|
|
|
|
|
|
by Someone
1191 days ago
|
|
|
If you trust them it technically (legally, things can be different) doesn’t matter much (they need to use https, and there’s the risk of them being hacked) whether it’s done client-side. If you don’t trust them you’d have to check that they work 100% client-side every time you use such a site, and people don’t know how to do that. That’s were tools you host yourself (on a server or by locally installing them) make a difference: you have to vet them only when you install or update them, not at every use. Also, you can restrict the capability to install or update to qualified personnel who should do a better job at security evaluation than your regular employee working under a tight deadline. |
|
|