Reply to post: Re: Web app? No thanks.

Just a little heads up: Google is still trying to convince everyone that web apps don't suck

JohnFen

Re: Web app? No thanks.

How can I secure a WPA so that it cannot communicate over the internet? I haven't really figured that out, and unless I can do that, they are too risky to use.

Any code that executes in your browser without you specifically asking it to is a security risk. Doubly so because it's inside the browser, where it effectively masquerades as your browser and therefore can dodge external security mechanisms. The more capabilities that are made available to that code, the more dangerous the situation becomes.

What I see WPAs as doing is unnecessarily escalating the already furiously heated battle between attackers and defenders. That's really why I object to the notion. Why do we want to do this? In the end, it only makes the web less usable to the masses.

If you want to make an application, make a real application. Don't tie it to web engines.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon