Security and Javascript

• Previous message (by thread): Security and Javascript
• Next message (by thread): Security and Javascript
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 28, 2013 at 10:37:44AM +0200, Matthias Kirschner wrote:

> I'd like to have some feedback from you. Do you agree with those points?
> 
> 1) on most computers Javascript is enabled by default

In the next version of Firefox they even want to remove the option
to disable JavaScript!
http://limi.net/checkboxes-that-kill/

I'm also torn on this topic. On the one hand I'm fascinated on what
you can do with JavaScript - on the other hand that makes me really
nervous.

You know how the saying goes:
Why is a sandbox called "sandbox"?
... Because only little children believe in it.


Another issue you haven't mentioned yet is, that most of it is 
unfree software that runs on the computer of the users.
I mean you have even less control over it than with proprietary
software. With proprietary software the user actively decides
to install it, and once installed, nobody can change it or
take it away. That is different with JavaScript...

In the beginning JavaScript was just benign simple scripts, but
today that can be large software. The package "emscripten" is a
compiler, that compiles C and C++ to JavaScript. Look at the
demoes, what that can already do today:
https://github.com/kripken/emscripten/wiki

It is so fascinating - and yet so frightening!

-- 
AKFoerster <http://AKFoerster.de/>

• Previous message (by thread): Security and Javascript
• Next message (by thread): Security and Javascript
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]