• @SmilingSolaris
    link
    English
    692 months ago

    I love the paranoia of you nerds. It’s valid but idk how you spare the effort.

    • mox
      link
      fedilink
      English
      77
      edit-2
      2 months ago

      idk how you spare the effort.

      When you’ve been building networked systems for longer than JavaScript has existed, it no longer takes effort to spot design choices that put users at risk. When you’ve watched endless vulnerabilities be exploited over the years, it’s not paranoia, but a real-world problem that impacts real people. At that point, the flaws are impossible to responsibly ignore.

      Spreading awareness and showing people how to build safer systems does sometimes get tiring, but I think it’s important.

    • @[email protected]
      link
      fedilink
      English
      412 months ago

      It’s simple, when you understand how shaky the foundation of all digital infrastructure is it’s impossible to not be paranoid.

      • @T156
        link
        English
        62 months ago

        Relevant XKCD.

        The Polyfill incident is bad (that seems to be how the hackers got into the internet archive), and the OpenSSH one could have been really nasty, if it wasn’t caught both early, and by chance (a performance engineer at a major software company noticed).

    • @[email protected]
      link
      fedilink
      English
      242 months ago

      I actually gave up recently for my mental health of all things. Turns out accepting being tracked in just about everything I do but also getting all the benefits of living in the future, without the effort spent on mitigation, is a huge relief. Does Google know my daily routine? Yes. Did they when I had the tin foil hat on? Probably also yes.

      • @tabular
        link
        English
        122 months ago

        I find the negatives detract from the benefits too much, usually. Like having your arm cut off and then receiving lovemaking: I am no longer in the mood.

        • @vzq
          link
          English
          22 months ago

          Have you been watching Bad Monkey? Because that’s literally about half the plot.

      • XNX
        link
        fedilink
        English
        42 months ago

        Same it’s much nicer to enjoy the tech/tools. I still ad block on all devices tho

    • @[email protected]
      link
      fedilink
      English
      172 months ago

      It’s not paranoid to complain about the unnecessity of javascript when all you want to do is read a public text post on a social media platform. I have javascript disabled on some browsers, and it’s annoying to have to whitelist a site that really shouldn’t need it.

      • Echo Dot
        link
        fedilink
        English
        -52 months ago

        Isn’t it basically a fundamental underlying technology of the web I don’t understand how you can have it disabled and still be able to access modern websites.

        • @[email protected]
          link
          fedilink
          English
          102 months ago

          it isn’t. that is html and css, some would argue it’s html only.

          javascript is not needed to load a website. It’s useful for interaction, and needed to load content separately and dynamically. without it you get a mostly (but not totally) static document like in Office Word

          • asudox
            link
            fedilink
            English
            02 months ago

            CSR exists. You know, WASM CSR websites rely on JS to manipulate the DOM.

            • @[email protected]
              link
              fedilink
              English
              2
              edit-2
              1 month ago

              that does not mean javascript is essential, and mox’s point is still very valid.

              using WASM instead of JS is not better either. you simply don’t need any clientside executable code on a read-only view of a page