what could possibly go wrong integrating an engine capable of running arbitrary web downloaded javascript, with a wallet capable of being drained of real-world affecting value...
It's really simple to take any crypto currency holdings you have and split them into multiple accounts. One of your accounts, that you enable on your mobile device, could have a small amount of currency and even if there were a JavaScript exploit that hijacked your private key, you've only lost that bit in the small account. And, you don't have to wait for the bank transfer to occur, or even create an account with a bank bureaucracy. It seems much better than the alternative, no?
yes. But the utility shrinks as soon as you walk into the risks. The headline story is great. The reality is going to demand the same rigour around offline and online wallets.
Plus, we just incentivised the bad guys to try harder. Up to now, the risk has been "steal my CPU to do DDoS or mine" but now the risk is steal my money
We're all being trained to click through warnings. Smart people won't get caught by malware stealing their cryptos from the wallet? Sure. Thats good. Darwinism in this space means dumb angry people with financial loss. I can't be totally happy about that. Can you?