Rendered at 13:49:42 GMT+0000 (Coordinated Universal Time) with Cloudflare Workers.
dotdi 6 hours ago [-]
A bit of context: Apple is being forced by different jurisdictions (EU, UK, Japan) to allow third-party browser engines. In all other regions it's still not allowed to use them.
Apple has been maliciously compliant, putting up roadblocks to testing and distribution. For example, the existing Firefox iOS app cannot be simply updated to use Gecko/Servo; it needs to be a new app.
As far as I know, none of the major browser vendors have released apps with their own engines on iOS. I suppose maintaining two (or more) different codebases for US, EU, etc. is not very attractive.
BoppreH 2 hours ago [-]
The other requirements are also pretty vague and give Apple full discretion to remove browsers they don't like:
> Use memory-safe programming languages, or features that improve memory safety within other languages, within the alternative web browser engine at a minimum for all code that processes web content;
> Adopt the latest security mitigations (for example, Pointer Authentication Codes) that remove classes of vulnerabilities or make it much harder to develop an exploit chain;
These allow Apple to take a security-maximalist approach and block alternative browsers that don't include the most performance-killing mitigations possible.
I don't think these points are bad per-se, but within the context of malicious compliance that Apple has already displayed, I'd be scared to invest money on alternative browser for iOS.
glandium 1 hours ago [-]
For instance, rust doesn't support PAC yet https://github.com/rust-lang/rust/issues/73628. Support for PAC wasn't even in upstream LLVM for a while (it now is, but lld still doesn't support it).
rock_artist 4 hours ago [-]
I wonder if there's simple way in the EU or markets that allow non-appstore to install this without TrollStore or something that needs to re-certificate each time.
fl0id 3 hours ago [-]
TrollStore is just for old devices. On devices which natively support alternative stores, enabling something like altstore the first time is annoying (because apple makes it so) but after that it's not a problem and doesn't need to recertificate afaik.
wolvoleo 6 hours ago [-]
The biggest question imo is why does Mozilla not do this
jeroenhd 5 hours ago [-]
One reason is that Apple does not permit regional binaries, so you cannot use the same listing in the EU/Japan/Brazil/whatever other place may force Apple to act sociable and the rest of the world.
Creating a separate app would work, but all existing Firefox users would have to download a second Firefox browser app, probably sync their accounts if they want to keep their data, and then remove the old one manually. You'd end with a Google Meet/Microsoft Teams situation (where one app is labeled "new" and it confuses the hell out of everyone).
Furthermore, developers cannot actually use the released app they've made if they're in the US, where a lot of Firefox devs are.
Then there's the (what I can only presume to be illegal) Apple Tax you need to pay to distribute an app outside of the app store (which is what the Github repo linked is doing), which is an amount paid per user that downloads an app outside of the app store. Epic has promised to cover that cost (out of spite, probably) for one of the major alternative stores, but if they go back on their promises you're suddenly paying Apple so people can use your free app on the phones they bought.
There are also other issues (Apple's arbitrary testing requirements, for one); Apple has once again succeeded in implementing the law in such a way that it's impossible to exercise your rights. Until the next big Apple lawsuit about this, I don't expect browser companies to bother with a non-Safari overlay.
wolvoleo 2 hours ago [-]
Hmm it worked for Microsoft and other companies have also done a switch as you pointed out (I remember facebook splitting off messenger and later putting it back).
> Furthermore, developers cannot actually use the released app they've made if they're in the US, where a lot of Firefox devs are.
Yeah that's a bit insane.
zeratax 2 hours ago [-]
Would they actually need to distribute this app outside of the appstore?
jeroenhd 2 hours ago [-]
Need to? Probably not. Reynard isn't on the app store, though, so Mozilla's efforts wouldn't be very comparable if it wasn't.
Plus, iOS can really use a solid F-Droid alternative.
wolvoleo 2 hours ago [-]
No, in the EU they should be able to distribute this
ghusto 3 hours ago [-]
Sorry, but I don't buy any of that. I've been defending Mozilla for years, but enough's enough.
