Hacker News new | ask | show | jobs
by some_furry 2512 days ago
> 1) We should absolutely work towards allowing developers to sign their JavaScript.

I've already been working on this for my own projects. It might be something that can be generalized for all Electron projects.

https://github.com/soatok/libvalence

https://github.com/soatok/valence-updateserver

https://github.com/soatok/valence-devtools

This uses Ed25519 signatures and an append-only cryptographic ledger to provide secure code delivery. The only piece it's currently missing is reproducible builds.

For greater context: https://defuse.ca/triangle-of-secure-code-delivery.htm
1 comments
cjbprime 2512 days ago
I think you need OS codesigning integration for this threat model. Otherwise whatever special app runtime check code you add just gets removed by the malicious overwrite of your app code.
link
some_furry 2512 days ago
I'm just doing this for secure updates, so that malware doesn't get delivered through the update mechanism. For precedent, see https://core.trac.wordpress.org/ticket/39309

It isn't meant to mitigate a compromised endpoint.

link