Slash Boxes

SoylentNews is people

posted by martyb on Sunday November 25 2018, @01:59AM   Printer-friendly
from the welcome-to-the-danger-zone dept.

Google and Mozilla are working together on a method to let web apps gain access to users' files.

A group led by Google and Mozilla is working to make it easy to edit files using browser-based web apps but wants advice on how to guard against the "major" security and privacy risks.

The idea is to allow users to save changes they've made using web apps, without the hassle of having to download new files after each edit, as is necessary today.

[...] the W3C Web Incubator Community Group (WICG), which is chaired by representatives from Chrome developer Google and Firefox developer Mozilla, is working on developing the new Writable Files API, which would allow web apps running in the browser to open a file, edit it, and save the changes back to the same file.

However, the group says the biggest challenge will be guarding against malicious sites seeking to abuse persistent access to files on a user's system.

"By far the hardest part for this API is of course going to be the security model to use," warns the WICG's explainer page for the API.

"The API provides a lot of scary power to websites that could be abused in many terrible ways.

What could possibly go wrong?

Original Submission

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 3, Interesting) by DrkShadow on Sunday November 25 2018, @06:08AM (3 children)

    by DrkShadow (1404) on Sunday November 25 2018, @06:08AM (#766098)

    persistent access to files

    Why would any site, anywhere, need _persistent_ access to files?

    Even supposing Google Docs. Look at MS Word. You _open_ a file, you edit it, then you _save_ changes. Consider what we have now: a button that, when clicked, asks you what file you'd like to open. Every _save_ is currently equivalent to a save-as, but even if it _weren't_, the save wouldn't be _persistent_ access to files. When you close the site, any access to any file is over.

    How do you prevent a site from interchanging the "open for edit" dialog and the "upload" dialog? Perhaps we should separate apps out into ones that show you documents from the web, and ones that you download to run code on your local machine. ..... hmm.

    Where everything went from the mainframe to being highly modularized and back to the mainframe, everything is going from separating everything out to ChromeOS and will pendulum back to separating everything out, for security and reliability and personal control. The companies seem to never give up on turning the internet into TV, though.

    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  

    Total Score:   3  
  • (Score: 0) by Anonymous Coward on Sunday November 25 2018, @11:28AM

    by Anonymous Coward on Sunday November 25 2018, @11:28AM (#766132)

    Why would any site, anywhere, need _persistent_ access to files?

    No site should need persistent access to the file system, but I can see how this could be very appealing to the likes of MS Word, Adobe Creative Cloud, in-house/intranet web applications, etc.

    I think there are two different types of file access that need to be considered here:
    1. Local autosave
    2. Local read/write

    With restrictions to the amount of local browser storage I think #1 could be useful and (relatively) safe if each autosave directory was site-based (like cookies). It goes without saying that if a site gets infected your existing autosave files are fair game, though removing the autosave files after saving the document to "the cloud" (even sending the autosave files along with the saved document) would remove that security risk.

    I'm not sure how #2 can work safely, even with site-based whitelisted directories. If a site gets infected your documents are in a lot of danger.

    File access could make for some interesting browser extensions, but it also opens up a portal of doom. Perhaps this feature should be called "Pandora" instead of "Writable Files API"

  • (Score: 1, Interesting) by Anonymous Coward on Sunday November 25 2018, @09:20PM

    by Anonymous Coward on Sunday November 25 2018, @09:20PM (#766275)

    Why would any site, anywhere, need _persistent_ access to files?

    Given google's business logic is based on spying, this means they will be able to get more information from you.

  • (Score: 5, Interesting) by darkfeline on Monday November 26 2018, @01:51AM

    by darkfeline (1030) on Monday November 26 2018, @01:51AM (#766341) Homepage

    Because the current method for reading/writing files is uploading/downloading the entire file. If you're editing a 1GB file, that's undesirable. Having direct file access is clearly superior for this use case.

    (Also, take a look at the HTTP file transfer protocol at some point, it could be generously described as shit.)

    The reason is of course to support web apps, and the reason web apps exist is portability. Web apps are basically the modern POSIX. I'm sure that sounds scary to a lot of people, but POSIX was scary for old school Unix too; it killed them right dead.

    The Plan 9 folks probably don't like it, but the modern "Web" is what Plan 9 was trying to achieve, decentralized computation/storage that could be accessed from anywhere. Sure, it's a lot shittier, but it actually exists, and existing turns out to be a very important feature for software.

    Join the SDF Public Access UNIX System today!