Novel technique allows malicious apps to escape iOS and Android guardrails - eviltoast
  • WhatAmLemmy@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    ·
    edit-2
    3 months ago

    That’s not really playing devils advocate. You’re correct. I was just highlighting the headline was disinformation. It’s true that the average user isn’t aware of the difference, but I would blame the OS for not making that explicit on install that this is a website and that authenticity should be triple checked. There’s also nothing stopping them from “installing” PWA’s via their app stores, except for their greed.

    • Ghostalmedia@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      I guess I’m saying that I didn’t think the headline was too bad. There is a new PWA install flow that’s widely available on Android now, and phishing via that new PWA install UX is potentially a new hot area. I’m not particularly offended by calling that novel. Just my 2¢

    • trolololol@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      3 months ago

      There’s also nothing stopping a malicious actor from putting a malicious app in the store, whether that is a wrapper on JavaScript or native code. So I don’t see the distinction at all from having pwa or native apps barriers because they’re all weak.