> What I have for native applications that I don't for the web is the ability to... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

tiagod on Feb 3, 2023 | parent | context | favorite | on: The future (and the past) of the web is server sid...

> What I have for native applications that I don't for the web is the ability to firewall off the native applications.

There you're placing trust on the firewall's sandbox. Are you sure the application can't communicate with the outside at all? DNS exfliltration for example?

JohnFen on Feb 5, 2023 [–]

A firewall is not a sandbox, but yes, I am sure that the applications can't communicate with the outside at all. My logs would show if they were. Any and all packets that originate from them are dropped, including DNS lookups and the like.

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact