In this sense, it’s actually a good thing Chrome and others aren’t allowed on Apple. As someone whose fought against the App Store lockdown, I think I’ve come around a bit. The web is in a weird way a better place for apple locking down the browser choice.
they are not allowed to use their engine on iOS, they are just a customized skin over safari/webkit (and I honestly think that’s the right way, as google has no interest in saving iPhone battery).
The problem with browser engines is that they require just-in-time compilation to be fast, and Apple wants all code in an app to be signed and available to inspection. JIT compilation requires a way to add new, unsigned code to the process.
That’s a rabbit hole of DLC, plug-ins and vulnerabilities they don’t want to go into.
They control that the Safari JIT doesn’t enable DLC or plugins because the web view control it runs in can’t be used to implement this.
With regards to vulnerabilities, they are mitigated as much as possible by making sure the JIT runs in separate, unprivileged processes. And anyway it is easier to secure one Javascript engine that is included in OS updates than it is to keep a multitude of engines up to date which came with apps most people don’t even think of as a browser.
reply