undefined | Better HN

0 pointspalata2mo ago0 comments

> Web browser is a sandbox by default.

So I take this is a security concern. How do you feel about the fact that when you open a webapp in your browser, you re-download that app code every time? That the server can send you a backdoor every single time, made just for you, and nobody else will ever know? And that you can't check the "hash" of the webapp, like you can with an app?

On the other hand, an app is sandboxed, too (on mobile OSes like Android and iOS). When you download it, you can check a hash that you can (if you want to) compare with a friend to see if they got the same app. With an app, there is intermediary (the "app store") that would need to collude with the developers to send a backdoor just for you, and even then you would still have the app binary as proof.

That's always a question I have with "secure" web services: if you use ProtonMail, you trust that Proton doesn't send you a web page that leaks your key. But if you trust Proton for that, what's the point of the end-to-end encryption? When you use the Signal app, the whole idea is that you don't have to trust Signal for the end-to-end encryption, at all.

0 comments

4 comments · 4 top-level

tennysont2mo ago

I think the question is: where should the information barrier exist? A web browser puts a barrier between your OS and the company, while an app (potentially) puts a barrier between the client and the server.

For security minded and source-available apps like Signal, the latter is the right choice. For low trust companies with no expectation of app/server separation, the former seems right.

1 more reply

zadikian2mo ago

Apps can download code too, and often do

1 more reply

leptons2mo ago

>That the server can send you a backdoor every single time, made just for you, and nobody else will ever know?

There is no "backdoor" when the browser is sandboxed. "backdoor" is a specific thing, I think you need to read up on it before you keep using it incorrectly:

https://en.wikipedia.org/wiki/Backdoor_(computing)

>On the other hand, an app is sandboxed, too (on mobile OSes like Android and iOS). When you download it, you can check a hash that you can (if you want to) compare with a friend to see if they got the same app.

That isn't what "sandboxed" means, it has nothing to do with checking hashes. And no, mobile apps are not really sandboxed, they have full access to your mobile device once you install it and give it access - and let's be real, most people are just going to blindly click "allow" for anything the app requests after installing an app.

>With an app, there is intermediary (the "app store") that would need to collude with the developers to send a backdoor just for you, and even then you would still have the app binary as proof.

You keep referring to "backdoor", and I don't think you really know what that means.

>That's always a question I have with "secure" web services: if you use ProtonMail, you trust that Proton doesn't send you a web page that leaks your key. But if you trust Proton for that, what's the point of the end-to-end encryption? When you use the Signal app, the whole idea is that you don't have to trust Signal for the end-to-end encryption, at all.

That isn't how any of this works. The main value proposition of Signal is that we do trust its end-to-end encryption. Protonmail sending a "web page" that "leaks your key"? WTF?

3 more replies

AlBugdy2mo ago

> And that you can't check the "hash" of the webapp, like you can with an app?

Can someone reading this make an addon for this?

1 more reply

j / k navigate · click thread line to collapse

0 comments

4 comments · 4 top-level

tennysont2mo ago

For security minded and source-available apps like Signal, the latter is the right choice. For low trust companies with no expectation of app/server separation, the former seems right.

1 more reply

zadikian2mo ago

Apps can download code too, and often do

1 more reply

leptons2mo ago

>That the server can send you a backdoor every single time, made just for you, and nobody else will ever know?

There is no "backdoor" when the browser is sandboxed. "backdoor" is a specific thing, I think you need to read up on it before you keep using it incorrectly:

https://en.wikipedia.org/wiki/Backdoor_(computing)

>With an app, there is intermediary (the "app store") that would need to collude with the developers to send a backdoor just for you, and even then you would still have the app binary as proof.

You keep referring to "backdoor", and I don't think you really know what that means.

That isn't how any of this works. The main value proposition of Signal is that we do trust its end-to-end encryption. Protonmail sending a "web page" that "leaks your key"? WTF?

3 more replies

AlBugdy2mo ago

> And that you can't check the "hash" of the webapp, like you can with an app?

Can someone reading this make an addon for this?

1 more reply

j / k navigate · click thread line to collapse