Their example of hijacking a BLE keyboard to get passwords seems a bit farcical. I would love to see a PoC of that attack. The API has been available in Chrome for quite a while. I don't think it has been a large attack vector.
All the more reason to use Safari or Firefox, since Chrome is doing something that I don't want any browser to have. (Whenever I install Chrome, I go through and turn off all of the stupid stuff that chrome should never have like web midi, webscsi, webble, etc.)
There’s a stack of Blink-only Google specifications that people are pushing as “standard” that are anything but. Both Apple and Mozilla reject them on privacy or security grounds, then get criticised as being “behind” (or in Apple’s case, “deliberately holding back the web”). No, a specification created and implemented unilaterally by Google is not a standard.
Most standards start by being implemented by one browser. I would rather a standard exist based off a real implementation than one thrown out of an ivory tower.
The whole point of standards is that there should be multiple implementations that can support it. Now I do agree with your point on that standards should be based on feedback from implementations but as the above comment said, this is just google making adding features and making standard documents to shift blame on other browser for not implementing them.
To be fair where are the other browser's proposals for giving apps the capabilities they need? Browsers should be shamed for not making an effort to support common use cases that apps need.
Pretty hard to have a PWA future, if you can't access standard app APIs.
Seems like it would require a big mindset change for Mozilla to get on board with PWAs.