kernel = browser, user land = web apps I don't understand what you mean by "In t...

jfkebwjsbx · on March 19, 2020

False.

For starters, browsers can only implement sandboxing thanks to the OS facilities, otherwise it would be impossible.

And that is modern ones. 5 years ago some browsers were still a security nightmare with not even multiprocess separation.

TheCoelacanth · on March 20, 2020

There's a difference between what features OSes have and which ones they are effectively using.

If you ran untrusted native apps with the same level of consideration that people run untrusted web sites, your identity would be stolen every 30 seconds. That is solid empirical evidence of a better security model.

chinesempire · on March 20, 2020

This is a classic false sense of security

People identities are stolen constantly by web apps, they just don't know

An app like Excel could steal my data, yes, but it is my willingness to give away all my connections to Facebook and let them spy my interactions that gave away my identity and also the identity of people that do not use Facebook, but are mentioned by me or my other contacts (for example my parents)

That's the real danger

jfkebwjsbx · on March 20, 2020

The difference is that nobody runs untrusted binary apps.

If we wanted to do so, then the "run" operation on an executable would be different.

There is no difference, and in fact, OS have more features and capabilities to make running untrusted code safe.

snazz · on March 19, 2020

Five years ago was 2015. Chrome has had multiprocess and sandboxing for a lot longer than that.

jfkebwjsbx · on March 20, 2020

And if you had read carefully I said some browsers.

In 2015 Firefox still did not have multiprocessing. IE did not either, and it was massively used back then.