[sverhagen]

"Runs in the browser" and "client side" isn't as much of a selling point to me as it's made out to be. It's a claim that I can't really validate until it's too late. If it's a commercial service I'm going to have to pay for, then maybe you should go all the way in gaining my trust with whatever safeguards it takes, so that I no longer care if I upload my data to your server or not.

[strogonoff]

There’s a cheap trick to make sure a website that claims to do everything client-side actually does everything client-side:

1. Open the site in an incognito window.

2. Turn off your Internet.

3. Do what you’ve got to do.

4. Close browser window.

As a bonus, and this makes it better than just flipping the offline switch in developer tools, if you turn off Internet in a way that keeps the browser thinking it’s online, you can also peek at whether any network requests are made (for pathological cases where the app does everything locally but phones home anyway).

[hahn-kev]

Yeah I really wish there was a way for this to be enforced by the browser that the end user could trust. It would have to be a standard, but outside of opening dev tools and toggling offline mode there's no way to be sure.

The funny thing is that it feels safer to download a desktop app and give it the same data even though it's usually much harder to validate if it's shipping your data somewhere else.

[Botlabs]

Sure, but you can validate it dev tools exist for a reason. Honestly, I just can’t afford the storage costs if users are uploading 50GB+ CSVs. It’d be a huge strain on any server, not to mention painfully slow for users. Running everything client side was the easiest and most practical way to build this MVP at least for me thanks for the feedback

[rustc]

> then maybe you should go all the way in gaining my trust with whatever safeguards it takes

What kind of safeguards are possible with a web app?

[sverhagen]

I think this comes down to legally-enforceable contracts with some teeth. A lot of business seem okay to trust Google's cloud products, or Microsoft's? I think as private person with limited means for litigation, you're likely sol.