>>> Use memory-safe programming languages, or features that improve memory safety within other languages, within the alternative web browser engine at a minimum for all code that processes web content;
AFAIK all major engines are written primarily in C++. This "features that improve memory safety" is worryingly vague, and we already know Apple goes out of it's way to make these rulings less useful.
I wouldn't be surprised if they rejected both Firefox and Chrome on these grounds.
did the judge say it had to be written in a memory safe language? Honest question. Otherwise, this seems just like they're looking for a loophole knowing neither their browser nor chrome or Firefox are written in completely memory safe languages. Seems like grounds for a big fine.
I have my doubts. Do they even provide any support for apps on the app store? At the same time they’re paing truck load to lawyers and are about to fork off 10-20% of their global revenue for playing a subborn teenager.
Apple spends less on supporting app developers than many app developers want, but spends more than nothing. If an end user uses Feedback Report, Apple will spend less time/money on the report than the end user wants (and less than I think fair) but again, it's more than nothing.
Personally I think you can lower the cost by just making it difficult on the end-users side. If you put a scary pop up and require the password and bury it in the setting then boom, grandma who doesn't know the difference between wifi and the internet won't have issues.
(FYI you've submitted this comment twice about 1.5 minutes apart. I've voted for the older one rather than this one. Mods/dang: maybe the two reply sets should be merged?)
Allowing alternative app stores and browsers is likely to lead to more security issues, more users using tech support resources because a dodgy app downloaded from a 3rd party app store they installed broke their phone in odd ways and will likely increase expenses without increasing revenue.
Because let's be honest, most of the population does not even understand the idea of "app store" beyond THE app store the same way they don't understand the idea of "search engine" beyond Google Search. If Chrome only allowed you to use Google Search as the search engine, most people wouldn't complain. This is the same. As long as they can download their [insert Big Tech Company here] walled garden app, most will not complain. But if their phone starts misbehaving because of a rogue app from a dodgy app store or phones suddenly get more expensive to compensate for higher costs incurred by Apple for their development and support of third party app stores and browsers most will complain.
UPDATE: getting downvoted for pointing out the reality. Most people are not hackers. They don't want customisation options. They are happy with a default store or browser as long as it is good enough. If you want options, Android is there
> Allowing alternative app stores and browsers is likely to lead to more security issues
This is a false argument because even the first party offerings have security and privacy issues. Apple has redefined what "privacy" and "security" means to imply "only things we make" as a sort of selling point. Yes, they make OK things, but who is to say someone can't make something better? Cooler? Funkier?
Also, what happens when the entire planet is vulnerable to the same flaws? It's rhetorical - you get security companies offering services to unlock and decrypt devices for anyone willing to pay them. And what happens when Apple decides to say... remove XX category of apps by a government request? You end up with people owning very expensive slabs of glass and titanium because they weren't allowed to look for apps elsewhere. Apple's way is not the way.
Yes, they do. And allowing third party app stores and browsers only leads to more security and privacy issues.
No one is saying that Apple apps don't have issues. The point is that allowing more entities to make and run these apps on iOs will just make it worse. And having security issues in app store or in a browser is a far more problematic thing than a security issue in a random app. Especially if the app store or browser is run by someone that is not Apple.
There are more phone users than PC users though. Stats estimate a 4 billion difference. Can you imagine the costs of having just an increase of 400k users flooding your shops and online forums for help because of one of these third party stores/browsers? It makes sense if you could do this in the very beginning (as it was the case for PCs) but for smartphones that were closed since the beginning (it is downhill in the cost/revenue world)
There are plenty of vulnerabilities for old versions and plenty of people that don't install updates or have out-of-support phones. I need look no further than my immediate family to have multiple examples of both (yes I help them manage this). Yet I've never heard of anyone experiencing negative consequences from not updating a phone. (At least, not beyond some high-profile people that made the news.) Computers, sure. But why not phones? Is the data on there not valuable enough? Too often sync'd to a server?
I don't know but there's something here beyond the ability to install software like you've always been able to do on Android
> Because let's be honest, most of the population does not even understand the idea of "app store" beyond THE app store the same way they don't understand the idea of "search engine" beyond Google Search.
I think you should show more respect for your users. Walled garden should be an opt in/out. Not long ago most of the population didnt know how to use a PC beyond turning it on, and lots of people thought Windows 95/98/2000 as equivalent to their PC.
