jb55's avatar
jb55 _@jb55.com 1 year ago
if you don't think having a key isolated in a separate process without networking is much better than having it floating around in the safari's memory space, I can't help you. ideally key stored in: hw device > sandboxed process > browser plugin > webpage saying I'm misrepresenting the problem is just not true, this is an obvious improvement short of hw device signing. I guess it just comes down to how much you trust browser engineers to not fuck things up.
↑ Parent

Replies (1)

semisol's avatar
semisol semisol@nostr.land 1 year ago
it is objectively an improvement, but for most users it doesn’t matter that much we should probably also focus on other attack vectors: decryption permission is all-or-nothing, the user can be fatigued into granting unprompted sign permissions to an app etc
1 replies ↓