Omar Rizwan

Hmm! I like `last-focused` as an easy symlink so you don't have to think too hard to access that tab. Were you thinking the tabs would be named by date...

hi! a lot of this is actually already in place! there should already be a [`console` file](https://github.com/osnr/TabFS/blob/fef9289e3a7f82cda6319d5f19d5a5f13f3cc44b/extension/background.js#L237) under each tab which, once opened, will [give you all the stuff logged...

Huh, that's strange. My experience has been that I do get this error but it doesn't actually matter. (you can see that it just has a warning icon next to...

Not at the moment, but I think it wouldn't be hard to add an `audible` file that works very similarly to the existing `active` file, using https://stackoverflow.com/questions/41649874/how-to-detect-if-a-chrome-tab-is-playing-audio

We inject an iframe on a different origin (extension) specifically to avoid this problem. Please see the threat model page. On Jan 28, 2014 2:44 PM, "Nadim Kobeissi" [email protected] wrote:...

Yeah, I acknowledge the brittleness problem. But then we're talking about denial of service, not security leaks. The user can see that encryption isn't on (tokens prevent a phishing of...

Sure, that's what I mean by "targeted DoS". The key point is that _the user should never think she's chatting securely when her chat is compromised_. If she can't chat...

Chrome extension userscripts are sandboxed off from the page's JavaScript. Only the DOM is shared in common between Facebook and us, and all private information is displayed to the user...

Yeah, if you're not familiar with the Chrome extension script injection model, I can see how this might be confusing. See here: http://developer.chrome.com/extensions/content_scripts.html

What do you mean by "disabling OTR"? Of course, Facebook can cut off all our hooks and remove us from the page, and force the user to use plaintext, maybe...