It's easy to understand the point that window management in Android is complex and this complexity hampers graphics performance. On iOS, one process has the entire screen at a time. There are no widgets, no plugin viewports, no 3rd-party UI - but all this stuff is happening on Android. The question becomes whether this is actually a good paradigm to have for a mobile platform and whether this compartmentalization mechanism is really needed.
For example, take this statement: "This [window management technique] is also why Android can safely support third party input methods." Clearly, the perception at Google is that this model makes Android safe, and in a way that's understandable because the platform is way more open than iOS and thus needs more inherent resistance. But look at the concept of "safe support" for third party input methods. But does compartmentalization of UI operations in this case actually make, say, 3rd-party keyboards safe to use?
It all depends on what you mean by "safe". It is certainly possible to create input methods that behave as spyware, that's why Android puts a big fat warning telling you so whenever you switch to a third-party input method.
I think what is meant by safe in this context is that an that is not an input method cannot pretend to be one. Likewise, the interface between the input method and applications means that an application cannot normally wire itself into the input method and monitor everything the user types.
Yes, exactly, it's very open to debate what safety in this case actually means.
I think what is meant by safe in this context is that an
that is not an input method cannot pretend to be one.
But is that really a concern? If you're putting together a spyware app disguised as a keyboard, why not just include a keyboard and "fool" this protection by actually providing the advertised functionality?
I also believe that the Android people in this specific case define "safe" as "safe from crashes" in the way that a 3rd-party external component cannot easily crash the foreground app because of the windowing and thread-based compartmentalization.
For example, take this statement: "This [window management technique] is also why Android can safely support third party input methods." Clearly, the perception at Google is that this model makes Android safe, and in a way that's understandable because the platform is way more open than iOS and thus needs more inherent resistance. But look at the concept of "safe support" for third party input methods. But does compartmentalization of UI operations in this case actually make, say, 3rd-party keyboards safe to use?