now I'm curious about features to protect against malicious apps.

like it's... yet another "app store".

what keeps delta chat apps/widgets safe?

@risottobias @ryanprior

if you like to know about all the gory details of how we isolate apps from getting at any side channels, see this discussion which also includes a security audit by Cure53 delta.chat/en/2023-05-22-webxd…

And yes, it's maybe not perfect, but it's not just yet another web view that has arbitrary access. Also, even if an app manages to break isolation, it has no access to the social graph at all. See webxdc.org/docs/spec/selfAddr_… for what is exposed to apps from the messenger side.

Delta Chat: Bringing E2E privacy to the Web: 4th security audit 😅

Delta Chat’s “web apps shared in a chat” come with a unique privacy promise but in January it was shown to be compromised. We got into a surprising struggle with Web browser sandboxing issues that ...

^delta.chat

@ryanprior I don't even mean the isolation.

I mean the /app store/-ish part of this.

being phished into installing a malicious app?
being typosquatted into installing a malicious app instead of a good one?
an app being maliciously updated?
a vulnerable app not being updated?
a lack of community review?

@ryanprior look; I like delta chat. a lot.

but I work in cybersecurity.

I can tell you went from zero to a perfect ten on unreasonably defensive so... maybe it's good for you to take a breather, regroup...

basics (free advice):

- webxdc should include a link to the source code in each zip file (not just a minified zip) (this is part of how fdroid's repository works)
- webxdc should link to an author's website, and prove they control it (supply chain provenance)
- should check for updates vs the latest zip file
- it's a very, very (very) bad security smell to immediately dismiss a trivially obvious security concern