I’m not sure why I read this in a negative tone, this is fantastic.

I'm not sure about other browsers, but Firefox asks once per website that wants a push, and even that can be turned off.

What's fantastic about not even having the option? What's fantastic about having to pay $100/year or reinstall your apps once a week, in addition to having Apple MITM any notifications?

Battery life is the main reason for this it seems. It's not about "having the option" it's "if you give devs the option they will use it leading to an overall worse experience." Web push notifications can't possibly leverage the single low-power TCP connection that iOS (and Android with gplay) devices keep open.

Push notifications in the way that phones do it are necessarily platform and service specific.

You don't have to allow Apple to MITM your push notifications BTW. Just send a generic ping to your app, and when it wakes up pull the actual content from your server and display the notification.

What's fantastic about a vendor intentionally ignoring multiple standards, in favor of their own walled-garden? You might be ignoring the wishes of actual users when you say it's "fantastic."

I'm only speaking as a user.

As a user I don't want push notifications from websites.

I know there are some exceptions (like messengers), but really, those should be apps because Apples centralised push messaging system is better for my battery life.

If you don't need that, you can cmd-comma and disable that.

But there's no such an easy way to enable a feature you need, but which wasn't implemented.

I do not want an opt out, I do not want it.

I _do_ _not_ want it.

I do not want it to be expected.

I do not want it to be assumed.

I do not want to have to configure anything.

_I DO NOT WANT IT_

So, you're fine with it to be off by default?

Ok, but your preference isn't everyone else's! You can disable the pop-up asking you for push notifications on all relevant browsers, afaik.

It’s why there are no self hostable chat apps.

A better option would be for users to be able to select alternate push servers.

What's fantastic about native apps?

I mean, I know why nation-state attackers love them - it's super easy to exploit them, and once you do, you have full access to everything in the user account (including all browser login sessions). But what's the advantage to users?

> I mean, I know why nation-state attackers love them - it's super easy to exploit them, and once you do, you have full access to everything in the user account (including all browser login sessions).

Not on mobile.

Sure, true. Mobile browsers also tend not to support all these features, so on mobile, I don't object to a native app.

I am responding specifically to the claim that once you've exploited an app, you have full access to the user's entire account (which is true to some extent on desktop platforms, but not on mobile OSes by default). I left a comment elsewhere about the kind of attack you're talking about: https://news.ycombinator.com/item?id=22632756

I see. Indeed, I agree it is not super easy to access everything on the mobile.

But I am still convinced that having a myriad of different apps, most of which are developed without real regards to security, makes the attack surface much larger -- e.g. you are likely to find a popular exploitable app that already has legitimate access to user data (such as "all the time" location data, contacts, calendar, ...) - as NSO did with whatsapp.