I thought you meant like you had to use Javascript to marshal between the WASM module and the user interaction. What you really meant is that you're objecting to, basically, a load call. One line of Javascript code to load and run the WASM module. What possible security risk could that pose?

And again, I've not heard an adequate explanation as to how locally-running JavaScript encryption code would be any less secure than, for example, running a Python script in the terminal.

Locally and in a browser are, in real life, mostly different things and I assume you know that.

I think you're basically admitting that you meant that verifiably secure encryption using a website is impossible (other than e.g. TLS), which I would agree with, but that's not what you wrote. Browser extensions are used all the time to handle all sorts of secure encryption in high risk scenarios, such as for password managers. That is a perfectly valid example of encryption within a browser - and it was the first one I mentioned.

Please just admit you were wrong, or that you meant to say "website" rather than "browser". It's okay, trust me, people respect you more when you can admit that sort of thing, it makes you look strong and capable of taking criticism.

[–] tux0r@snac.rosaelefanten.org 2 points 5 days ago (1 children)

I might, indeed, have miscommunicated my assumptions. Thank you for pointing it out.

[–] bearboiblake@pawb.social 1 points 5 days ago

No worries! Take care, and sleep well <3