Not sure how is this relevant. The mobile market is just on another level in terms of users and money. Apple is a business not a charity. It makes sense that they don't want to incur in expenses that don't increase revenue. Tech nerds have this idea that tech businesses should do stuff just because. Do you ask your milk provider to incur in more expenses just because?
It would be different if Apple had made some pledges or commitments towards this. But it hasn't. Its only commitment is to make money for the shareholders. Everything else is secondary
> Allowing alternative app stores and browsers is likely to lead to more security issues, more users using tech support resources because a dodgy app downloaded from a 3rd party app store they installed broke their phone in odd ways and will likely increase expenses without increasing revenue.
I commented this already, but I would expect iOS sandboxes apps in such a way that it doesn't have any impact on other parts of the phone even if the app is hacked for example.
> their tech support not being ready to face new problems.
One of the largest, most valuable companies on the planet which ships phones, computers, makes their own chips, operates their own cloud service, builds frontier tech devices, but their tech support can't handle some new problems? Does that really seem likely? Or a problem that they couldn't solve if they wanted to?
> One of the largest, most valuable companies on the planet
> but their tech support can't handle some new problems
Now you know WHY it's one of the largest. Tech support doesn't scale. Making millions of copies of the same device and making things once then distributing does scale and brings a lot of profits.
They are just trying to uphold their monopoly seriously.
Anyway, it will come the one or the other way — everywhere. It's just a matter of time, but on top people will fingerpoint even more at Apple, and it will have a much broader negative impact for Apple than simply by introducing it. With all their recent acting they are just confirming that's all about market power and greed.
All of these requirements look good for user security and privacy. I don't want apps to bring their own Blink or WebKit fork with all sandboxing and cross-site tracking protection disabled. I'm fine with apps bringing their own engine with the goal of performance or better user experience. These requirements enforce those expectations.
There seems to be a concern that Apple will use these requirements to ban every single alternative including Blink and Gecko. I doubt that is the case since the purpose of these changes is to allow reliable, responsible players to run their engines on iOS without giving the keys to the kingdom to every app that requests it. Banning Google or Mozilla would not satisfy the EU requirements. Banning BlinkButItAlsoMinesCrypto is fine.
The only additional thing I'd want as a user is transparency. I want to know if an app with a WebView is using WebKit, Blink, Gecko or EngineNobodyHasEverHeardOf.
> I don't want apps to bring their own Blink or WebKit fork with all sandboxing and cross-site tracking protection disabled
Facebook's apps happily do this with the built-in WKWebView and then injects its own malicious Javascript to ensure it spies on what's within the page. You do not need to run a separate browser engine to do this.
It's disappointing that the rhetoric about Apple's anti-competitive restrictions being for "security" still persists to this day especially on a technical forum.
I still haven't seen any arguments why these restrictions aren't good for users. Just a bunch of assumptions that these restrictions are a fig leaf. For a technical forum, I would expect more discussion around the actual details. Instead many people are building a strawman and fighting that instead.
Assume for a moment that Apple will allow alternative web engines as long as they follow certain user privacy and security guarantees. (Given that the company has announced this and it's legally mandated, I think this is a safe assumption.) In that case, are users better served with or without these requirements?
Because they strengthen monopolies, while providing little (if any) security benefits.
Furthermore, there's been plenty of prior examples of malicious apps passing app review, where an optimistic interpretation would be that app review is completely ineffective, and pessimistic would be that app review was more about the security of Apple's profit than their end-users'.
> In that case, are users better served with or without these requirements?
Promoting safe development practices is good, but in practice it will change little because they have no way of enforcing them (see aforementioned gaps in app review).
That’s like saying everyone should carry grenades around because trained soldiers do. Linux servers do get compromised by people installing dodgy software but it’s nowhere near the scale of the same thing happening on PCs and phones because servers are mostly operated by people with the discipline and skill not to add some random site to their package manager.
Anyone who’s ever supported normal people or even talked with their extended friends and family knows that this is not something you can assume for systems used by the general public. There’s a huge industry social engineering people into installing dodgy software to get deals, porn, games, address scary security threats, etc. and the billions of dollars they made annually means that when your grandfather is on the phone with the call center person walking him through turning off every security measure, he’s probably thinking that they’re more helpful than his actual bank.
If normal people ran Linux, they’d be just as prone to run “sudo add-apt-repository“ as they are clicking through the Windows prompts now.
