Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You are willing to run their code on your computer with full access to your data but not in the heavily-sandboxed browser environment?


Verbify didn't say that at all.

It's ludicrous that you can't download a security-focused app when your browser settings are unusually secure. ;)


> It's ludicrous that you can't download a security-focused app when your browser settings are unusually secure. ;)

Security is about threat models: if you don't trust the code they write on their website, you shouldn't trust the code they shipped in the app.


A casual look shows they're also loading JavaScript via bootstrapcdn.com and googleapis.com. Security is also about attack surface reduction.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: