I'm a little concerned about the new Safari interface [0], which very smoothly integrates the tab/address bar with page content. For example, the background color of the page flows behind the open tabs such that it looks like one unified interface, rather than browserchrome || pagecontent.
This is all great to experience as web apps increasingly take over the functions of native apps. It does help them feel more like first-class citizens, rather than plain documents pulled up through a program.
But it easily brings up new potential abuses by phishing sites, spammy notifications, and other bad actors. The new design seems to start breaking down the browser UI's Line of Death [1], at least in perception.
> I'm a little concerned about the new Safari interface
Having used it for a few hours, I'm hoping someone sees sense and gives this a good UX going over before release because it's currently unpleasant to use. The motion at the top with the tabs swiffing[1] about is distracting; some sites colour the whole top which is another huge motion flash; and finding the address bar requires scanning because it's not in a fixed position.
There's also an optical effect where switching between a site that's coloured the top and one that hasn't makes it look like the whole browser is jumping up at down due to the contrast boundary at the top of the page. All of this is going to make motion sensitive people even more unhappy.
It is a risky move to mess with people's browser experience. It does look good though, I use Chrome and won't be changing for that but it does show thoughtful changes, perhaps even practical!
> All the user’s requests are then sent through two separate internet relays. The first assigns the user an anonymous IP address that maps to their region but not their actual location. The second decrypts the web address they want to visit and forwards them to their destination. This separation of information protects the user’s privacy because no single entity can identify both who a user is and which sites they visit.
This sounds a little like a VPN but also like tor. I don’t really understand what it’s saying
We are all guessing at how it works, but if I were to try to translate that description I would guess that the first hop is used to anonymize the source address and it relays with an address that provides a region or country (so things like web site language or geo restrictions continue to work) but that the actual destination is encrypted to a key held by the second hop. The second hop passes along the generic IP address as the source, decodes the destination, and makes the connection. Address anonymizer does not know the destination, exit node does not know the source and only sees a regional pool IP address.
> Users can also find out with whom their data may be shared by seeing all the third-party domains an app is contacting.
Finally! Hopefully this sunlight makes some of the cockroaches go away.
Yes, data can be shared server-side, but that reduces the economics of the tracking industry because of the added cost of bandwidth and complexity of supporting different server types instead of just an iOS SDK.
unfortunately, with the rise of cdn's, it's become much more difficult to differentiate useful connections from tracking/nefarious connections. oftentimes, you just get a generic cloudflare or aws server node, rather than the actual 3rd-party. sometimes the reverse lookup goes a step further to determine the final recipient of a connection, but not often.
Safari gamble and UX oddities will take some time to go either way I suppose.
Privacy leadership? I don't think a good portion of Apple's userbase (iOS consumers) care really and are happy with whatever babyified UI updates they've released and living inside the walled ecosystem
how long before crony governments like India demand
backdoor" into this network in the name of "national security" and "fighting heinous crimes of piracy" because now laws like DMCA don't really matter. a user watches a pirated movie on abc website. the lawyers of big movie company demand list of users who they want to go against for copyright strikes but the company now has no records a la lavabit.
same for india who has gone against cartoonists now because the ruling government is scared of its "image" being tarnished by cartoonists and they want to punish them wild west style.
good luck sicking this against governments
The hiding of the geolocation of the user is going to be a nightmare for gambling websites and other websites who have regulations based on the visitor's jurisdiction.
These websites can still use the JavaScript GeoLocation API[1], can they not? The article just talks about removing the ability to ascertain a users Geo-location via their IP address (unless I've missed something which is very possible at this hour). I'm not at all familiar with these services or their respective regulations but it seems, however, if the need for Geo-location exists, it may still be had if the user allows it. (via the permission prompt displayed when activating the JavaScript API).
If spammers will use this feature too, won't this lead to websites displaying non-stop Captchas for every user coming via private relay, similar to VPN/Tor?
Craig Federighi: Because of this dual-hop architecture, neither Apple nor the relay station knows both who you are and where you are going. Apple knows who you are (because you are using iCloud Private Relay), but it doesn’t know where you’re browsing. Its third-party partner knows where you are browsing–but not who you are.
[+] [-] jacobajit|4 years ago|reply
This is all great to experience as web apps increasingly take over the functions of native apps. It does help them feel more like first-class citizens, rather than plain documents pulled up through a program.
But it easily brings up new potential abuses by phishing sites, spammy notifications, and other bad actors. The new design seems to start breaking down the browser UI's Line of Death [1], at least in perception.
[0] https://www.apple.com/v/macos/monterey-preview/a/images/over... [1] https://textslashplain.com/2017/01/14/the-line-of-death/
[+] [-] zimpenfish|4 years ago|reply
Having used it for a few hours, I'm hoping someone sees sense and gives this a good UX going over before release because it's currently unpleasant to use. The motion at the top with the tabs swiffing[1] about is distracting; some sites colour the whole top which is another huge motion flash; and finding the address bar requires scanning because it's not in a fixed position.
There's also an optical effect where switching between a site that's coloured the top and one that hasn't makes it look like the whole browser is jumping up at down due to the contrast boundary at the top of the page. All of this is going to make motion sensitive people even more unhappy.
[1] best way I can describe it.
[+] [-] topicseed|4 years ago|reply
[+] [-] mark_l_watson|4 years ago|reply
[+] [-] michelb|4 years ago|reply
[+] [-] gentleman11|4 years ago|reply
This sounds a little like a VPN but also like tor. I don’t really understand what it’s saying
[+] [-] evgen|4 years ago|reply
[+] [-] ShinyNewFeature|4 years ago|reply
[+] [-] diebeforei485|4 years ago|reply
Finally! Hopefully this sunlight makes some of the cockroaches go away.
Yes, data can be shared server-side, but that reduces the economics of the tracking industry because of the added cost of bandwidth and complexity of supporting different server types instead of just an iOS SDK.
[+] [-] clairity|4 years ago|reply
[+] [-] ChrisArchitect|4 years ago|reply
Privacy leadership? I don't think a good portion of Apple's userbase (iOS consumers) care really and are happy with whatever babyified UI updates they've released and living inside the walled ecosystem
[+] [-] 2Gkashmiri|4 years ago|reply
same for india who has gone against cartoonists now because the ruling government is scared of its "image" being tarnished by cartoonists and they want to punish them wild west style. good luck sicking this against governments
[+] [-] topicseed|4 years ago|reply
[+] [-] Nicksil|4 years ago|reply
[1]: https://developer.mozilla.org/en-US/docs/Web/API/Geolocation...
[+] [-] laegooose|4 years ago|reply
[+] [-] selsta|4 years ago|reply
It's not a system wide VPN that can be used by spamming tools.
[+] [-] random314|4 years ago|reply
[+] [-] fsflover|4 years ago|reply
[+] [-] aaomidi|4 years ago|reply
[+] [-] khana|4 years ago|reply
[deleted]
[+] [-] intricatedetail|4 years ago|reply
[+] [-] HatchedLake721|4 years ago|reply
https://www.fastcompany.com/90643627/apple-privacy-wwdc-priv...
[+] [-] ShinyNewFeature|4 years ago|reply
[+] [-] asddubs|4 years ago|reply