> because servers are mostly operated by people with the discipline and skill not to add some random site to their package manager.
I have the discipline and skill. I want to be able to run what I want. I don't need "help" from Apple. You will always have a choice of not installing an alternative app store, just like on Android.
> If normal people ran Linux, they’d be just as prone to run “sudo add-apt-repository“ as they are clicking through the Windows prompts now.
I installed GNU/Linux for my relatives, and they never did that in years.
This might even be true but that just means you aren’t the target market. Nobody is stopping you from running a full open source stack but I don’t think it should come as a surprise that 99% of the people using computers pick something easier and safer to use when it’s not your job or hobby. My Linux desktop experience goes back to 1994 and while it’s a lot better now I still have zero trouble understanding that trade off.
> I installed GNU/Linux for my relatives, and they never did that in years.
Again, think mainstream. Where that’s happened historically was most server-side stuff because Linux has much greater share there, but most of the business compromising users is focused on Windows, Android, iOS, and maybe macOS because that’s where almost all of the people they’ll make money from are. If desktop Linux became more popular, attackers would spend time on it and would have comparable success rates – likely even higher due to how far behind the Linux world is compared to macOS on sandboxing and code signing. Free software is a great thing but it doesn’t have magic pixie dust obviating the need to spend time on security like everyone else.
> Nobody is stopping you from running a full open source stack
Where are the instructions how to do it on an iPhone? No, even on Android it's impossible due to closed drivers and specs, making a lot of e-waste and, conveniently for corporations, a lot of sales of new devices every time the support is ended.
It seems to me that the duopoly removed any freedom to run what I want from me.
> It seems to me that the duopoly removed any freedom to run what I want from me.
They put a block on your credit card preventing you from buying a Purism or PinePhone? That sure is devious – or perhaps an indication that the market is behaving rationally and the real problem you’re encountering is that the 90th percentile buyer values different characteristics than you do.
> a lot of sales of new devices every time the support is ended.
If this is your concern, you should be pushing for laws regarding recycling to cover the majority of devices which are discarded after something fails. People routinely use old devices until they break, and the thing forcing upgrades is something like their bank not supporting an OS which no longer receives security updates, which won’t be resolved by flashing a completely unsupported OS.
I do use the Purism phone as a daily driver. The heavy weight of the duopoly made open specs and drivers impossible in the mobile ecosystem l, as every single manufacturer refuses to release their firmware and drivers. A lot of such projects failed in the past despite a significant demand (proved by many sold Pinephones). My phone is based on the motherboard from a completely different industry (automotive). That made this phone very expensive and simultaneously very slow, heavy and inefficient, compared with all modern smartphones. More details: https://puri.sm/posts/breaking-ground. Making this phone almost killed Purism the company; even today they can't provide all promised refunds.
> and the thing forcing upgrades is something like their bank not supporting an OS which no longer receives security updates, which won’t be resolved by flashing a completely unsupported OS.
Why wouldn't it be resolved by installing a secure, supported GNU/Linux? Only because banks force you into the duopoly. More alternatives would push the change.
> If this is your concern, you should be pushing for laws regarding recycling
This is exactly why I support forcing Apple to provide a way to run what I want. Not because of the egoism. I don't even have an iPhone.
> There’s a huge industry social engineering people into installing dodgy software to get deals, porn, games, address scary security threats, etc.
But that happens everywhere, though. These same social-engineering ads show up in Safari, can manipulate you into giving away your banking details for a Nigerian prince or tossing your SSN and debit card into a little autofill HTML box. Call-center scammers will abuse your iPhone's callerID to make people think they're talking to the IRS or their car dealership. These scams are nothing new, locking out features doesn't "help" users any more than disabling the phone or browser does. Safety is Apple's abusive catchall excuse that they wheel out when they have to make the poison-pill taste like candy.
The real kicker is that Apple's own App Store has been caught hosting malware. You can't really claim the open web is some scary harbinger of manipulative software when Apple's own first-party service has been caught hosting fake LastPass apps and abusive weekly-subscription services. Meanwhile on Android, I get my favorite apps off Github and don't have to interact with the enshittification-encumbered Google Play Store.
You might want to consider relative scale: yes, there has been malware in the App Store but the questions you should be asking are how long it stays there, how quickly it’s blocked and existing installs removed, and what level of access it had. Look at the product pages for spyware marketed to distrustful parents and abusive spouses, for example, and notice how much less they can do on something like iOS or ChromeOS compared to a full desktop operating system and you’ll understand why this is discussed as a trade off rather than absolute good/bad terms.
