[liberationtech] Standalone JS apps vs. browser extensions, which is better?

Mon Aug 26 11:44:46 PDT 2013

Thanks, Griffin, Eduardo,

I haven't gotten a lot of response to this issue, but I've been doing my
own thinking, after some more testing of extensions similar to what I want.
Here's by $0.01 worth:

Extensions are cool, but those I've seen have these huge problems for my
application (and probably any application where extreme portability is
needed:

1. They don't follow you from machine to machine, even if, say, you log in
with your Google ID. You must install them in each machine one by one.

2. Even worse, if they save any data (public keys, in this case), the
database remains tied to each particular computer. Forget about going to
the library and using it there.

3. The code is hidden from view, so if an adversary changes it (by hacking
into Google or by convincing them that it is of overriding national
security interest), the user is kept in the dark. Me, the developer, is in
the dark, too.

So, I'm inclining toward keeping PassLok as a securely delivered, but
strictly self-contained web app. At least this way you can look at the code
before you execute it.

Thanks! for all the feedback!

On Sat, Aug 24, 2013 at 4:47 PM, Griffin Boyce <griffinboyce at gmail.com>wrote:

> On 08/24/2013 05:13 PM, Francisco Ruiz wrote:
> >
> > My encryption app, PassLok, is currently in the shape of a standalone,
> > static web page with two text boxes where users copy and paste plain
> > or encrypted messages. I am considering the possibility of making a
> > browser extension version out of it, probably along the lines of
> > myMail-crypt or Mailvelope for Chrome, to provide a tighter
> > integration with email programs (or at least with Gmail, which is very
> > popular these days).
> >
>
> I suspect you're going to get lots of different answers to this
> question, but here is how I see it:
>
>   Offering a browser extension or downloadable application is far
> superior to having it in website format, because you can offer GPG
> signatures and the user doesn't have to worry that you've been forced to
> change the code server-side (or that they've got network interference).
>
>   You shouldn't be storing collections of passwords on your server, in
> any format, ever. This is just begging for trouble, either from hackers,
> broken servers, or government agencies.
>
>   Release your app as a proper downloaded app. Allow people to save
> their passwords locally. And have someone help you with threat
> modeling.  It doesn't prevent all problems, but it turns a huge problem
> into a few small problems, and puts much of the burden back onto the
> user to secure their computer and local network.
>
> Just my $0.02
>
> best,
> Griffin
>
> --
> "Cypherpunks write code not flame wars." --Jurre van Bergen
> #Foucault / PGP: 0xAE792C97 / OTR: saint at jabber.ccc.de
>
> My posts, while frequently amusing, are not representative of the thoughts
> of my employer.
>
> --
> Liberationtech is a public list whose archives are searchable on Google.
> Violations of list guidelines will get you moderated:
> https://mailman.stanford.edu/mailman/listinfo/liberationtech.
> Unsubscribe, change to digest, or change password by emailing moderator at
> companys at stanford.edu.
>

-- 
Francisco Ruiz
Associate Professor
MMAE department
Illinois Institute of Technology

PL13lok=WsH3zTgZn8V3hnIqjdbfPus+5YF5n+LBRPuH9USMMp8izPv+hsLoZKv+jaCFMapJFfiA11Q9yJU1K1Wo0TbjXK/=PL13lok

get the PassLok privacy app at: http://passlok.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130826/f010688b/attachment.html>