[Webinterface] Warn people when they have downloaded an executable file through Oyster? (Discuss)

oysterprotocol / webinterface

Web interface that enables a user to upload a file via the Oyster Protocol

GNU General Public License v3.0

35 stars 5 forks source link

[Webinterface] Warn people when they have downloaded an executable file through Oyster? (Discuss) #169

Open rfornea opened 6 years ago

rfornea commented 6 years ago

People in Telegram and on reddit are just downloading random files from random handles posted by other people. A malicious actor could post dangerous handles.

Can we do something to keep users safe? If possible, we should detect that a file they have just downloaded is dangerous, and warn them.

If we can't do anything about this, perhaps a warning message to only download handles from people or websites that they trust?

CKH4 commented 6 years ago

I am planning to warn users about uploading photos with exif data. I may want to work in a plugin system for warnings.

As for executables, the best we can do is warn by file type (maybe we can work in something using web assembly but that will be very complicated). With Shell we could probably work out a system where virus scanning resources are offered but this is a long way off.