Hacker News new | past | comments | ask | show | jobs | submit login

WeChat killed their web interface for most users and replaced it with a message that translates to: "For your own account safety, this account cannot use the web version. You can use the Windows or Mac client [download links]"

Safety? Web is about as safe as it gets. It's one thing to spy on users but it's a whole another thing for Tencent to masquerade under the name of safety to cheat users into downloading what could quite possibly be spyware. That's not only spying but also spreading false information about computer security to the masses.




> Safety? Web is about as safe as it gets.

I strongly prefer native apps over web apps because I can firewall off native apps. I can't do the same for web apps.


I'd say the exact opposite, especially on desktop. Most native desktop apps can't run without access to the filesystem, for instance.

I was referring to the WeChat web app vs. the WeChat Mac/Windows app; the web version has no access to your filesystem, but they are not allowing people to use it anymore. The Mac/Windows versions could theoretically read any files on your system, spy on your clipboard, portscan your private LAN, scan Wi-Fi networks, and lots of other nasty things that the web version cannot.

Also with webapps it's much easier to inject JavaScript to "edit" their behavior. Desktop apps are often compiled to machine code (or have mysterious pieces thereof which are) which makes it difficult.


> Most native desktop apps can't run without access to the filesystem, for instance.

True, but in terms of privacy, that doesn't matter if the app can't communicate out.


WeChat is mostly an instant messaging app, so not letting it communicate out would defeat the purpose of using it in the first place.

I agree with you for purely offline tools such as Inkscape/GIMP/etc. though.


> not letting it communicate out would defeat the purpose of using it in the first place.

True. Apps that must communicate out in order to do their jobs are a different category.


Aren’t a lot of “native” apps of web apps mostly wrappers? In the case, you can silo off the web app yourself into its own wrapper to firewall it?


Yes. I should have been more specific. I wasn't talking about those -- I was talking about things you use a real browser to work with.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: