CTO and co-founder of Happy the App. Long time Ruby, Javascript and Swift developer and systems administrator with automation background (Dev-Ops). Entrepreneur and Project Manager.
"As safe as the number one malware source", you say?
Even if that was true, the problem is that running WebAssembly mostly means running other people's code without a chance to see what it does. On your hardware.
CTO and co-founder of Happy the App. Long time Ruby, Javascript and Swift developer and systems administrator with automation background (Dev-Ops). Entrepreneur and Project Manager.
I don't know about javascript being "the number one malware source". I highly doubt it, however, as browsers are the most tried and tested platform ever and if javascript weren't secure the internet as we know it right now wouldn't exist.
But I agree that WebAssembly is kind of "running other people's code without a chance to see what it does". Which is true as well for most software people run on their computers, included uglified/minified javascript.
The internet as we know it right now is a mess because of Javascript. Malvertising is an incredibly large issue. The introduction of spam-friendly client-side scripting into your browser made it vulnerable.
Browsers are tried and tested - and found to be broken every single year, shown on the Pwn2Own conference.
I have my reasons to prefer websites which don't lower my security by requiring me to enable Javascript.
CTO and co-founder of Happy the App. Long time Ruby, Javascript and Swift developer and systems administrator with automation background (Dev-Ops). Entrepreneur and Project Manager.
WebAssembly runs on the browser engine's sandbox, so it is as safe as Javascript.
"As safe as the number one malware source", you say?
Even if that was true, the problem is that running WebAssembly mostly means running other people's code without a chance to see what it does. On your hardware.
I don't know about javascript being "the number one malware source". I highly doubt it, however, as browsers are the most tried and tested platform ever and if javascript weren't secure the internet as we know it right now wouldn't exist.
But I agree that WebAssembly is kind of "running other people's code without a chance to see what it does". Which is true as well for most software people run on their computers, included uglified/minified javascript.
The internet as we know it right now is a mess because of Javascript. Malvertising is an incredibly large issue. The introduction of spam-friendly client-side scripting into your browser made it vulnerable.
Browsers are tried and tested - and found to be broken every single year, shown on the Pwn2Own conference.
I have my reasons to prefer websites which don't lower my security by requiring me to enable Javascript.
You're right.