At the moment there is little that would stop a website embedding a replica of the Hypothesis client in a frame and using it to harvest Hypothesis users' usernames and passwords.
At the moment there is little that would stop a website embedding a replica of the Hypothesis client in a frame and using it to harvest Hypothesis users' usernames and passwords.
nostr:note1tdqgup2c3x0w3yfw4n5q5hd5np06ntnswj948e6ev57gt9rn2nuqyuh6t0
Use of nostr with an external signing extension could potentially improve the resistance to phishing.