@nornagon @natecull @mala @Shamar

Sure automatically executing #JS on #Web page was a dumb idea from the very beginning.

But #WASM is worse because it's a binary format.

If you have ever had to debug a #GCC optimized binary without source code or debug symbols, you know that reading an obfuscated #JavaScript is a kids play compared to this.

So even if JS was the first offender, #WebAssembly is going to be the worse one for the Web users' #security: it will be way harder to detect an attack.

This is very interesting: https://2018.stateofjs.com/javascript-flavors/overview/#tool...

Nearly 70% of #JavaScript developers have less than 10 years of experience (with an average of 8.3 years).

This means they have never seen a Web where #JS was optional and #Web developers were used to test their projects without it.

This in turn explains their outraged reactions to anybody that dare to point out its severe vulnerabilities.

https://news.ycombinator.com/item?id=18485492

#js #javascript / greasemonkey / tampermonkey: RTVE en DIRECTO-ren bideoetan elementuak ezabatzeko script-a

https://gist.github.com/ZiTAL/c7c5c6be8f628c0ac820fdfe1a1b1296