> I don’t want the browser to even be capable of it, because regardless of what permissions and security measures are put in place, someone is going to find a way around them.
You surely trust the permissions and security measures your phone provides to apps so what makes browsers worse in this area? Especially if you're using iOS where you only have Apple's web browser available to use.
Sure, browsers can navigate without your input, but what good would that do to bypass permissions? You can't use that to automatically grant your website permissions. And permissions are isolated to specific domains as if they were separate apps, so you can't just use permissions granted on domain A from domain B.
Not everything needs to be a PWA. Yes, they're great alternatives to apps, but why should anyone be forced to install a PWA when they might only need to use the web app very infrequently? Or what if I just wanted to try some functionality out first? Installing is an unnecessary speed bump for these cases.
Like I said, it’s surface area. It’s much larger in the case of the web since there’s any number of scenarios in which a user’s browser can be coaxed into running code that exploits a vulnerability that bypasses permissions and isolation (which is always possible by virtue of the browser being a privileged app, whether there are known exploits or not).
This sort of thing can happen with installed apps too, but the likelihood overall is far lower, especially if selecting judiciously.
The overwhelming majority of web apps don’t need filesystem access or similar special functionality, and thus users aren’t forced to install them.
In my personal experience, if my interest level in an app is so low that I wasn’t willing to install it, I was never going to use it in the first place either because the app wasn’t compelling enough or I didn’t have any actual need for it.
You have the same risks with apps though. An operating system has an even larger surface area. Sure, you need to manually install apps, but once installed they will automatically update.
Personally I would trust browser security far more than an OS simply because it is a much more desirable target to compromise. They're also built specifically to run untrusted code.
Intent. Apps can only ever be installed by me, barring complicated exploit chains, while browsers can navigate without any input from me whatsoever. That serves as an extremely narrow funnel that vastly reduces surface area.
This is also why I’m more receptive to installed PWAs being more capable. They’re both on the other side of my intent funnel and assuming a good implementation can’t ever navigate to domains that aren’t that PWA.
Besides that, it’s just annoying for apps to be dressed in browser chrome. On macOS ever since Safari added the ability to install sites as PWAs, I’ve been making heavy use of those just to remove extraneous browser toolbar items and such. I don’t know how people can live with all their web apps in regular browser tabs, I’d go nuts.