• Helix 🧬@feddit.de
    link
    fedilink
    arrow-up
    0
    ·
    3 years ago

    it’s about the fact that you’re doing crypto to protect yourself from the server, using code that the server just sent you

    Ah, yes, makes sense. Solutions to this may be to use client applications, local storage in browsers or checksumming.

    • Dreeg Ocedam@lemmy.ml
      link
      fedilink
      arrow-up
      2
      ·
      3 years ago

      There are still many issues with that. This stackoverflow discussion shows that it is not really possible to do. Some of the points are irrelevant, but the general takeway is that local storage, caches and all are not designed for security but for performance.

      The thing is that the browser is absolutely not designed for this kinds of uses.