Runterwählen ist kein Gegenargument.

[Verifying my cryptographic key: openpgp4fpr:941D456ED3A38A3B1DBEAB2BC8A2CCD4F1AE5C21]

  • 9 Posts
  • 44 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle

















  • Virtually every website out there today uses Javascript.

    Most of those work without it.

    Lemmy uses Javascript.

    Lemmy is one of several ActivityPub-capable applications. You do not need to use Lemmy inside a web browser in order to participate here. In fact, you don’t even need to use a web browser.

    The Web generally does not function without Javascript today.

    I disagree. Some websites (with lazy developers) work less well without JavaScript. You’ll gain less annoyances (no JS = no pop-ups and no sophisticated anti-adblock techniques), more speed, less energy consumption, less potential security risks. You’ll lose… not really much. “Web applications” (usually worse, slower and less reliable than installed software), a couple of websites which are very focused on providing effects over contents - sounds like a fair deal to me, but again, YMMV.

    Yes, there will never be absolute security. If it runs on a computer, it most likely has security flaws.


  • Are you advocating for some form of isolation? If so, what?

    Kernel sandboxing. I mean, breaking out of browser “sandboxes” is a game these days.

    Any site you browse to – including those not labeled as such – could well expose you to that vulnerability.

    Which is why using the web without JavaScript is a security measurement which I strongly recommend to enable. Sure, many sites will be “less interactive” then, but I’m afraid that it is the only solution. For the usually: rather small number of websites which you absolutely need to use with JavaScript enabled (do you, really?), a separate browser inside a container (or VM) would be a good option. I admit that this is not the most comfortable setup, but I really prefer to be safe than sorry. YMMV, but you asked.