Search Mailing List Archives
[liberationtech] What happened to Prism? (was Re: Whatsapp, a Trojan horse for seekers of easy privacy?)
vitteaymeric at gmail.com
Sat Jan 17 06:38:20 PST 2015
Le 17/01/2015 14:57, hellekin a écrit :
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
> On 01/17/2015 08:08 AM, Aymeric Vitte wrote:
>> But you still need to trust: the browsers, the OS, the hw... which is
>> quite a lot...
> context. I wonder why the Mozilla Prism project was abandoned. I
> allowed to isolate a single site or application, and that certainly
> sounds a lot saner than running the whole world in the same place.
Not really, this is problematic if you try to run several instances/apps
on the same page, because some apps could possibly attack the other apps
just using the DOM, but some solutions to sandbox each app start
existing, please see the links in 
Talking about a single app in a single page, where the js code is
sandboxed and that does not give any chance to anything outside of the
app to execute, the problem does not exist, please someone tell me how
to attack the Peersm code.
Maybe the confusion comes from the fact that a "js app" is always
associated to a "web app" which interacts with a server and possible
things outside of the server while the former don't, except for code
retrieval, but the "js app" does not necessarily need a server, it can
be autonomous as explained in  "What do you mean by standalone?"
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v2
> -----END PGP SIGNATURE-----
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
More information about the liberationtech