undefined | Better HN

0 pointsdavidmurdoch5y ago0 comments

Because you'd have to download an app like this and then trust that it won't install malware or spyware or do anything else malicious.

0 comments

app4soft5y ago

> Because you'd have to download an app like this and then trust that it won't install malware or spyware or do anything else malicious.

How you would check that web app, which JavaScript/WebAssembly source/binary should be firstly loaded into your browser from 3rd-party website, would not "install malware or spyware or do anything else malicious"?

phailhaus5y ago

Modern browsers are pretty secure nowadays. By comparison, you have pretty much zero guarantees about an app you install onto your computer. The only concern is that these browser apps are quietly sending your files elsewhere, but this is easily inspectable via the dev tools.

app4soft5y ago

> Modern browsers are pretty secure nowadays.

Just few examples of "pretty secure modern browsers nowadays".[0,1]

[0] https://bugs.chromium.org/p/chromium/issues/list?can=1&q=lab...

[1] https://techdows.com/2020/05/mozilla-halts-firefox-76-rollou...

Reelin5y ago

To be fair, modern OSes are quickly catching up in this regard. WASM is also increasingly available for use as a native sandbox. Examples: (https://github.com/WAVM/WAVM) (https://github.com/bytecodealliance/lucet)

1 more reply

alex_duf5y ago

That's as trustworthy as your web browser, which is pretty good at sandboxing nowadays.

app4soft5y ago

Has you ever read changelogs of Firefox & Chrome/Chromium? There are tons of issues documented related to sandboxing & security each new release happen.

1 more reply

zucker425y ago

Why would you use browser-based video editing over desktop-based free software, where you can read the source (or listen to someone you trust who has read the source) to make sure it's not doing anything malicious? Besides the fact that it might be easier/simpler for very small projects.

bzb35y ago

So end users should read all the source code of every piece of software they intend to use before using it instead of using a proven jailing method?

zucker425y ago

> (or listen to someone you trust who has read the source)

By this I meant to include, for example, the Debian team. Of course there can be bugs/oversights, but the same is true of the browser solution. Is there even one instance of malware being distributed through the official channels of a mainstream Linux distro? Not that an in browser JS video editor isn't cool, but I don't see how it would have technical advantages over the various Linux desktop editors.

Accujack5y ago

Because then it wouldn't be "cool".

So many of the projects I see mentioned here are neat hacks, but that's really about it.

People writing a complete operating system for an 8 bit micro made of discrete chips? That's neat, but not really useful, and most people won't ever take the time to boot it once.

An FPGA that runs web assembly code? That's nifty, but if we want high performance we probably won't use web assembly to do it.

You invented a completely new language that has all the features of C but none of the things that are annoying? We'll add it to the list of C-like-but-not-annoying languages.

Found a great new way to estimate how much capital you should try to get when creating a start-up to sell your all-natural soap products in California? That's great for you... a little bit niche for the rest of us.

You re-implemented emacs in python? That's a really impressive technical achievement. No one will ever surpass you in either emacs implementation or python hacks. Also, no one will ever use it.

Same thing with Hackaday... lots and lots of "cool" projects where neither the creator nor the site mods seem to realize something is just a nifty project, and not the salvation of the world.

dang5y ago

You write as if these are bad things, but they're wonderful things. They're also the bread and butter of this site, so it's good that you see them here. Something would be wrong if you didn't.

Pure interest and sublime pointlessness are, of course, two of the classic hacker motivations.

Edit: https://news.ycombinator.com/item?id=23246221 is happily near the top of the front page as we speak.

2 more replies

kaonwarb5y ago

I see such "not really useful" projects much as I do fine art. There's not much measurable use to the world in most painting, sculpture, or music in and of itself - but done well, it brings enjoyment to both the creator and appreciative observers. Count me as an appreciative observer in many such cases.

j / k navigate · click thread line to collapse

0 comments

app4soft5y ago

> Because you'd have to download an app like this and then trust that it won't install malware or spyware or do anything else malicious.

phailhaus5y ago

app4soft5y ago

> Modern browsers are pretty secure nowadays.

Just few examples of "pretty secure modern browsers nowadays".[0,1]

[0] https://bugs.chromium.org/p/chromium/issues/list?can=1&q=lab...

[1] https://techdows.com/2020/05/mozilla-halts-firefox-76-rollou...

Reelin5y ago

1 more reply

alex_duf5y ago

That's as trustworthy as your web browser, which is pretty good at sandboxing nowadays.

app4soft5y ago

Has you ever read changelogs of Firefox & Chrome/Chromium? There are tons of issues documented related to sandboxing & security each new release happen.

1 more reply

zucker425y ago

bzb35y ago

So end users should read all the source code of every piece of software they intend to use before using it instead of using a proven jailing method?

zucker425y ago

> (or listen to someone you trust who has read the source)

Accujack5y ago

Because then it wouldn't be "cool".

So many of the projects I see mentioned here are neat hacks, but that's really about it.

People writing a complete operating system for an 8 bit micro made of discrete chips? That's neat, but not really useful, and most people won't ever take the time to boot it once.

An FPGA that runs web assembly code? That's nifty, but if we want high performance we probably won't use web assembly to do it.

You invented a completely new language that has all the features of C but none of the things that are annoying? We'll add it to the list of C-like-but-not-annoying languages.

You re-implemented emacs in python? That's a really impressive technical achievement. No one will ever surpass you in either emacs implementation or python hacks. Also, no one will ever use it.

Same thing with Hackaday... lots and lots of "cool" projects where neither the creator nor the site mods seem to realize something is just a nifty project, and not the salvation of the world.

dang5y ago

You write as if these are bad things, but they're wonderful things. They're also the bread and butter of this site, so it's good that you see them here. Something would be wrong if you didn't.

Pure interest and sublime pointlessness are, of course, two of the classic hacker motivations.

Edit: https://news.ycombinator.com/item?id=23246221 is happily near the top of the front page as we speak.

2 more replies

kaonwarb5y ago

j / k navigate · click thread line to collapse