It's not treated as a trade-off, outside Apple's marketing. Anyone that's seen Apple's service revenue relative to their hardware margins knows the score. If this was a conversation about iPhone malware then I should point out that people are being infected by Pegasus with nothing but first-party Apple software. There are active zero-click exploits with various levels of persistence on the market today; you want to talk about relative scale in a post-Pegasus era? Hell, a post-Snowden era?
You're echoing Apple's own flawed defense. You can't rob someone in one hand and claim to be paying them back with the other. You're either acting altruistically to actually help users, or you're perpetuating a cycle that benefits only the service-owner. With Apple's complete lack of service-based competition I don't think it's absurd to suggest they're intentionally misrepresenting the only App Store option to try and rescue it from certain regulation.
> It's not treated as a trade-off, outside Apple's marketing
It absolute is by anyone working in the field, and it’s not just Apple. A lot of places have been looking at ChromeOS for similar reasons, tons of people are running Kubernetes on trimmed down Linux systems which are far less “serviceable” than traditional servers because it reduces the attack surface massively.
> There are active zero-click exploits with various levels of persistence on the market today; you want to talk about relative scale in a post-Pegasus era?
Yes, actually. Your emotions are clearly strong on this issue but you really want to get some data and analyze it – for example, how long are users left vulnerable for traditional operating systems versus locked down ones or how hard is recovery?
Nobody is saying that there’s a universal optimum here but there’s clearly a trade off which people should consider when deciding what’s better for their situation. If you don’t need to run arbitrary binaries, can meaningfully segregate data between apps, etc. the benefits of breaking with tradition is pretty high and a high percentage of people will never hit a downside.
>>> Be distributed solely on iOS and/or iPadOS in the European Union;
I assume this means you have to release a separate App like "Firefox EU" to be able to use Gecko, right? Practically speaking, would any major players actually do it? It just sounds unlikely to me but I may miss something.
> I assume this means you have to release a separate App like "Firefox EU" to be able to use Gecko, right? Practically speaking, would any major players actually do it?
I can imagine browser makers creating names like “Freedom browser, by Firefox”, “Courage browser, by Brave”, “Live on the Edge, by Microsoft”, and so on.
If you read their requirements you can infer why they’re doing this: security. They absolutely do not want users’ phones hacked by a 3rd party browser bug. Nor do they want a 3rd party browser phoning home with user data.
Absolutely the last thing they want is Facebook shipping their app as a browser which bypasses all of Apple’s privacy protections.
Apps are sandboxed, but WebKit runs outside the sandbox with additional privileges such as JIT and multiple processes and communicates with the app through IPC. This change is allowing third-party code to also run with these privileges as long as they follow certain security standards.
iMessage has also been the main source of hacks for iPhones for years if not decades. Apple really struggle with securing iMessage.
It definitely does not need to run all the time, it could be woken up by incoming notification like all other apps (and I hope it is how it actually works).
There's still app reviews? If Facebook really did ship as a browser, they could just reject it. Just like they reject everything else that goes against their (unwritten) rules.
The alt stores discussion is really <1% of users that'll use it and I don't think is an issue (but anyway, they are policing that too)
Even if someone got unsigned machine code execution on V8's or SpiderMonkey's JIT, the same could happen on JavaScript Core. All browsers could be vulnerable to something like this (it's just a matter of time before a vulnerability appears), and Apple should be focusing on securing their app sandbox.
In terms of privacy and third party apps, isn't the protection domain name based? Those are native apps, so browser protection wouldn't work.
I’d say nowadays it’s 30% for privacy/security reasons and 70% for profit.
Phoning home with user data does not require any browser engine, this has happened many times. Weather apps were selling gps data of their users (and some probably still are).
(1) chrome has a better security record than Safari so they are not protecting users by disallowing it. in fact they're doing the opposite. Preventing users from using more secure broswers
(2) the privacy protections are already circumvented in current WebView based browsers. How do you think Firefox iOS is able to sync all your history?
Arguably they're doing it to prevent any erosion of their native app market. other browsers provide more features like full screen support and PWA support, both of which are ways of providing app experiences that don't go throu apple's cash cow $$$$$ store
Do you have a source for (1)? I see a lot more CVEs for (desktop) Chrome than for (any) Safari. Also, a native version of Chrome doesn't exist yet on iOS, so how can you say it has a better security record?
