← Back to context

Comment by saagarjha

5 years ago

I don't entirely understand your argument: I would love to use those things in the browser; in fact I do. But those are precisely the things I don't want to give random web API access to!

7 comments

saagarjha

Reply
cromwellian  5 years ago

Then don't. But if a web form at a coffee place wants to ask you for payment, it should be able to call up the WebPayment API to ask for one time permission, to which you can acknowledge. I shouldn't need a native app to do it.

And once you acknowledge that asking for access to spend your credit card is ok on the Web (and it is, because Apple supports the W3C Payment Request API), why do you think it is far worse to plug into a USB device, and be prompted to ask if your Web page can access it. There are any number of reasons to do this, like Arduino projects, IoT devices, etc.

I use a Chrome app that lets me install APKs over USB thanks to this API. Super helpful for installing built artifacts from a Continuous Integration result page for example.

Or maybe you're at an airport, or your company, and you want interact with a vending machine through NFC or BlueTooth. Why is a one-off permission tied to that one use any worse than the previous example of payment approval.

Most of the people responding on HackerNews seem to think Web apps can use these APIs without requesting user permission.

  • millstone  5 years ago

    > I use a Chrome app that lets me install APKs over USB thanks to this API

    What the fuck.

    > Most of the people responding on HackerNews seem to think Web apps can use these APIs without requesting user permission.

    Nobody will have malware sideloaded because it requires clicking an OK button?

    Most of the web is scams. Search for anything and most links will be scams. From that perspective, these APIs are profoundly reckless.

    • cromwellian  5 years ago

      You can’t side load something by clicking an OK button, you have to put your phone into developer mode and click a “trust this computer” dialog on your computer AND also click ok in the browser.

      And yes, if you have a continuous integration system building your binaries in the cloud it is helpful to be able to install them without going through a damn store process. You are installing your OWN apks that you compiled with this extension I’m talking about.

      >most of the we is scans

      Talk about hyperbole. The only time I’ve ever encountered harmful scams is when I searched for pirated content.

      The web is the most useful human invention since the PC era. Most of peoples time in apps is spent in social media consumption. I’ll take web content over TikTok and Instagram any day.

  • saagarjha  5 years ago

    Because then the web process needs access to the USB stack in some way, which is a lot more complicated than simply providing credit card information…

    • cromwellian  5 years ago

      That's that's an argument for security, less so for privacy, in the sense that the surface area may yield points for exploits.

      But the payment stack is also very complicated. It touches everything from the secure enclave up to the Merchant over the network.

      And if accessing the USB stack is bad, then doing it from a native app is too bad. The Web execution environment is more isolated and abstracted than the native app SDK, see https://blog.zimperium.com/dr-jekyll-and-mr-hide-how-covert-... for example of live malware getting past the app review process and accessing geo location and other things to fingerprint.

      My computer has never, in at least the last 15 years, been infested by usage of Web APIs. Since the time of Firefox and Chrome taking over from IE4-IE6, I have been free of exploits. It's fair to say that the web is used by billions of people, and for the most part, large scale carnage using browser vectors has been limited.

      I don't think your conclusions are based on actual security researcher threat modeling, but more about an implicit bias against Web apps and towards native.

      2 replies →