Hacker News new | ask | show | jobs
by michaelt 4482 days ago
If a user doesn't trust Dropbox, why would they trust passwordprotectmyfile.com?

I know it claims the file doesn't leave your computer, and that might be true right now, but in five minutes if I visit the page the code could have changed. And it would hardly be user-friendly to ask users to check the minified javascript before using it.
1 comments
sobel 4482 days ago
It's a little clunky, but I do have a process in place for checking that the website matches the code: https://github.com/louissobel/ppmf/blob/master/bin/check_pro...
link
hamburglar 4482 days ago
If you have to run a local program to verify the code on your web page, why don't you just put the code you are verifying in the local program?
link