[vbezhenar]

Those attacks would not work if they did not enable JavaScript on every website by default.

[tyscorp]

Those attacks would not work if everyone stopped using computers.

[jakeogh]

I keep JS off by default* and it's teriffic. Using a browser with it enabled is tedious, slow and distracting in addition to the obvious heka-less-secure.

* http://surf.suckless.org/

[OrgNet]

its almost like the NSA designed all programming languages to insure that it would be impossible to make a perfect program

[NieDzejkob]

I find the explanation of "to err is human" far more likely.

[aitchnyu]

I see my colleague making a web app that forces the browser into 100% CPU on scroll, just to animate a shrinking nav bar. Also a page that wont settle in for 15 seconds until assets from Google Fonts downloaded and all scripts have run. So I secretly pray for a draconian anti-js order imposed on us, even though my minimal Vue scripts will go away.

[oehpr]

This was mentioned in a previous HN thread and I thought it was a brilliant idea.

By default, browsers should throttle websites. Throttle their CPU and their ram usage, and websites can then ask for permission to be unthrottled.

We have very capable computers now. But the web feels just as slow. Some negative pressure against bloat is sorely sorely needed.

[vbezhenar]

No sane man will hurt his users intentionally. It won't happen.