WKWebView and SafariViewController do, but they run the browser engine and JIT in another process so that the app still doesn’t have the ability to execute unsigned pages.
I'm all for Apple opening up to other browser engines on iOS but at the same time I'm worrying that this is gonna end up in furthering Chrome as "the web" over time.
Especially considering iOS is far from having majority marketshare in EU compared to Android... this feels like forcing a minor player (iOS in EU) to help a major player (Chrome).
Why? They've always been this way. I still remember when my friend couldn't see any of my (windows and android at the time) devices but I saw all of his on bluetooth. They've never liked competition.
This is apple, this is how they do business. I don't think anyone using their products will care though, they'll find a way to spin it into something that is good for them.
OK, then Apple should also be transparent and show how they meet all of these requirements no? Actually this should probably be judged by an independent organization. Great idea Apple!
Kind of ironic that they are also requiring WPT compliance while they are the worst scoring major browser there.
The main question is whether they will allow Firefox, Chrome and Edge to use their own engine or not. The guidelines leave enough room to deny any potential browser engine if they want to, so it depends entirely on how Apple will decide on actual cases.
Not OP, but as someone who hates ads and values privacy, switching to a phone built by the world's largest data broker / advertising agency seems like a bit of wrong turn.
iOS has many - many! - issues, but it is a more privacy-respecting platform than Android is. I'm not saying this to knock Android; I would dearly love it if Google weren't such a data hoover. I'd switch over and never look back.
I thought about it but it’s not really an option if you need certain apps / push notifications. If the options are Android without google play services vs iPhone, the realistic option is iPhone.
GrapheneOS has a neat feature called profiles, so you can have a profile with play services when needed but your main one can be de-googled. Push notifications and apps are cancer anyways, try to live without them.
It's honestly weird to me how much work they put into their hissy fits. It's not like their bottom line or their stock price would notice it when they would just open up their OS a bit more.
>It's not like their bottom line or their stock price would notice it when they would just open up their OS a bit more.
Present day Apple is run by bean counters and lawyers and their job is to be paranoid about anything that threatens Apple's bottom line at all costs, and regulation that force them to allow alternate stores are their biggest threat right now since a lot of their income comes from the App store fees and without the lock in they have no moat since smartphones are a commodity now.
Didn't Jobs say something along the lines of "But when companies get big, they sometimes lose their way and start to value the wrong things. They start to value the people who create the process, rather than the people who get things done. In a big company, politics can get in the way of what’s really important—great work. In the end, companies don’t die because of this. They die because they stop innovating."
Jobs said many things, some right, some wrong (dismissing PC games and the OpenGL API as a fad leading to Macs low market share during the PC wars). The difference is he said those things when Apple was still a start-up or a small tightly run ship with the DNA from NeXT.
Apple of today is a multi domain multi national behemoth with 20x-50x the workforce of back then. What sayings apply to start-ups don't apply any more to largest corporations in the world.
What he said decades ago is no longer relevant to the Apple of today.
It's also pretty weird for them to have integrated it so hard in the first place given the Microsoft monopoly case about Internet Explorer in the 90s.
I'm not even sure why they even bothered to create Safari — even though today it happens to be something I prefer over Chrome, there's also still Firefox — and unless I can answer that, I can't tell why they might care about this.
Money that goes into this is money that doesn't go into the shareholders pockets or into growing Apple. It's like asking Whatsapp to allow third party clients or expose their API. Makes tech nerd sense but not business sense.
At the of the day, tech nerd sense is working your socks off on an OSS that companies get to use for free with 0 contribution to the ecosystem while accepting underpaid tech jobs. Business sense is decreasing costs and increasing revenue in the long term
It's Apple, it's not the first time they try malicious compliance way, it won't be the last, it really seems to be the only way they can comply with the law.
Can anyone explain why is Apple so opposed to having different browser engineson iOS? Is it really just about security? I don't understand what is Apple to gain by not allowing 3rd party engines everywhere in the world.
Controlling the only browser engine on the most important end user OS means Apple has a veto on what can be done with the web platform in practice. If they want to press a pillow on the face of the web and watch it desperately struggle for air, they can.
And of course they want to do that. What is good for the web is bad for Apple. They need web apps to be unviable to maximise the platform lock-in and the rents they can extract via the App Store.
