alt Hacker NewsWebUSB as an extension is the right approach. The security concern isn't the API itself — it's the default-on expectation that Chrome created. Firefox's model of "opt-in via extension" gives power users what they need without expanding the attack surface for everyone else.
I've used WebUSB for flashing keyboard firmware and it's genuinely better than downloading random executables from GitHub.
The permission model is more transparent than a native app that silently gets full USB access.Replies
kgwxd • today at 10:58 AM
Everything should be an extension for a browser. AI, telemetry, and other universally hated features. Let the user choose. No one has to worry if a toggle will always be respected in code, or if an update will undo it. Beholden to the same security isolations other extensions are forced to abide by. It's just the right way to do things.
The whole point of WebUSB is to create a tool that works with USB device, without all the risks and issues of installing external programs.
If I need to install a program, browser extension, just to work with a given tool, I probably would just prefer an ordinary program without browser at all.
Chrome approach is correct. It allows user to work with USB devices without exposing computer to the risks of installing a host software.