It's nearly impossible to overstate the amount of security competence of modern browser teams vs. the security staffing of non-browser products.
-
-
Show this thread
-
Browser engineers literally *make fun of other browser teams* for having under-staffed security groups. Even our jokes have a better security posture.
Show this thread -
...which means that when you use a service on the web instead of installing (high priviledge by default) native software, you've put decades of competition about security from those teams between yourself and the service in question...and that is a *good* thing.
Show this thread -
Browsers ain't perfect. There's lots more to do, and I get why Zoom needed more in terms of API to deliver excellent experiences (we're working on it w/ Project Fugu). But if you need security more than a custom background, move to the browser.
Show this thread -
As a final addendum: competition (enabled by interop and standards) is how browsers got so damned good at security. They didn't used to be! It's yet another key reason that Apple's constant undermining of meaningful browser choice on iOS should worry everybody.
Show this thread
End of conversation
New conversation -
-
-
-
Yeah, a local priv escalation ain't the end of the world, but this is a trampoline that I have every expectation is going to get re-combined into a dozen new, worse things
- 3 more replies
New conversation -
-
-
You know I love the Web and I've long advocated for web based videoconf, but you're missing a big part of the situation if you summarize it down to custom backgrounds. Videoconf on zoom is a lot better than webrtc implementations I've seen. I don't know why exactly, but it is.
- 4 more replies
New conversation -
-
This Tweet is unavailable.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.