[baddox]

I don't really see any new threat from WebAssembly. Isn't the only threat that the same malicious code can run with better performance than JavaScript? As far as I can tell, WebAssembly doesn't provide any additional access to native system features like this DRM spec does.

[gsnedders]

WASM is strictly less powerful than JS.

[baddox]

Indeed, from what I'm reading it looks like most of the usual JS tasks (like DOM manipulation, listening to input, and network requests) still need to happen by your WebAssembly module calling out to normal JS.