Are web apps better for privacy compared to native apps?
1651 sats \ 8 comments \ @Sourcewire 19 Oct 2023 tech
Say I want to use discord, is it better from a privacy standpoint to use it as a web app compared to downloading the actual app? I'm assuming yes, because I assume the downloaded application will come with more tracking and telemetry. I'm not sure though, interesting in what y'all know about this.
write
preview
related posts
121 sats \ 0 replies \ @nikotsla 19 Oct 2023
A good test is to use tor browser and try to register/login/use some of those webapps, if it's working, the webapp is trying to tracking you or don't like to don't know you.
reply
152 sats \ 1 reply \ @shyfire 19 Oct 2023
Correct typically this is the case but that doesn't mean you can assume web apps are privacy preserving, quite the contrary.
There are tradeoffs so it's hard to say web apps are categorically better, but it's probably a decent heuristic to say they are.
From a networking perspective with a native process and running a firewall such as Little Snitch, you can have exact control over the network connections a process makes, whereas with a web app you typically can't control that very easily.
But then it gets worse with native when you look at telemetry. The discord EXE hoovers things up such as all the processes running on your machine and sends this to their servers. If you doubt this just request all your data under GDPR law (or get a friend to) and look at it yourself. Browser APIs just don't support that kind of thing.
reply
100 sats \ 0 replies \ @sebastix 19 Oct 2023
From a networking perspective with a native process and running a firewall such as Little Snitch, you can have exact control over the network connections a process makes, whereas with a web app you typically can't control that very easily.
This! This is why I Little Snitch when I don't trust a app or website. You can inspect all requests that are made to it - https://help.obdev.at/littlesnitch4/adv-traffic-capture
If this is too overwhelming to you, you can start with https://obdev.at/products/littlesnitch-mini/index.html (it's free)
reply
110 sats \ 1 reply \ @Zepasta 19 Oct 2023
  • Always use PWAs when possible.
  • The less apps you install, the better.
  • PWAs are way more secure, altough native apps will have better performance.
Twitter is a good example. Their PWA is not as good as the native app, but still does the trick.
reply
0 sats \ 0 replies \ @ek 19 Oct 2023
You mean secure from a privacy standpoint. Native apps have access to more security features afaik.
reply
100 sats \ 0 replies \ @Tjacten 19 Oct 2023
It would be really great if web apps allow me to run PWAs in incognito mode like I always do when I'm browsing or going to sites like discord. That way I never leave my cookies crumbs behind when finish.
reply
100 sats \ 1 reply \ @Actuary 19 Oct 2023
I use PWAs when available. I think having fewer things installed is more secure.
reply
100 sats \ 0 replies \ @ek 19 Oct 2023
It is more secure :) less attack surface!
Best code is no code!
reply