Comment by diacritical
21 hours ago
> Programs are downloaded to my computer and executed without me being able to review them first—or rely on audits by people I trust
Would've been cool if we could know if site X served the same JS as before. Like a system (maybe even decentralized) where people could upload hashes of the JS files for a site. Someone could even review them and post their opinions. But mainly you'll know you're getting the same JS as before - that the site hasn't been hacked or that you're not being targeted personally. If a file needs to update, the site could say in the changelog something like "updated the JS file used for collapsing comments to fix a bug". This could be pushed by the users to the system.
Especially important for banking sites and webmail.
No comments yet
Contribute on Hacker News ↗