Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google, Mozilla Working on Letting Web Apps Edit Files Despite Warning That it Could Be Abused (techrepublic.com)

Posted by msmash on from the closer-look dept.

Google and Mozilla are heading a group that is devising a way for users to save changes they make using web apps. From a report: The idea is to allow users to save changes they've made using web apps, without the hassle of having to download new files after each edit, as is necessary today. "Today, if a user wants to edit a local file in a web app, the web app needs to ask the user to open the file," said Google developer advocate Pete LePage. "Then, after editing the file, the only way to save changes is by downloading the file to the Downloads folder, or having to replace the original file by navigating the directory structure to find the original folder and file. This user experience leaves a lot to be desired, and makes it hard to build web apps that access user files."

To this end, the W3C Web Incubator Community Group (WICG), which is chaired by representatives from Chrome developer Google and Firefox developer Mozilla, is working on developing the new Writable Files API, which would allow web apps running in the browser to open a file, edit it, and save the changes back to the same file. However, the group says the biggest challenge will be guarding against malicious sites seeking to abuse persistent access to files on a user's system. "By far the hardest part for this API is of course going to be the security model to use," warns the WICG's explainer page for the API. "The API provides a lot of scary power to websites that could be abused in many terrible ways."

12 of 112 comments (clear)

  1. ActiveX, anyone? by 93+Escort+Wagon · · Score: 5, Insightful

    Nah, I’ve tried and tried - but I really can’t see how this could possibly go wrong...

    --
    #DeleteChrome
    1. Re:ActiveX, anyone? by nazsco · · Score: 4, Interesting

      You forget one thing: Google!

      Google is microsoft plus advertising.

      When IE was pushing internet specs over W3c, it had nothing but the OS carrot pulling in users. If the website didn't like IE, it could just ask the user to change browsers, and the user did.

      Now we have Google, who controls both the users via chrome (and access to their own products, just like microsoft --try to use hangouts, which is required for interviews etc, without chrome!) but besides that, it also controls the websites via their Ad business.

      Now you have someone who have a monopoly on both user and site choices. Pushing one webstandard after another over everyone's heads. E.g. http2, http3... which is actually UDP...

      Here how it is going down: they will convince all the good engineers that could block this abusive idea that the feature will have lots of UI alerts. The first use case will be something like photoshopOnline. Then, when those smart people are not looking, they will make every site request the permission because they will use it for data persistence on their analytics code! then they will make this the default on chrome, because users complain about too many popups! then they will move this to data persistence for adWords et al. And at this point it is end game trying to not be tracked among devices and accounts on google ecosystem.

  2. #doNotWant by phantomfive · · Score: 5, Insightful

    "The API provides a lot of scary power to websites that WILL be abused in many terrible ways."

    FTFY. Fix your current mound of security bugs to demonstrate you have the ability to make a secure API, and then you might be able to convince people you have the ability to actually make it secure.

    --
    "First they came for the slanderers and i said nothing."
  3. This is great news! by Opportunist · · Score: 3, Funny

    Total job security coming our way, let the champagne bottles roll in!

    Yours,
    Infosec department

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  4. Re:abused? by Opportunist · · Score: 2

    Do you know a user that really knows where he's navigating to? Do you really think you know what things your browser loads when you surf to a page? You'd be surprised just WHAT kind of bullshit gets loaded, and from what sources.

    This is abuse waiting to happen.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  5. Re:abused? by fred911 · · Score: 2

    "things your browser loads when you surf to a page?"

    I've recently been required to view web pages without Ublock enabled. It amazes me how much JoeSixpack will allow others to waste his resources, without even talking about latency before the resource is viewable.

    It's reprehensible.

    --
    09 F9 11 02 9D 74 E3 5B - D8 41 56 C5 63 56 88 C0 45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2
  6. Do they have security in mind? by Sigma+7 · · Score: 2

    Browsers frequently follow the "auto-execute random code" paradigm, where it just takes one rogue ad to redirect you to a page that tries to force a download of "java_update.exe".

    navigating the directory structure to find the original folder and file.

