Yup, there is a lot of prior art on how to get this wrong :(, and I dont know of any good solutions either. Curation and moderation are probably the best case, but arent bulletproof either.
I raised this not to kill OPs project, but to make sure they go into it eyes open. I personally would be very uncomfortable if my website was being abused to distribute malware, so they deserve to at least be aware of the risks.
None of those compelled speech examples include national security though, which has its own level of rules and courts. (I am not American or a lawyer, so i may be wrong).
And if a company can be compelled to hand over customer data, why wouldnt they be hand over access to the systems that update the canaries?
The other issue is thar once a canary is triggered, it cant be reset, which means that XXX agency can trigger the canary with something meaningless, and then its forever untrustworthy.
You may well be correct, and they are sufficient, but i am not convinced that canaries work, especially against the higher level adversaries.
An alternative (which doesnt fully meet your requirements for browser based) is Jetbrains Rider. You can use its remote development feature to have your code on your server, and the IDE on your local computer.
Another option to get code to and from your device would be to use git to commit and push your code. There are git apps for android that should work for this?
Very understandable. And from a security standpoint not necessarily indicitive of anything. A good malicious script would just check its environment first.
They are literally publically claiming that they have a zero day (or at least a zero day level capability). Google/Apple would be all over it trying to fix it. Cyber security researchers would be all over it as well.
NSA can get away with using 0 days for years because they keep quiet about them, and dont use them frivilously.
Managing all that seems like a lot of effort, and given my disk issues havent yet been fatal, ill probably not worry about going that far. Thanks for the info though.
Wikipedia does claim that patriot act subpeonas can penalise any disclosure of the subpeona. But i am not a lawyer, and afaik this is untested (or at least undisclosed :/ )
In September 2014, U.S. security researcher Moxie Marlinspike wrote that “every lawyer I’ve spoken to has indicated that having a ‘canary’ you remove or choose not to update would likely have the same legal consequences as simply posting something that explicitly says you’ve received something.”
I think my point is that a gag order with a long time out essentially kills the canary, even if it doesnt affect the vast majority of the services users.
Thanks for your response though, I appreciate the additional information.