Hacker News new | ask | show | jobs
by aumerle 648 days ago
This article is a perfect illustration of why Webapps will never be as good as native ones. Webapps are always "untrusted" code so they are arbitrarily and artificially restricted from accessing resources on your local machine.
1 comments
goblin89 648 days ago
Untrusted by default is a feature. No user would be able to protect themselves, unless perhaps they are a highly trained security expert always on alert, which is not a thing.

This is not the exciting early days of the interwebz where script kiddies run amok and it’s mostly for the geeks anymore, it’s where government-affiliated gangs are launching ransomware attacks on critical infrastructure in order to finance nuclear programs. Accessing arbitrary resources on your local machine is how that happens.

Web apps, given a modern browser, naturally have stricter sandboxing, but native apps are treated as untrusted on any modern OS, too. If I launch anything new, the dialog will have me confirm before it accesses anything other than its isolated app data directory.

link
aumerle 648 days ago
I dont run a single native application across five operating systems that requires a popup nag to access the clipboard or that is unable to put any data other than text, html and PNG on the clipboard.
link
goblin89 648 days ago
Every mobile OS from Apple would show a popup if an app tried to access clipboard without your explicit pasting. Obviously, if you tapped “paste” then popup would be unnecessary since you would be approving your own action, not app’s action.

It is somewhat crazy that macOS doesn’t do that yet.

But the comment I replied to was talking in general terms. Yes, for some APIs native apps are for now more trusted than Web apps, depending on the OS, but the trend is that they are becoming less and less trusted.

link
aumerle 647 days ago
If you mean mobile OSes sure, I can agree with you they are becoming worse with time. OSes for real computers, not so much.
link
goblin89 647 days ago
I mean all consumer operating systems, and they are becoming better unless you stick to old and vulnerable versions.
link
aumerle 639 days ago
Again, no non mobile OS prevents native applications from using the clipboard as it should be used. And none of them show any signs of changing that.
link