    Most programs (or the OS) at least remembers the last location at which the file was saved, thus you only have to navigate the directory structure the first time you have to open a specific file. That's why the save window often doesn't revert back to some default folder for each new file.

    Not to mention that some of this directory navigation wouldn't be as difficult if apps made it easy to find their files.

  7. Give Me an Opt-Out or I'm Switching Browsers by Anonymous Coward · · Score: 3, Interesting

    I don't feel this is secure and don't need it. If Mozilla implements this API in Firefox and doesn't allow me to opt-out of it and restrict it, I'll find a new web browser. It's not acceptable from a risk-reward perspective for someone who doesn't use web apps to edit files on one's hard drive.

    Really, I think this should be blocked on an operating system level if possible, at least showing a dialogue box warning you when a website in your browser is trying to do this and giving the option to accept one-time only, decline one time only, or set to allows allow or always deny. If Windows 10 is going to keep being updates incessantly with questionable features and higher bug counts, they can at least give us this, or the browsers themselves don't.

    It might be a good idea to ask some of the smaller browsers like Waterfox, Vivaldi, Pale Moon, and Basilik whether or not they are going to adopt this. Maybe one or more of them will make a good fallback if the more mainstream browsers and big operating system don't want to protect their users.

    I kind of get when Google Chrome is doing this- Google wants everything done on the Internet because that's where their ads are and that's where they can get data on your to use to target you ads, and they will ignore obvious significant security concerns to achieve that. Why Mozilla would play follow the leader on this, I'm not sure. I guess they don't want to be perceived as lacking a feature the market leading browser has. However, this isn't a feature, it's a bug (See what I did there? :) ).

  8. Re:abused? by Dunbal · · Score: 2

    Because pages don't have ads and all advertisers are 100% honest and legitimate and have never, ever tried to install malware before.

    --
    Seven puppies were harmed during the making of this post.
  9. Very simple answer for the security model by raymorris · · Score: 2

    The article raises the question of which security model os needed.

    Security has been been studied a lot, and there are many well-defined models, an acronym soup of security models to choose from. Since this is my field, I've studied most all them to varying degrees.

    There is a very simple answer to the question of which security model will prevent abuse while allowing the API to be useful. They need the U.N.I.C.O.R.N. security model. It's called UNICORN because it doesn't exist. There is no security they can put on this that will work.

  10. I feel like I'm in the twilight zone... by RhettLivingston · · Score: 2

    I feel like I've entered the twilight zone when I read an argument that storing my work on my machine is dangerous while storing it anywhere else is considered safe. Security has been compromised the moment my data isn't stored on my machine. Virtually every internet service today is a major security breach. And when someone tries to come up with something to reduce the near-requirement that all data be given up from inception, people call it a security threat? WTF? That's some pretty rich spin control.

  11. Re:Browsers implement WebExtension API by Waccoon · · Score: 2

    Both of these points directly highlight the real issue: it's about control.

    Technically, nobody forces you to use a plugin, and everything can be disabled by default unless you turn it on. It's a user choice. By banning plugins and using only "standard" APIs implemented by the browser developers, they ensure everything is under their control. Same reason for forcing signed extensions, which was always a bad idea. They'll allow it only if they like it. Users can't be allowed to make choices we think are dangerous... for their own good. Also, when a bad extension is discovered in the wild and causes a ton of damange, it may only take a deluge of complaints racked up over 6 months to get the extension pulled from the store. Maybe. If they feel like it.

    Yeah, there's always some nutcase who has to argue that "most" people are too ignorant to make good choices, and thus forcing the curated model is a good thing. Might as well cater to the lowest common denominator and make things miserable for everyone (and keep adding new crap that props up that ad business model -- security be damned). It's all marketing and politics.