Shamil's Blog. Software Engineering Processes, Android, CI, Devops.

Just a few notes for myself. Took a minute to look through Brave(.com) browser and stuck upon mention that it uses NaCl in Crypto. Why the hell to use NaCl? I get used to disable NaCl  in Chrome when I could - until chrome:plugins control was removed. I just believe that crypto must be as close to CPU as possible, as native as possible (no JavaScript crypto code) and HW accelerated on CPU level. The lesser layers the safer it is, cause so no secret keys could be left in memory to be read by some other process.
Second thing (which could be not relevant, but looks strange anyways), is that it used npm as package manager in previous days.

Labels: brave, browser, crypto, linux, opensource, security