
Encryption must come standard - mobitar
https://medium.com/@mobitar/encryption-must-come-standard-b5ba7b87a422#.5jl46rj28
======
rossy
I'd love to see more web apps that use WebCrypto to encrypt data on the client
side, but WebCrypto has a problem. It's hard to trust programs that run on the
web. Even if the app promises to encrypt user data, someone in control of the
server could read any user's data by singling them out and sending them a
different version of the site JavaScript that leaks the user's encryption
keys. This means you must trust the server every time you load the web app.
Even ServiceWorker apps are affected by this because the browser always checks
the server for updates to the worker JavaScript and it does not support any
form of code-signing.

The best way to improve the state of client-side crypto on the web would be to
close this hole and enable some kind of trust-on-first-use for the web, but
it's difficult, because this model of trust is at odds with how the web works.
Cyph apparently does something resembling trust-on-first-use on the web by
serving a ServiceWorker from a HPKP enabled domain and throwing away the
private key, but that's not really what HPKP was designed for.

~~~
mobitar
Yeah, it's a tricky topic. For apps that aren't social networks, I think we
need to begin trending towards running our own servers and clients. This may
not make sense in most cases, but in the case of say, personal notes, this
seems obvious. This is why I'm working on an open protocol for encryption and
ownership of notes at [https://standardnotes.org](https://standardnotes.org).

