[zb3]

This is not just an isolated incident, it's the whole trend of limiting capabilities in the name of security and that's what I was referring to.

However in this particular case, even the security argument doesn't hold, either I:

a) know that I want to use USB - in that case I'll switch browsers or download a native binary (even more unsafe), it's not that I'd decide that I no longer want to flash my smartphone

b) I don't understand what's happening but I follow arbitrary instructions anyway - WebUSB changes nothing.

[Orygin]

A native binary can be verified by anti malware systems, and once installed and working, poses no security risk.

A 0day in a browser for the WebUSB system would allow any website to mess with arbitrary USB devices connected to your computer.

While the browser sandbox is generally safe, it is also a huge target, and with a security risk like that, it wouldn't surprise me if it's a prime target for black hats.

[skydhash]

So instead of using trusted vendors or requiring tools with auditable code, we just allow everyone to be able to access the user’s devices?

[CamperBob2]

What a concept. We could call it "Personal Computing."

[skydhash]

Not really that personal when every webpage is itching to put their hands on it.