("They" being senior Apple leadership; I'm sure the people working directly on WebKit are doing the best they can given their resource constraints and strategic guidance.)
Ah I had thought it was Electron because the code is near identical to desktop for most things (if you download the IPA and unpack it, you’ll find an asar archive with the JavaScript)
As an end user I really don't want Electron apps on my phone. I want people to actually bother to do something native and fast, not cheap for the engineers.
>Apple will only authorize developers to implement alternative browser engines after meeting specific criteria and who commit to a number of ongoing privacy and security requirements
How come Apple is installing itself as the qualified party to judge if a browser is good or not? It's rich coming from the company that has been feeding us Safari for so many years.
I don't mind the expectation for a certain level of quality on the app store, however it should not propagate to alternative stores.
Because some browser processes actually live outside of the sandbox. You need elevated privileges for a JIT.
Their requirements are fairly reasonable, too. Use a memory safe language or have processes in place to catch memory bugs. What that means exactly we'll have to wait to see. But I think given the nature of a web browser, that is an application that automatically executes code supplied over the internet, it not unreasonable.
These are sound technical reasons, and it would have been amazing if Apple had done it earlier, before being difficult.
However, the whole point of the here and now is to remedy the fact that Apple is in the "abusive gatekeeper" position. While they're both the platform and the competition, I don't think their proposal is a valid remedy.
One viable alternative (short of Apple divesting/spinning of Safari) is to delegate review of 3rd party browsers to an independent 3rd party. There may be others.
Safari has been holding back web development for many years. In this announcement Apple requires support for X features to allow a browser, but if you look at the page, Safari is worse than Firefox and Chrome/Edge.
The browser is unstable, has had large amounts of bugs and race conditions, refuses to add features that can make the browser a better competitor for apps unless forced to by regulation, and so on... Safari on iOS is garbage, and that's the way Apple wants it to be. It just has to be OK so that iOS users don't understand how bad it really is.
Literally 15 minutes ago a customer asked me if I could add push notification support for iOS, as Apple has refused to do so on iOS for many many years. But Apple did add it when the pressure around competition increased, so now it should work with updated iOS.
Apple is a shit company for consumers, and they are actively sabotaging the web to increase their profits. This is not just something I'm saying. When Apple was forced to allow other browsers in the EU, they announced that they would turn off support for progressive web apps in the EU(apps added to the home screen, push notifications they just added because they were afraid of this and so on). They did go back on it after developer pushback. I haven't looked into this, but I'm pretty sure that Apple has done something to make sure other browsers can't develop PWA features. Cause that is what Apple does.
I want to know if Firefox or Chrome would pass these requirements as is. If not, they're clearly taking the piss and the EU should take a gigantic dump on them.
Population, rather obviously, is not a meaningful metric for quantifying consumer spending on luxury electronics and digital services.
According to Apple, the EU only accounts for 7% of their App Store revenue.[0] It's not nothing, but it's a much less important market for Apple than some may think.
Europe already has all the middle- and upper-class people it will ever have, they've all heard of Apple, and they mostly don't use their products. Europe's share of the world economy is in decline. The regulatory environment is obviously perceived as extremely hostile from Apple's perspective, and rapidly deteriorating. I'm not sure where you're seeing these opportunities for growth, but I doubt Apple agrees.
Asia is wealthier than Europe and rapidly expanding. Tens of millions of people join the Asian middle class each year - upwardly-mobile, aspirational, and ready to be wooed over to their first Apple product. A much more rational direction for growth, by any measure. Europe's 7% contribution wouldn't take long to replace if they pushed aggressively into booming Asian economies.
I'm not saying Apple should abandon Europe - I don't think they will, unless pushed out by some new law they simply can't comply with - but I doubt Europe is seen as a growth region for Apple (or other tech firms). I don't expect devices or services currently available in Europe to be withdrawn, but I do expect the region to be increasingly left out of the roll-out of future devices and services.
>> You must do the following:
>>> Use memory-safe programming languages, or features that improve memory safety within other languages, within the alternative web browser engine at a minimum for all code that processes web content;
AFAIK all major engines are written primarily in C++. This "features that improve memory safety" is worryingly vague, and we already know Apple goes out of it's way to make these rulings less useful.
I wouldn't be surprised if they rejected both Firefox and Chrome on these grounds.