Maybe I'll believe you when desktop operating systems have a mature and easy-to-use sandbox for local apps. Any random local app by default having access to ~/.ssh/id_rsa no attack required is a much bigger threat for me to worry about than thinking a web app might attack my browser to steal data belonging to a different origin.

MacOS already has this for at least 5 years: https://support.apple.com/guide/security/controlling-app-acc...

What good is a sandbox if you're just going to punch holes through it.

What about supply chain attacks?

Do you know if your trusted web app fell for one?

That's irrelevant. Both local apps and web apps are subject to supply chain attacks. The difference is that a local app that has had a supply chain attack carried out can read my documents, my private keys, my photos, etc; a web app that has similarly malicious code cannot do any of that. The browser protects me because it has a sandbox.

I also do not understand why you refer to "trusted web app" whereas in my comment above I have stated that I need a sandbox to run the code; I clearly don't trust it enough. The whole point is that the browser allows me to run untrusted code safely. And supply chain attack is one of the main reasons why I don't trust it enough.

Web apps have a magnitude more dependencies than desktop apps. A lot bigger attack vector.

>I also do not understand why you refer to "trusted web app" whereas in my comment above I have stated that I need a sandbox to run the code

Because you referred to apps stealing code from a different origin. I talk about the app you use to access the usb device per web usb.

Previously it was about a malicious app attacking per browser exploit.

This tine the app is allowed to access the data but because of the supply chain attacks your data gets stolen.

> Web apps have a magnitude more dependencies than desktop apps

Irrelevant. As a user I do not care how many dependencies an app has. I care about my own data security and browsers have an excellent sandbox.

> Because you referred to apps stealing code from a different origin

I referred to apps stealing data from a different origin. Think my open web mail tab containing my email. That's an attack that browsers can prevent.

> I talk about the app you use to access the usb device per web usb.

That's what is supposed to happen. I explicitly want this vendor app to talk to vendor hardware.

> Previously it was about a malicious app attacking per browser exploit.

A malicious web app needs a browser exploit to access my data which costs millions of dollars on the black market. A local app does not need any exploit to access my data.

> the app is allowed to access the data but because of the supply chain attacks your data gets stolen

The app is never allowed to access my data. It doesn't matter whether supply chain attacks are involved or not.

Run it as another user or put it in a less privileged cgroup. Problem solved.

That's what I currently do but it's not easy to do at all. For one, there's no simple and built-in way to copy my desktop user settings to the new user. For two, when you switch to a new user, you can't simultaneously do things as the original user in the same desktop session.

"Using an internet tool to access local resources is using the wrong tool for the job."

Browser technology stopped being internet tech only quite a while ago.

It might not have been the best idea, but that's where we are. So my first choice would nowdays also be webusb if possible.

> Browser technology stopped being internet tech only quite a while ago.

That was already a bad idea.

> It might not have been the best idea, but that's where we are.

You aren’t forced to use it for local resources.

No I am not forced to use it, but since the web is my usual tech stack, I likely will just use that, if I ever have to connect to a USB device.

If you write code ok, but what about third party apps.

Supply chain attacks are quite common.