Hacker News new | ask | show | jobs
by roustem 3758 days ago
Unfortunately, there is no way for browser extensions to create Unix sockets,

Also, code signing would prevent anyone from modifying the binaries to change the IP address.
2 comments
julie78787 3758 days ago
But even if they could, UNIX domain sockets aren't immune to attacks. That sort of the problem with "First, assume your machine has been pwn'd".
link
kazinator 3758 days ago
Yes; if we assume the machine has been pwned, then whatever we can still trust is anywhere else but in that machine. At best we can come up with ways to securely smuggle bits through the pwned machine between two trusted endpoints; but we cannot manipulate any secrets on that machine.

(Trusted computing relies on some tamper-resistant core of the machine not being pwned when the rest of it is pwned.)

link
kazinator 3758 days ago
Indeed, it would be particularly amazing if a browser extension did that on Windows. :)
link