> but all existing Firefox users would have to download a second Firefox browser app, probably sync their accounts if they want to keep their data, and then remove the old one manually. You'd end with a Google Meet/Microsoft Teams situation (where one app is labeled "new" and it confuses the hell out of everyone)
You're making it sound like a problem, but those actions are trivial. You tell someone who's dying for a non-webkit browser on iOS "well okay, but you know you'll have to download another browser! And even sign-in again!". You really think they care?
> Furthermore, developers cannot actually use the released app they've made if they're in the US, where a lot of Firefox devs are.
They absolutely can, because they're free to install development builds, which is what they should be testing anyway. Regardless, if development starts migrating slowly to the EU, that's a natural consequence.
> Then there's the (what I can only presume to be illegal) Apple Tax you need to pay to distribute an app outside of the app store
This is the only real issue, but even then I'd say Mozilla should take the money they're spending on their current nonsense and spend it here instead. "Our mission is to ensure the Internet is a global public resource, open and accessible to all". Really? Prove it. Furthermore, if we role over on this because of the obviously anticompetitive malicious complience Apple is showing, they win. This is the first step to getting them to remove that fee.
jeroenhd 3 hours ago [-]
> You tell someone who's dying for a non-webkit browser on iOS
Firefox has struggled to get the sliver of market share they have today. I highly doubt that there are that many people like you and me who crave a real Firefox engine on iOS.
> which is what they should be testing anyway
Having a large part of your team be unable to reproduce bugs is a significant development issue. Some of these operating system features are simply not available outside of the EU.
If it were as easy as you're suggesting, Mozilla would have already done it. Google would have already ported Blink over, or Brave, or whatever browser you prefer. So far I think only Ladybird is really trying to go for a custom browser engine, though app store distribution will be an issue until they can pass enough tests (as Apple has decided your browser is not a real browser if it doesn't pass a certain threshold of existing tests).
realusername 3 hours ago [-]
> One reason is that Apple does not permit regional binaries, so you cannot use the same listing in the EU/Japan/Brazil/whatever other place may force Apple to act sociable and the rest of the world.
Well, sounds like the next lawsuit waiting to happen then if the regulations can't be applied because of that
nar001 6 hours ago [-]
If you want to have a browser with a different engine you need a whole different developer account org, you need to maintain two different code bases and you need to very specifically set everything up to pass all of Apple's tests, which are incredibly onerous in time and work, so it doesn't make sense for Mozilla to do so for such a small market share (hell Google doesn't either, and they're a lot bigger than them)
05 3 hours ago [-]
> hell Google doesn't either, and they're a lot bigger than them
It’s more likely that Google is trying to boycott EU initiatives to the extent it can since giving them any support would only turn the public opinion more favorable towards more US tech regulation, and that’s very much against Google’s own interests.
I'm tired of defending Mozilla here, so I have to say that working on their web browser is not a priority for them. In fact, it seems like they're interested in everything _but_ working on Firefox.
inigyou 3 hours ago [-]
Maybe they don't have the legal budget to sue Apple.
i think it's because it will not pass AppStore review
rubnogueira 5 hours ago [-]
This is great and long overdue for outdated devices!
Those devices are forced to use an ancient Safari version of WebKit which includes tons of vulnerabilities that are not patched anymore, and same time doesn't support modern ECMAScript functionalities.
With a modern browser engine, those old devices can be used for valid browser usage.
Glad the apple ecosystem is being opened up (albeit unwillingly) by hackers.
user3939382 3 hours ago [-]
> 16.7.x (excluding 16.7 RC) and 17.0.1+ will NEVER be supported (unless a third CoreTrust bug is discovered, which is unlikely).
I am 100% over the walled garden, lock out, right to disrepair bullshit. If we had a government instead of a quasi-fascist kleptocracy billion+ dollar corps wouldn’t have the power to do this.
zb3 5 hours ago [-]
Did it have to be notarized by Apple or there's a way to use that browser engine extension without it?
Apple has been maliciously compliant, putting up roadblocks to testing and distribution. For example, the existing Firefox iOS app cannot be simply updated to use Gecko/Servo; it needs to be a new app.
As far as I know, none of the major browser vendors have released apps with their own engines on iOS. I suppose maintaining two (or more) different codebases for US, EU, etc. is not very attractive.
https://developer.apple.com/support/alternative-browser-engi...
