Performance: We use WebKit for the actual pages, so similar to Safari in speed and memory usage (much better than Chrome), and our UX should be pretty fast (we did a performance update right before this launch!)
Privacy: The app obviously knows what pages are on it since it's loading them. Our server doesn't have any of that data unless you choose to upload it for cloud syncing. That data is encrypted so shouldn't be trivial to access (though we want to move over to iCloud to avoid this problem).
What do you think?
Using Azure AppCenter and its analytics SDK isn't ideal from a privacy perspective. I think it's reasonable for product development, but if you want to sell based on privacy I think it would need to go.
Hmm, you might be right. AppCenter is super useful for crash logs, but do you think it would be an issue for users when concerned with privacy? We don't identify the reports at all, so literally anonymous crash logs.
(And AppAnalytics is needed for it to work with SwiftUI, I think? Might be why we're using that.)
I think there are levels to it. Best for privacy would be no crash reporting, but obviously that comes at the cost of no crash logs and needing to do a lot more testing and QA before shipping to get equivalent quality, and that's an engineering trade-off.
Custom crash-reporting, where the server is controlled by you, is likely a bit better because it's not going to a third party, but that's another engineering cost.
Having crash reporting is probably fine – I put crash reporting in the apps and services I work on, and I expect them as a user – but it is definitely worse for privacy and if an app is marketing on being good for privacy it's not a great fit. As for analytics, again, I can see the reasoning, but I think it would be good to not do it.
As far as privacy is concerned, shipping the binary and it doing any networking is the same impact, regardless of the tagging that you may or may not be doing. MS might be tagging connections/IPs, correlating users, fingerprinting, etc. There's also the risk that private data accidentally ends up getting sent to AppCenter (in crashes or analytics) just from values on the stack or the particular code paths that users are executing.
Honestly, I don't think you should be selling based on privacy. I don't think Sigma OS is fundamentally better than Firefox/Safari, and it takes a LOT of work and giving up a lot of useful data to do it correctly. I'd put product analytics in (but not too much), keep the crash reporting, don't sell data, don't sell ads, don't advertise as being any more private than that, and use your product analytics to inform your product process and build better features.
Performance: We use WebKit for the actual pages, so similar to Safari in speed and memory usage (much better than Chrome), and our UX should be pretty fast (we did a performance update right before this launch!)
Privacy: The app obviously knows what pages are on it since it's loading them. Our server doesn't have any of that data unless you choose to upload it for cloud syncing. That data is encrypted so shouldn't be trivial to access (though we want to move over to iCloud to avoid this problem). What do you think?