Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Agreed. Cryptographic signing of extensions in this context doesn't seem to me to be significantly different from the signing done by your other package management systems.

One of my professors said "the browser is the new OS" about a decade ago. This seems like more proof of that to me — if we want fast, low power JavaScript in browsers, we have to have a reasonable chain of trust imo.



I tried renaming some files with "the new OS", but all I got was a 404. I had to use the one the browser was running in instead.




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: