←back to thread

Less is safer: How Obsidian reduces the risk of supply chain attacks

(obsidian.md)
421 points saeedesmaili | 1 comments | 19 Sep 25 22:02 UTC | HN request time: 0.28s | source
Show context
system7rocks ◴[19 Sep 25 23:16 UTC] No.45307929[source]
I’ve been using other apps than Obsidian for notes and sharing, so this is nice to read and consider. But isn’t Obsidian an electron app or whatever? Electron has always seemed resource intensive and not native. JavaScript has never struck me as “secure”. Am I just out of touch?
replies(7): >>45307982 #>>45308069 #>>45308141 #>>45308336 #>>45308343 #>>45308406 #>>45310096 #
anon7000 ◴[19 Sep 25 23:22 UTC] No.45307982[source]
JavaScript is a very secure language. The browser is a massive success at running secure JavaScript on a global scale. Every website you use is running JavaScript and not able to read other site data. Electron is the same, running v8 to sandbox JavaScript. Assuming you aren't executing user input inside that sandbox (something many programming languages allow, including JS), it's very secure.

The problem with supply chain attacks is specifically related to npm, and not related to JS. npm as an organization needs to be taking more responsibility for the recent attacks and essentially forcing everyone to use more strict security controls when publishing their dependencies.

replies(2): >>45308100 #>>45311387 #
asgraham ◴[19 Sep 25 23:37 UTC] No.45308100[source]
Doesn’t this mean browser sandboxing is secure, not JS? Or are you referring to some specific aspect of JS I’m not aware of? (I’m not aware of a lot of JS)

It’s maybe a nit-pick, since most JS is run sandboxed, so it’s sort of equivalent. But it was explicitly what GP asked for. Would it be more accurate to say Electron is secure, not JS?

replies(2): >>45308410 #>>45311411 #
1. anon7000 ◴[20 Sep 25 08:05 UTC] No.45311411[source]
I mean, JavaScript doesn’t even have APIs for reading a file from disk, let alone executing an arbitrary binary. (Anything similar comes from a runtime like NodeJS.) You can’t access memory in different JS processes… so what would make it insecure?

To be fair, a plugin system built on JS with all plugins interacting in the same JS context as the main app has some big risks. Anything plugin can change definitions and variable in the global scope with some restrictions. But any language where you execute untrusted code in the same context/memory/etc as trusted code has risks. the only solution is sandboxing plugins