Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Fusion 2024

bruce lawson
February 29, 2024

Fusion 2024

Whose web is it anyway? A rollercoaster ride through the sultry tech, and the sordid politics, of Progressive Web Apps on iOS in the European Union. Not a dry seat in the house!

bruce lawson

February 29, 2024
Tweet

More Decks by bruce lawson

Other Decks in Technology

Transcript

  1. @brucel Long Live the Web (20th birthday) The world wide

    web went live, on my physical desktop in Geneva, Switzerland, in December 1990. It consisted of one Web site and one browser, which happened to be on the same computer. The simple setup demonstrated a profound concept: that any person could share information with anyone else, anywhere. https://www.scienti fi camerican.com/article/long-live-the-web/
  2. @brucel The Web evolved into a powerful, ubiquitous tool because

    it was built on egalitarian principles and because thousands of individuals, universities and companies have worked, both independently and together as part of the World Wide Web Consortium, to expand its capabilities based on those principles … The primary design principle underlying the Web’s usefulness and growth is universality. https://www.scienti fi camerican.com/article/long-live-the-web/
  3. Mind the gap the highest average cost is 30,000% more

    than the cheapest average price https://www.visualcapitalist.com/cost-of-mobile-data-worldwide/
  4. Android majority median UK speed is 28.51 Mbps, USA is

    54.99 Mbps, and Hong Kong is 112.32 Mbps Android %age Download speed (Mbps) Rwanda 80% 0.81 Cambodia 60% 1.29 India 96% 4.09 Indonesia 92% 1.88 Laos 83% 1.99 Philippines 87% 2.05 Thailand 74% 14.90 Vietnam 68% 16.39 Connection speed data: https://www.fastmetrics.com/internet-connection-speed-by-country.php Android stats: statcounter https://gs.statcounter.com/os-market-share/mobile/worldwide
  5. Downloading a typical app with 20 MB APK can take

    more than 30 minutes on a 2G network, and the download is likely to fail before completion, due to the flaky nature of the network. “ - How we built Facebook Lite for every Android phone and network Facebook Lite
  6. Twitter “Twitter Lite is network resilient. To reach every person

    on the planet, we need to reach people on slow and unreliable networks … Twitter Lite is interactive in under 5 seconds over 3G on most devices. Most of the world is using 2G or 3G networks; a fast initial experience is essential.” https://blog.twitter.com/engineering/en_us/topics/open-source/2017/how-we-built-twitter-lite.html
  7. @brucel The web -and apps- must be for ALL •

    people with disabilities (whether permanent, temporary or situational) • people on lower-powered devices, contained networks, expensive data plans.
  8. @brucel Progressive Web Apps • Web sites ++ • Can

    save to home screen, open full-screen • Can work o ffl ine (using Service Workers) • Much smaller initial install, instant updates but only the changes • Twitter, original Wordle, Starbucks, Uber, Pinterest, Tinder, Spotify and loads more https://web.dev/learn/pwa/
  9. iOS Home Screen Web Apps Web developers have the option

    to create a manifest fi le (with its display member set to standalone or fullscreen) and serve it along with their website. If they do, that site becomes a Home Screen web app. Then, when you tap on its icon, the web app opens like any other app on iOS or iPadOS instead of opening in a browser. You can see its app preview in the App Switcher, separate from Safari or any other browser.” Web Push for Web Apps on iOS and iPadOS (Apple docs)
  10. @brucel Rule 2.5.6 Apps that browse the web must use

    the appropriate WebKit framework and WebKit Javascript. https://developer.apple.com/app-store/review/guidelines/#software-requirements
  11. @brucel Browsers are powered by an ‘engine,’ which is fundamental

    to browser performance.… Apple bans alternatives to its own browser engine on its mobile devices; a restriction that is unique to Apple. This restriction also seriously inhibits the capability of web apps – apps that run on a browser rather than having to be individually downloaded – depriving consumers and businesses of the full bene fi ts of this innovative technology. https://www.gov.uk/government/news/cma-plans-market-investigation-into-mobile-browsers-and-cloud-gaming
  12. @brucel Gatekeepers and core services Gatekeepers should therefore not use

    their position to require their dependent business users to use any of the services provided together with, or in support of, core platform services by the gatekeeper itself as part of the provision of services or products by those business users gatekeepers should also be prohibited from requiring end users to use such services
  13. @brucel Mozilla spokesperson Damiano DeMonte tells The Verge it’s “extremely

    disappointed” with the way things turned out. “We are still reviewing the technical details but are extremely disappointed with Apple’s proposed plan to restrict the newly-announced BrowserEngineKit to EU-speci fi c apps,” DeMonte says. “The e ff ect of this would be to force an independent browser like Firefox to build and maintain two separate browser implementations — a burden Apple themselves will not have to bear.” The Verge, 26 Jan cited OWA’s Review of Apple’s DMA Compliance Proposal for the Web
  14. Bob Woodward (WSJ): “Does the DMA require Apple to remove

    web apps?” Deiter DMA (EU): “fuck no, they’re lying shitbags, lol” (* Note: this didn’t happen, but Apple taught me that I can say any old rubbish under the guise of “protecting users” and “preventing a Chrome monopoly”, and half the internet will just rabidly defend me.) Wall Street Journal 30 Feb 2024*
  15. @brucel Storage Home Screen Web apps ran in a di

    ff erent isolated context than regular in-tab Web apps. This means that if you were logged in to a Web app from the Home Screen, you need to log in again in the browser tab, and all previously stored data is gone. This includes any data stored in: • IndexedDB • LocalStorage • Media keys • SessionStorage • Service Worker registrations and cache • Origin private fi le system Home Screen Web apps were exempt from Safari's 7-Day Cap on All Script-Writeable Storage, but now they aren't anymore. Unless you use a Web app regularly enough, its data will be evicted from storage. https://blog.tomayac.com/2024/02/28/so-what-exactly-did-apple-break-in-the-eu/
  16. @brucel Deniability At Cryptee, one of the many reasons why

    we chose to release a PWA instead of an app in app stores is because app stores leave traces & evidence of your app downloads, which cause your download history or purchase history to show you're using Cryptee. Whereas PWAs don’t have this disadvantage. They can simply be erased and the browser history can quickly be wiped. Not having any traces or evidence of having downloaded Cryptee o ff ers a level of deniability, which is gravely important for journalists, reporters, activists or peace-workers using Cryptee in high-risk environments, or users who are in abusive domestic relationships, and feel the need to keep their documents private on Cryptee from their abusive partner. https://crypt.ee/download#why-not-app-stores
  17. @brucel Centralized Authority App Store is a centralized store. Apple

    can –and Apple often does– censor or remove apps on behalf of foreign governments. For example in 2021, under pressure from the Russian government, Apple removed a voting app, created by allies of the Russian opposition leader Aleksei Navalny, who was hoping to use the app to consolidate the protest vote in each of Russia’s 225 electoral districts. (https://www.nytimes.com/2021/09/17/world/europe/russia-navalny-app-election.html)
  18. @brucel Slow Approval and Update Cycles we strongly believe that

    Apple shouldn't have the power to dictate which apps can or cannot receive updates. Secondly, in the security & privacy industry every minute counts, and at Cryptee we think the approval process of app stores can sometimes be too slow. For example, in 2018, Apple blocked Telegram from issuing updates after the Russian government ordered the app's removal from the App Store. (https://www.engadget.com/2018-05-31-apple-telegram-ios-app-russia-app-store.html)
  19. “We are indeed looking at the compliance packages of all

    gatekeepers, including Apple,” the European Commission says in a statement to The Verge provided by spokesperson Lea Zuber. “In that context, we’re in particular looking into the issue of progressive web apps, and can confirm sending the requests for information to Apple and to app developers, who can provide useful information for our assessment.” https://www.theverge.com/2024/2/26/24083511/apple-eu-investigation-web-app-support
  20. @brucel Big teeth from March 2024 If a gatekeeper violates

    the rules laid down in the legislation, it risks a fi ne of up to 10% of its total worldwide turnover. For a repeat o ff ence, a fi ne of up to 20% of its worldwide turnover may be imposed.
  21. @brucel There is still a dif fi cult fi ght

    ahead Apple has a legal budget of over $1 billion USD annually. “work out how to get closer to a particular risk but be prepared to manage it it it does go nuclear, ... steer the ship as close as you can to that line because that's where the competitive advantage occurs. Apple had to pay a large fi ne, Tim [Cook]’s reaction was that's the right choice, don't let that scare you, I don't want you to stop pushing the envelope.’ Bruce Sewell - Former Apple General Council
  22. In eight countries, we operate around 900 shops, more than

    24,200 depots in retail and national online shops … With 11,318 employees worldwide, we generated sales of EUR 3.25 billion in 2022. We are a roasted coffee market leader in Germany, Austria, the Czech Republic and Hungary and are among the leading e-commerce companies in Europe. https://www.tchibo.com/
  23. @brucel Why should you care? Because the Web is yours.

    It is a public resource on which you, your business, your community and your government depend… Yet people seem to think the Web is some sort of piece of nature, and if it starts to wither, well, that’s just one of those unfortunate things we can’t help. Not so. We create the Web, by designing computer protocols and software; this process is completely under our control. We choose what properties we want it to have and not have. https://www.scienti fi camerican.com/article/long-live-the-web/ CERN
  24. @brucel Please: sign the Open Letter. Please ask your bosses

    to sign the Open Letter as an organisation. Encourage others to sign the letter and share it. Challenge and correct misconceptions on social channels. Follow Open Web Advocacy.
  25. Further reading? • Open Letter to Tim Cook, Sabotaging Web

    Apps Is Indefensible - the letter, 26 Feb • So, what exactly did Apple break in the EU? - Thomas Steiner, factual list 28 Feb • Home Screen Advantage - Decoding Apple's Ploy To Scuttle Progressive Web Apps - Alex Russell, 25 Feb • Apple makes it official: No Home Screen web apps in European Union “iBiz expresses regret for the impact of its entirely avoidable decision”, The Register, 16 Feb • OWA’s Review of Apple’s DMA Compliance Proposal for the Web - OWA, 29 Jan