• Ghostalmedia
    link
    English
    64 months ago

    Mobile dev here.

    I’ll play devil’s advocate. Android streamlined the PWA install experience a few years ago. You no longer need to drill into a menu and select an add to Home Screen option.

    On one hand, have more users using a better mobile experience, but on the other hand, I now have a lot of users that think they installed the native app.

    I don’t think the end user should need to care about my tech stack, but I could see how a malicious actor could dupe people with this newer streamlined PWA install flow. These malicious actors probably caught a lot less people with the old menu > add to Home Screen flow.

    • @WhatAmLemmy
      link
      English
      2
      edit-2
      4 months ago

      That’s not really playing devils advocate. You’re correct. I was just highlighting the headline was disinformation. It’s true that the average user isn’t aware of the difference, but I would blame the OS for not making that explicit on install that this is a website and that authenticity should be triple checked. There’s also nothing stopping them from “installing” PWA’s via their app stores, except for their greed.

      • Ghostalmedia
        link
        English
        14 months ago

        I guess I’m saying that I didn’t think the headline was too bad. There is a new PWA install flow that’s widely available on Android now, and phishing via that new PWA install UX is potentially a new hot area. I’m not particularly offended by calling that novel. Just my 2¢

      • @trolololol
        link
        English
        14 months ago

        There’s also nothing stopping a malicious actor from putting a malicious app in the store, whether that is a wrapper on JavaScript or native code. So I don’t see the distinction at all from having pwa or native apps barriers because they’re all weak.