|
|
|
|
|
|
by bugtodiffer
614 days ago
|
|
|
Today I value web stuff for one thing and one thing only: they run in the best sandbox we have. I can run untrusted programs from hackernews folks without worrying! I wouldn't do that with native code of course, way too easy to hack me. But they won't waste a browser 0-day on random HN readers... Whatever can be done in the web, I usually like to do it there as no-body has to trust my code then. |
|
|
The assumption is that native code has virtually unrestricted access to your system while JS programs don't, which is true. But if the untrusted JS program is wrapped up in web extension, in 2024, it could do almost as much damage than native code especially since most non-techies don't have much of value in their machines. The value exists on walled sites