• @[email protected]
    link
    fedilink
    English
    6
    edit-2
    2 months ago

    Sure, I didn’t say they use the system browser - I said the opposite. I’m saying the OS should be able to block non-HTTPS connections. If you have control of the OS you can control what protocols are used by apps, unless I’m missing something.

    What cases are there for non-HTTPS? I can’t think of any. It’s 2024. All communication should be encrypted.

    • Avid Amoeba
      link
      fedilink
      English
      2
      edit-2
      2 months ago

      The OS interfaces provided to apps (generally POSIX) have no idea what HTTP is. They’re much lower level than that. If an OS is to control what protocols are used by apps, it has to offer some functionality that does HTTP for the apps and apps have to use it. Unfortunately the only way to force that would be to disable the general OS interfaces so that apps can’t just use existing libraries that use those. If you did that your OS would become useless in other ways that rely on the basic interfaces.

      The other way the OS could do anything about it is to inspect network traffic going over its network interfaces. That would be a significantly different can of worms and it’s not free in terms of processing power and therefore battery. Then you’d have the screams of privacy people that Android or iOS is looking at all network traffic.

      So all in all, the OS isn’t very well suited to police application level protocols like HTTP. At least not on devices whose primary purpose isn’t network traffic related.