Re: [w3c/manifest] Ability to dynamically change app icon (#663) from Jerry Green on 2024-02-08 (public-webapps-github@w3.org from February 2024)

From: Jerry Green <notifications@github.com>
Date: Thu, 08 Feb 2024 14:29:37 -0800
To: w3c/manifest <manifest@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <w3c/manifest/issues/663/1935034960@github.com>

No, Apple doesn’t ask user each time a native app wants to change an icon. I often seen icon change for Christmas / New Year, that’s some small changes but kinda cool, making holiday atmosphere. It wouldn’t make any sense changing it if it requires some checks from user. Some other apps, like if stock is green/red, might change every hour – and it would also make zero sense asking for change each time.

On such platforms like Apple there’s one thing: if an app gets reported for malicious use, it’s probably delivers some notification for other users before they launch it, for known malicious use – if it’s minor. And probably blocks completely if it’s something big. Never seen any app tried to do such malicious stuff though. Probably the potential attacker knows this fact, therefore they don’t even try to do such malicious activity.

It is interesting though, how would Apple solve this issue for native apps when they installed outside of their store – since it’s allowed to use outside stores in EU now, and probably more countries to come. I mean, Apple not gonna review every single website, like even those which aren’t in a single way related to Apple, right? Same with Google or whatever company. So the way Apple does the regulation for their app store, – cannot fit for the web use-case. There can’t be just single party responsible for regulation.

It’s probably solvable with some decentralized system, where if one person reports it, the notice propagates to other people directly without third-parties, and if they confirm – it propagates to more and even more people, until Al users of such PWA confirm that. Similar to Bitcoin mining but it’s not the CPU making a confirmation, instead a human does. Something like that. And on the other hand, if a user does a false-report, it does propagate to a couple people but since they don’t confirm, it doesn’t propagate any more. Not sure about exact details though, since I never done such a system.

--
Reply to this email directly or view it on GitHub:
https://github.com/w3c/manifest/issues/663#issuecomment-1935034960
You are receiving this because you are subscribed to this thread.

Message ID: <w3c/manifest/issues/663/1935034960@github.com>

Received on Thursday, 8 February 2024 22:29:42 UTC