Hacker News new | past | comments | ask | show | jobs | submit login

I must be missing something but can someone please explain

how browsergap > self-host on your own machine (at home, or in a VPS, VPC or the public cloud)

is more secure/private then just setting up a VPN on that machine?




As I understand it, it's like an extreme sandbox -- a completely separate computer (or a VM) where all the web stuff happens (javascript etc), which just ships pixels to your computer (phone/laptop etc). Ideally the complexity of the client software is low, i.e. not a web browser, and there is strict site isolation (VMs) at the sandbox side to prevent leakage from one site to another. I'm a little vague as to how this implementation works.

So this is nothing to do with a VPN as such, but of course you could host it in the cloud, or run a VPN to a cloud endpoint.


Yes, that's correct, thank you for helping explain things! :)


What I used to do was launch a browser in an Xvnc or RDP session in a VM somewhere. Then do all my browsing from there. Later, I worked somewhere where RDP was blocked so I started using Guacamole (RDP/VNC over websocket).

What this author is providing is a similar and all-in-one npm solution for the above. Also has use-cases outside of secure runtime environments...


Thank you for your explanations here, you really get this category! I'm sorry but do you mind if I ask what's your background?

I'd like to ask for your advice, I'm at cris@dosycorp.com .... Would you be uninterested in discussing over email?


Hey Cris! I saw your email in another thread and I was gonna reach out but for different reasons! My background is software dev with an emphasis on systems infrastructure and release management. I’ve worked enterprise and startups and my niche right now is M&A transitions. Look out for my email later today!


Thanks, I'll be looking out for it!


You might need to reach out at cris@dosyago.com I think the G Suite email (dosycorp) is dropping mails.


Perhaps I'm off target, but how would this compare to guacamole? We've looked at guacamole as a potential solution to our problem. We need our user to log into a third party system with their username) password. Then we want to take over and drive the session selenium-style.


Sounds like you want someone to log in to a remote system then take over and drive it selenium style. Is that right?

Well, I'm hearing you right, then this (BG) is definitely a potential solution for your problem. I think it would be lighter weight than Guac since it only runs a browser (not a whole desktop).

My email is cris@dosycorp.com ... Would you be unwilling to talk more?


It's a different approach. The most material difference is that a VPN does not protect you if a rouge web app breaks out of the browser sandbox.


Thank you for helping explain things! :)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: