[zamadatix]

And if an app decides to send encrypted/compressed/encoded data over the TLS socket you gave it then what? The assumption is the app is malicious, how are you ensuring the data underneath the communication layer you provide is actually clean?

[jakeogh]

They dont get a socket. What's the socket for?

[zamadatix]

Please don't get hung up on terminology - for the sake of conversation assume the name for the way the black box app gets information from the outside world is termed a "socket". It's a name, it doesn't really matter. What matters is you are taking information from the outside and giving it to the black box.

So say you give the black box in your sandbox a socket (from the above definition). Say it is a news app. This news app loads headlines and articles. How does your sandbox know if the headline/article text contains some form of encoding? How does it know the timing of requests isn't leaking information out about your viewing patterns?

[jakeogh]

Ah, I misunderstood your mention of black boxes. This is not for black boxes. It only makes sense for open source. I agree it wont work for a black box that you cant audit. If the browser is side-channeling by asking for scheme://some.thing/enc_data_sent_here -> enc_data_recieved when the middleware hands the GET back, then atleast the user can decide if they want to honor that GET request and figure out why the browser made it, and remove that code. The browser should have no crypto code in it. Linking to a SSL/crypto lib would be a bug as I mentioned.

I spend quite a bit of time railing on JS. Executing arb code is fundamentally a bad idea (Halting Problem).

https://hn.algolia.com/?dateRange=all&query=jakeogh%20%22dis...

[a1369209993]

> https://hn.algolia.com/?dateRange=all&query=jakeogh%20%22dis...

> This page will only work with JavaScript enabled

Really!? Why the hell would you link to that?

[jakeogh]

I know, it's rough! I had to start FF to generate it. For some reason it wont work with webkit(surf ctrl-shift-s to JS).