← Back to context

Comment by dpark

10 hours ago

> JavaScript should be supplementary to a page, but not necessary to view it.

I’m curious. Do Google Maps, YouTube, etc even work with JS off?

> This was its original intent.

Original intent is borderline irrelevant. What matters is how it is actually used and what value it brings.

> Horribly at that

I disagree. You say you turn JS off for security but JS has made billions of people more secure by creating a sandbox for these random apps to run in. I can load up a random web app and have high confidence that it can’t muck with my computer. I can’t do the same with random desktop apps.

4 comments

dpark

Reply
nagaiaida  9 hours ago

> You say you turn JS off for security but JS has made billions of people more secure by creating a sandbox for these random apps to run in.

is "every website now expects to run arbitrary code on the client's computer" really a more secure state of affairs? after high profile hardware vulnerabilities exploitable even from within sandboxed js?

from how many unique distributors did the average person run random untrusted apps that required sandboxing before and after this became the normal way to deliver a purely informational website and also basically everything started happening online?

  • dpark  9 hours ago

    People used to download way more questionable stuff and run it. Remember shareware? Remember Sourceforge? (Remember also how Sourceforge decided to basically inject malware that time?)

    I used to help friends and family disinfect their PCs from all the malware they’d unintentionally installed.

davisr  10 hours ago

> I’m curious. Do Google Maps, YouTube, etc even work with JS off?

I use KDE Marble (OpenStreetMap) and Invidious. They work fine.

> Original intent is borderline irrelevant. What matters is how it is actually used and what value it brings.

And that's why webshit is webshit.

> I can’t do the same with random desktop apps.

I can, and besides the point, why should anyone run random desktop apps? (Rhetorical question, they shouldn't.) I don't run code that I don't trust. And I don't trust code that I can't run for any purpose, read, study, edit, or share. I enforce this by running a totally-free (libre) operating system, booted with a totally-free BIOS, and installing and using totally-free software.

  • dpark  9 hours ago

    > I use KDE Marble (OpenStreetMap) and Invidious. They work fine.

    So no. Some major websites don’t actually work for you.

    > And that's why webshit is webshit.

    I don’t understand this statement. Webshit is webshit because the platform grew beyond basic html docs? At some point this just feels like hating on change. The web grew beyond static html just like Unix grew beyond terminals.

    > I don't run code that I don't trust. And I don't trust code that I can't run for any purpose, read, study, edit, or share. I enforce this by running a totally-free (libre) operating system, booted with a totally-free BIOS, and installing and using totally-free software.

    If this is the archetype of the person who turns off JS then I would bet the real percentage is way less than 1%.