Has anyone messed around with Nativefier? (https://github.com/jiahaog/nativefier) It makes "standalone" apps out of websites (obviously not true standalone since it depends on the Internet/hosting server) but I was thinking this might be a way to isolate websites from each other to avoid tracking, targeted ads, etc. I know this can be done with browser plugins, but it seems like something like Nativefier would be able to ensure 100% complete isolation for sites that you need to stay logged into for extended periods of time while doing other things in the browser. For instance, at work we use Google Apps for Education (I think it's called G Suite now), and I pretty much have to stay logged in constantly to receive emails, access shared files on Google Drive, etc. I used Nativefier to wrap gmail.com into its own little application so I don't have to use Gmail through the browser and risk Google picking up whatever else might be going on. This obviously would be a pita for regular web surfing, but am I completely off base with this idea for things like email, and social network sites?
Interesting, and may in fact have real potential. I'm not familiar with it (or Electron), but I can think of some general questions I'd want to answer: What are the intra-app exposures? As in what does/doesn't the browser engine (Chromium+Node.js based, it appears) cause. Both in terms of its own features (telemetry, url checking, geolocation service, etc) and also in terms of processing web content (does it surface geolocation, allow machine fingerprinting, persist storage, allow third-party requests, constrain your browsing to certain hosts, etc). Is there any way to customize the browsing engine with addons that reduce third-party requests, disable javascript, etc? What are the inter-app exposures? For example, if you created one app for Gmail and another app for something else. Are the apps *really* fully compartmentalized in terms of cookies, other forms of storage, platform derived identifiers, etc? Are there things that could be used to link them (graphics subsystem fingerprint, wireless AP SSID, printer details, IP Address, etc)? What are the cross app/non-app exposures? Same types of question as posed in #2 but looking for connections between an app and your normal browser. I think in the HN discussion it was mentioned that some links are opened in your default browser. Since unique identifiers are sometimes passed in links, that would have the potential to connect/associate an app session with a normal browser session. These may be questions you have in your own mind and are hoping someone will answer. If so, sorry I merely put them to paper. Best I can do. Apart from encouraging you to do some testing of your own. Fun! Or not.
