mirror of
https://github.com/privacyguides/privacyguides.org
synced 2024-11-30 15:03:32 +01:00
add electron link
This commit is contained in:
parent
4aca2c54b7
commit
6fdefbe8be
@ -14,6 +14,6 @@ license: BY-SA
|
||||
|
||||
The concept of a Progressive Web App is enticing: an app using web technologies that’s inherently cross platform (since it runs in a browser) and acts like a native app, even working offline. Support in traditionally locked-down platforms like iOS means that PWAs can give users the freedom to install apps without having to go through Apple’s App Store.
|
||||
|
||||
Attempts at similar things have been made before, notably the infamous Electron allows developers to easily create cross-platform apps by essentially bundling the browser in with the app. This has its drawbacks, though. Browsers have huge attack surface so it's important to keep them updated, but many Electron apps ship outdated versions, leaving those apps vulnerable.
|
||||
Attempts at similar things have been made before, notably the infamous [Electron](https://www.electronjs.org) allows developers to easily create cross-platform apps by essentially bundling the browser in with the app. This has its drawbacks, though. Browsers have huge attack surface so it's important to keep them updated, but many Electron apps ship outdated versions, leaving those apps vulnerable.
|
||||
|
||||
So why isn't every app shipping as a PWA? The answer is an old problem with web content: the fact that you have to trust the server every time you use it. You make an HTML GET request and you're served the content, but if the server is compromised, you'll be served a compromised website. This is a problem for security-sensitive applications like messengers. An attacker that gains access to their server even just temporarily, could distribute compromised clients to millions of people, potentially breaking E2EE or any other number of malicious actions.
|
Loading…
Reference in New Issue
Block a user