> Use memory-safe programming languages, or features that improve memory safety within other languages, within the alternative web browser engine at a minimum for all code that processes web content;
> Adopt the latest security mitigations (for example, Pointer Authentication Codes) that remove classes of vulnerabilities or make it much harder to develop an exploit chain;
These allow Apple to take a security-maximalist approach and block alternative browsers that don't include the most performance-killing mitigations possible.
I don't think these points are bad per-se, but within the context of malicious compliance that Apple has already displayed, I'd be scared to invest money on alternative browser for iOS.
Creating a separate app would work, but all existing Firefox users would have to download a second Firefox browser app, probably sync their accounts if they want to keep their data, and then remove the old one manually. You'd end with a Google Meet/Microsoft Teams situation (where one app is labeled "new" and it confuses the hell out of everyone).
Furthermore, developers cannot actually use the released app they've made if they're in the US, where a lot of Firefox devs are.
Then there's the (what I can only presume to be illegal) Apple Tax you need to pay to distribute an app outside of the app store (which is what the Github repo linked is doing), which is an amount paid per user that downloads an app outside of the app store. Epic has promised to cover that cost (out of spite, probably) for one of the major alternative stores, but if they go back on their promises you're suddenly paying Apple so people can use your free app on the phones they bought.
There are also other issues (Apple's arbitrary testing requirements, for one); Apple has once again succeeded in implementing the law in such a way that it's impossible to exercise your rights. Until the next big Apple lawsuit about this, I don't expect browser companies to bother with a non-Safari overlay.
> Furthermore, developers cannot actually use the released app they've made if they're in the US, where a lot of Firefox devs are.
Yeah that's a bit insane.
Plus, iOS can really use a solid F-Droid alternative.
> but all existing Firefox users would have to download a second Firefox browser app, probably sync their accounts if they want to keep their data, and then remove the old one manually. You'd end with a Google Meet/Microsoft Teams situation (where one app is labeled "new" and it confuses the hell out of everyone)
You're making it sound like a problem, but those actions are trivial. You tell someone who's dying for a non-webkit browser on iOS "well okay, but you know you'll have to download another browser! And even sign-in again!". You really think they care?
> Furthermore, developers cannot actually use the released app they've made if they're in the US, where a lot of Firefox devs are.
They absolutely can, because they're free to install development builds, which is what they should be testing anyway. Regardless, if development starts migrating slowly to the EU, that's a natural consequence.
> Then there's the (what I can only presume to be illegal) Apple Tax you need to pay to distribute an app outside of the app store
This is the only real issue, but even then I'd say Mozilla should take the money they're spending on their current nonsense and spend it here instead. "Our mission is to ensure the Internet is a global public resource, open and accessible to all". Really? Prove it. Furthermore, if we role over on this because of the obviously anticompetitive malicious complience Apple is showing, they win. This is the first step to getting them to remove that fee.
Firefox has struggled to get the sliver of market share they have today. I highly doubt that there are that many people like you and me who crave a real Firefox engine on iOS.
> which is what they should be testing anyway
Having a large part of your team be unable to reproduce bugs is a significant development issue. Some of these operating system features are simply not available outside of the EU.
If it were as easy as you're suggesting, Mozilla would have already done it. Google would have already ported Blink over, or Brave, or whatever browser you prefer. So far I think only Ladybird is really trying to go for a custom browser engine, though app store distribution will be an issue until they can pass enough tests (as Apple has decided your browser is not a real browser if it doesn't pass a certain threshold of existing tests).
Well, sounds like the next lawsuit waiting to happen then if the regulations can't be applied because of that
It’s more likely that Google is trying to boycott EU initiatives to the extent it can since giving them any support would only turn the public opinion more favorable towards more US tech regulation, and that’s very much against Google’s own interests.
Those devices are forced to use an ancient Safari version of WebKit which includes tons of vulnerabilities that are not patched anymore, and same time doesn't support modern ECMAScript functionalities.
With a modern browser engine, those old devices can be used for valid browser usage.
Glad the apple ecosystem is being opened up (albeit unwillingly) by hackers.
I am 100% over the walled garden, lock out, right to disrepair bullshit. If we had a government instead of a quasi-fascist kleptocracy billion+ dollar corps wouldn’t have the power to do this.