11 comments

[ 3.0 ms ] story [ 35.2 ms ] thread
I'd love to see actual usage statistics because I don't think this is true based on my own observations. I myself avoid most apps since they're packed with analytics libraries but the common user seems to prefer actual apps on mobile. It's a request my team frequently gets even when our website is fully optimized for mobile usage.
I think it's a trained behavior for a lot of users to default to wanting a mobile app instead of going to a mobile site because, at least in my experience, 9 out of 10 times the mobile web experience is flaming garbage and just infuriates me. I'm not including the sites that create specific pop-ups to use their mobile app either, like ignoring those I still find most sites just don't feel good on mobile compared to if they have an app version available.
I'm not sure it's just trained behavior. There are also things like:

- permission and privacy controls work better for native apps

- native apps can run in the background (I'm not familiar with backgrounding a specific site and letting it work or send notifications).

- controlled app lifecycle, with a webapp all the latest garbage is always getting pushed to me. With a native app I can disable automatic updates and stick with a version (until the underlying API breaks, which is unfortunately often in my experience).

Also generally speaking, apps are better in that they’re nowhere near as bad as the web can be when it comes to being intrusive/annoying/demanding, and oftentimes even ads are better behaved in apps - it’s usually just a single banner or occasional interstitials, and even then there are limits on how much they can do automatically (no pinball machine redirect chains and nothing can force the user to leave the app).

This is because it behooves app devs to ensure that both their apps and any ads in them are reasonably well behaved, because if they aren’t, the user will uninstall the app with zero remorse, find a better behaving alternative, and likely never return. There’s not even a chance of some random link they encounter bringing them back to the app.

In short, most apps lend users a greater sense of control, whether it’s actually true or not (I’d say it’s a half truth).

Obviously the fix for this is for browsers to pull in the reigns on what’s possible in the name of improving user experience, placing native app-like restrictions on web apps and ad networks. This seems unlikely though, given how it would probably spur the wrath of many web app devs...

  in my experience, 9 out of 10 times the mobile web experience is flaming garbage
In my experience, 9 out of 10 times the app experience is both flaming garbage and an additional privacy suck.
What I have noticed is apps are still to hard to download for the masses. Throw in free space problems/confusing app stores and people have stopped downloading new apps for everything & anthing and now really only download the top 10.
With native apps, it's at least possible to preserve some semblance of privacy and control over your own data. Granted, most native apps are just thin UI layers on top of a REST API, but certain things aren't possible to implement like that without putting sensitive data in the cliud. OTP generators and password managers, for example. The native app data sandbox offers a level of security not possible in a webapp.
> The native app data sandbox offers a level of security not possible in a webapp.

I call BS :-) Can you share an example of something that can be done more securely in a native app than in a webapp?

On iOS the opposite is true: apps can't spawn processes, so you can't isolate your native code, so if some part of your app is compromised the whole app is compromised. With websites you can have iframes on different domains which (assuming your browser is decent) will run in different processes.

I don't get this at all. You seem to allude that the "native app data sandbox" gives some sort of security or privacy not possible in a webapp, but webapps are restricted by default, able to run without being installed on your system and are run in a much stricter sandbox than a native app is.

If you value privacy and security I don't see anything that would favor a native app over a webapp. I do understand the performance and native integration arguments for a native app, but saying a native app by definition offers more privacy or security seems odd.

'web apps' can be even further restricted by using browser plugins (e.g. privacy badger, noscript, ublock origin, etc). You don't get that kind of control with native mobile apps unless you have access to the source code and can modify/build it.
I really like native apps, but I think security is eventually going to be a big driver of many apps turning towards the mobile web or at least some kind of universal platform (Microsoft with UWP and Oracle with MCS both have this).

The incredible demand for features from customers without a lot of care to much else other than maybe uptime is going to shift.

People handing over data, wanting to interact with software, etc will be limited either by shifts in customer sentiment or government mandate. For instance, perhaps every release of software has to be signed off by the CTO who is legally liable for the security of the software unless he took reasonable precautions, similar to environmental law.

Anyway, securing web apps is much easier due to the knowledge we have about how they should work and the fact that it’s an older, more well known platform. The RSA conference recently that leaked all of the attendees data was a stitched together mobile app not surprisingly.

Anyway not sure if it’s going to be a shift one way or the other 100%, but however it plays out security is going to be a big driving force in platform choice in ways it hasn’t been previously.