[sedeki]

I assume that, realistically, the JS is verified by outside experts (and not by the user), and that a check on the user's part would simply be comparing a calculated hash to a given one.

I understand that this might not be how things are really done at PM (i.e. do they provide a hash? probably not) so my arguments may be hypothetical, but it doesn't render them invalid in the larger context imo.

[mgerdts]

If the trusted web service is under law enforcement order to decrypt mail of a particular user, a version of the JavaScript code that breaks the encryption could be delivered to only that user. No third party experts will be aware of this special version so no red flags can be raised by these third parties.

In contrast if an app does not download code, the eavesdropping will require a new version of the app to hit the app store. Third party experts may review this and raise red flags.

This is the first time I felt that an app had a privacy advantage over a browser interface.