Hacker News new | ask | show | jobs
by jacksingleton 4087 days ago
The argument is that implementing crypto within an application that is designed to download and execute untrusted code from untrusted servers and has an extremely large attack service [1] is a difficult if not dangerous task.

[1] your browser
1 comments
kragen 4086 days ago
While that may be true, that’s a different class of vulnerabilities that doesn’t include XSS.
link