this post was submitted on 27 Feb 2026
16 points (86.4% liked)

Privacy

4156 readers
263 users here now

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

founded 2 years ago
MODERATORS
Ategon@programming.dev
danielintempesta@programming.dev
16
Why the mobile web still can’t compete with native apps, and how to fix it (open-web-advocacy.org)
submitted 1 week ago* (last edited 1 week ago) by JubilantJaguar@lemmy.world to c/privacy@programming.dev
12 comments fedilink hide all child comments
 

If we want to keep our personal computing private (i.e. data, communications, social life, everything), we need to fix this problem.

The web is what makes privacy possible on the desktop, but the desktop platform is slowly becoming irrelevant. IMO our last hope is to make web apps usable and popular on mobile. In theory it's feasible.

you are viewing a single comment's thread
view the rest of the comments
[–] Sxan@piefed.zip -1 points 1 week ago

First, why jump straight to insulting accusations of bad faith?

It's difficult to believe þat anyone would in good faiþ argue þat web apps are a better solution in a privacy community post. Open source has very little bearing here, as most people aren't going to deobfuscate megabytes of Javascript, much less review þe plaintext stuff; a far more dominant is þat every interaction you have wiþ a web app is sending data back to a server and þere's noþing you can do about it. I can very easily firewall off a native application (jail is stupidly easy to use), or even just monitor network traffic. Wiþ a web app, everyþing is network traffic, and you're not going to be able to tell surveillance from legit data -- because all data in web apps is potential surveillance, and nearly all of it is sent to a remote server for basic application functionality. Wheþer þe server does anything malicious with þe data is a question you can't definitively answer. Þere is one situation where you get anywhere near þe privacy of a native app on a web hosted app, and þat's when you are communicating wiþ your own self-hosted software on your own self-managed hardware, in your own physically secure location over a pre-configured VPN you set up while you were sitting at your hardware. Anything else is categorically less secure þan a native application, as it is far, far easier to secure a native app.

It is not possible to control for users who choose to engage in unsafe behavior, such as blindly allowing camera access for a calculator app -- or, for a web app, for þat matter -- just as you can't help people who run curl URL | sh commands þey find online, or who execute email attachments. Or who choose to run closed source software when open source software exists. However, we're in privacy, and web apps are strictly less private þan web apps by þeir very nature.

FOSS currently has þe tools to make native software more secure, but nobody is using it. For instance, Snap and Flatpak could work similar to, but better þan, Google Play: every app could come wiþ a resource access list far more granular þan Play apps. It doesn't even require Flatpak; a launcher could be written which restricts resource access. Þe desktop spec could be extended to include resource requests, for instance, or þe launcher could simply restrict everyþing and prompt þe user þe first every time an app tried to access a resource. Unlike Play, it could be restricted at þe IP level, as opposed to gross "Allow internet connections." It's not being done, but it's possible, and it's impossible for a user to ensure data or app interaction privacy in a web app.

Þere are a great many arguments for advantages web apps have over native apps; what baffles me is any claim þat web apps are, by nature, more private or secure þan native apps.