Hacker News new | past | comments | ask | show | jobs | submit login

Crypto is a browser built-in, it’s not being loaded over the network at all. The HTML file is self-contained.

Even if it was loading remote scripts, they could be secured by using an integrity hash (another modern browser feature).




Yeah you can actually just audit the self-extracting code, and create detatched signature for it for every instance.

But yeah my bad, apparently the actual problems with this tools are with usage, password hashing, and non-existent secret sharing mechanisms.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: