clearly the company is inserting itself as a gateway between customers and their suppliers leveraging on their devices of choice, case in case iOS devices.
PS: “Oh, you are bothering me about my 15% commission over anything I deam so on people’s devices? Now you will pay me .50c to install or update anything on your devices (each time you do it). Now tell me I can’t charge people for using their devices”
So the question is … was this ever the deal?
I see a huge lawsuit coming for misleading consumer practices?
If there was any doupt how Apple regarding the App Store is ill intended against business and consumers is this one. Clearly the company is inserting itself as a gateway between customers and their suppliers leveraging on their devices of choice, case in case iOS devices.
PS: “Oh, you are bothering me about my 15% commission over anything I deam so on people’s devices? Now you will pay me .50c to install or update anything on your devices (each time you do it). Now tell me I can’t charge people for using their devices”
So the question is … was this ever the deal?
I see a huge lawsuit coming for misleading consumer practices?
Last edited:
Assuming people's guesses about reasons are right, which based on the rumors sites and forms, it has shown that people are more wrong than right about their guesses.
My point is that what we can do is hear what Apple has said. It has reason behind it, it's not a random comment without any context. We can guess all we want about the lies and conspiracy theories. Sometimes those guesses will be right and sometimes wrong, but guesses none the same.
What I am not hearing is anyone argue for the stated reasons Apple gave, instead people are just dismissing it and jumping to "my guess about their motives makes this decision bad" probably because it takes away something they want so they need to justify why the people/entity making the decision was wrong.
I read the reasons Apple gave to deactivating PWA on iPhones and for how they will implement the DMA rules for the EU. I just don't buy them. I don't buy that Apple is concerned about consumers or the devices security or battery life. Apple could do this without harming the security or the consumers but they don't. My conclusion is, if they did this right, there wouldn't be any reason to do this globally, because it would make the iPhone better for consumer but slightly less for Apple.
Webkit isn't an app but a part of iOS. It does run in a sandbox but it also have special privileges not provided to regular apps.
The biggest problem, is probably inter web app security. With a different browser engine, Apple can't guarantee that if you run several web apps, they're sandboxed from each other.
So if you grant some access to one web app, another web app might try to grab the extra access from the first web app.
It's a new paradigm and instead of spending resources to fix it, just workaround it by opening the web apps directly in a browser which is an app and which is properly sandboxed.
And it's exactly why I am against web apps and very happy Apple is bad at supporting them. I don't want the web to be a good application platform.
1) Several app stores. I just want one.
2) Additional browser engines. It will make even more websites stop supporting Safari since they now can say, just install Chrome. It will hurt me as a Safari user on the Mac
3) The possibility of side loading meaning I don't have one place to get all the apps.
I want just one repository for all apps for a platform.
I want applications tied to operating system to be the dominant application platform, not the web.
I want every web site to support Safari on the Mac and also on iOS.
Nothing in the DMA supports those wishes and in affect works against them.
What about the applications which aren't in the Mac App Store?
That's the problem on the Mac platform which didn't really exist for iOS.
I want one repository for all the software for one platform. The DMA and the EU wants the opposite.
Your assumption is wrong. In fact, Webkit sandboxing have historically been different even between macOS and iOS.
Also, the security has work with any browser engine, even engines which has yet been created. Apple can't delegate the security to other companies.
For clarity I don't have a dog in this fight, so I am just trying to make for an open discussion on both sides.
It is totally ok for you "not to buy it" but that is not a logical argument. It is not disputing their reasons it is just saying "you're wrong" which is just opinion without logical points. Your statement about them being able to create a feature they are not was already addressed with their comment on the lack of ROI for taking such action. Since Apple is a business who wants to be profitable, they aren't likely to take many actions that won't produce a good ROI.
I am not saying there isn't more behind the scenes, but their reasoning is at least understandable and follow the logic for how a business would operate. We can try and argue how the company is wrong about their assumptions of the number of users impacted or the cost to develop the feature, but then we would have to have inside information that we unfortunately don't have. Hard to argue ROI without those. So the most we can say is touché since even if they have other reasons for taking this action, it is a reasonable explanation. This is whether or not we like it. Or we can continue to believe what we want without the facts to back it up. That often happens when we are upset, and that is ok too as long as we identify it as such and not represent it as more than our guess/opinion.
Yes, but not using resources to change something which has been secure but is now insecure due to regulations, is just plain rational.
It's just to few of you. Maybe you should switch to Android since, according to you, it has much better security than iOS.
This is a tired, dull and ridiculous argument. Plus, AOSP has got pretty equal security to iOS, so using something like GrapheneOS, which is hardened, it does have better security. And you can sideload and use other app stores. Weird hey.
I'm kinda more worried about that Apple tells the truth and they are not able to create a secure iOS in an open environment. That is a terrifying thought to be very honest.
Last edited:
Dont't use another one.
Sent Apple feedback to improve WebKit to be better thank Blink. Long overdue though.
Well, don't sideload apps. Just remember, on Android where sideloading is possible since 1.0 it is rare to do so. Most is going via the Play Store or alternatives like F-Droid. When I used Android, I never used F-Droid. Saw no need for it. And I don't even know if I would use an alternative store on iOS but this is not really the point.
Why? The DMA or the EU commission won't force you to install one.
Why? Sometimes I prefer to pay developers directly for their work and not through Apple.
And? Why should that be changing?
Because that is not the focus of the DMA, the DMA aim is to limit the power of gatekeepers in favour of more competition because the lack of competition is not in favour of consumers. See how bad Safari is sometimes.
So the DMA won't change anything for you really.
You do not understand any of this.
The fundamental issue is that iOS is not macOS. If it was meant to be the same thing then they wouldn’t have designed it in the first place as they already had macOS!
iOS was designed firstly for mobile, low powered devices. Secondly to plug the same security holes that macOS and other similar PC OS’s already had. They did this because as a mobile device it should be secure and have better up time as it’s also an emergency device as its primary reason to exist is as a personal phone.
So with that in mind things like sandboxing apps , signing apps etc. are built in at the core of the OS. That isn’t the same for macOS and windows as they are 40yr old OS’s at their core. They weren’t thinking about that level of security.
Also restricting background services, tombstoning apps etc are things macOS doesn’t have either. They are fundementally different with different implications.
So when you say chrome had it on macOS that’s laughable. Of course they can do whatever on macOS because there are no rules to adhere to and compared to iOS.
My overall point is I prefer apples approach and I should be able to buy that product. If you like googles approach then buy Samsung, huewei and countless other devices. Those devices account for over 80% of the EU market. So why target the 1 system that is different and remove that choice? This is an anti consumer move. It’s just dressed as something nice to have. But it’s not.
And technically Apple are correct in what it means for them to safely allow a third party engine low level access to the iPhone. As they ultimately have to support iPhones and deal with the viruses and malware of a more open system. As they did when they had to live with flash on macOS and had to fight to get rid of that security hell hole!