Yeah but iām pretty sure you can spawn a secure subprocess without networking on android?
Thread
Login to reply
Replies ()
Sure, but you cant do that on a minimal app like Amber. Everybody will see it.
Also, most people already have their keys there and have no desire to put it anywhere else.
Exactly this. I have amber to hold my keys safely. Everything else is a portal I can sign into with it. Now you want to be the one unique client to hold my keys while you do other things online exposing a greater attack vector to my keys? No thank you.
I don't keep my data on my server, but I do connect encrypted drives to it!
Single purpose appliances work best.
And I don't want to ever have to paste my nsec anywhere ever again!
How is the user supposed to tell Damus to have network for some things but not for that secure sub process? He cant. The entire point of a second app like Amber, is to give the user the ability to deny network permissions instead of having to trust the developer to have done it correctly.
You think you'll never make a mistake. You may be right, but I'd still rather not have to trust you.