Hacker News new | past | comments | ask | show | jobs | submit login

False.

For starters, browsers can only implement sandboxing thanks to the OS facilities, otherwise it would be impossible.

And that is modern ones. 5 years ago some browsers were still a security nightmare with not even multiprocess separation.




There's a difference between what features OSes have and which ones they are effectively using.

If you ran untrusted native apps with the same level of consideration that people run untrusted web sites, your identity would be stolen every 30 seconds. That is solid empirical evidence of a better security model.


This is a classic false sense of security

People identities are stolen constantly by web apps, they just don't know

An app like Excel could steal my data, yes, but it is my willingness to give away all my connections to Facebook and let them spy my interactions that gave away my identity and also the identity of people that do not use Facebook, but are mentioned by me or my other contacts (for example my parents)

That's the real danger


The difference is that nobody runs untrusted binary apps.

If we wanted to do so, then the "run" operation on an executable would be different.

There is no difference, and in fact, OS have more features and capabilities to make running untrusted code safe.


Five years ago was 2015. Chrome has had multiprocess and sandboxing for a lot longer than that.


And if you had read carefully I said some browsers.

In 2015 Firefox still did not have multiprocessing. IE did not either, and it was massively used back then.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: