| A local tauri binary that is optimally secured: - all assets are baked into the binary, not an ASAR or some kind of sidecar - uses minimal javascript obfuscation - disables console availability in the webview - detects if it has been invoked from command line and exits - uses a minimal CSP to prevent the webview from reaching out to unknown resources - uses an API acceptlist, to treeshake out any unneeded functionality - injects the code directly into the webview from rust, circumventing the need for a localhost server - communicates with the event API, which uses randomized handles for all events to prevent static attacks from knowing in advance what a function call will be - never relies on external resources like remote servers / CDNs - removes all println! macros from consumer side rust - uses the forthcoming signed updater system - has been audited with frida-trace on delegate platforms - probably a couple more I am forgetting |
It may be useful to focus more on the why, then the what.
I see you are familiar with frida and know a thing about reverse engineering, so I assume you know that just like most local protectors, someone will just eventually write a wrapper that automatically bypasses all the 'security' measures.
If we take electron as an example, why do I care that Tauri implements all these things, while electron doesn't. How does it make it more secure? Am I supposed to be worried someone is sitting in between my GUI and backend intercepting messages? Is this a common attack vector for electron? I'm really have a lot of questions why to put effort into developing all these things.