Hacker News new | ask | show | jobs
by Jensson 965 days ago
> You can simply relay the requests to the original site/"webapp", no need to build one similar

Doesn't work if the app encrypts messages locally, so end to end encryption is still valid with this.
1 comments
g-b-r 965 days ago
We're talking about normal browsing, not webapps performing their encryption
link
isilofi 965 days ago
Webapps are also vulnerable because the Javascript can be manipulated in a MitM attack.

The only way around this would be a "real" app.

link
g-b-r 965 days ago
True
link