• tal@lemmy.today
    link
    fedilink
    English
    arrow-up
    4
    ·
    edit-2
    1 year ago

    Kernel sandboxing.

    That’s a class of different mechanisms. I updated my comment above. I’ll repeat the text there:

    In another comment, you say that you want to trust the “kernel” instead of the browser. Okay, fine. There are a whole class of isolation mechanisms there. What mechanism are you proposing using? Remember that you are needing to give access to your 3d hardware to whatever software package is involved here, and the Linux kernel, at least, doesn’t have a mechanism for creating virtual, restricted “child” graphics devices. The closest I can think of on Linux you can get at a kernel level there would be pass-through from a VM to a dedicated graphics adapter, which probably isn’t going to be an option for most people and I have doubts about being a carefully-hardened pathway compared to browser APIs.

    Which is why using the web without JavaScript is a security measurement which I strongly recommend to enable.

    Virtually every website out there today uses Javascript. Lemmy uses Javascript. What makes this particular website a risk?

    do you, really?

    Yeah, I do. Fifteen years ago, I used NoScript, and some things broke, but it was usable; there were enough people running non-JS-capable browsers that websites had a reasonable chance of functioning. The Web generally does not function without Javascript today.

    • rhabarba@feddit.de
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Virtually every website out there today uses Javascript.

      Most of those work without it.

      Lemmy uses Javascript.

      Lemmy is one of several ActivityPub-capable applications. You do not need to use Lemmy inside a web browser in order to participate here. In fact, you don’t even need to use a web browser.

      The Web generally does not function without Javascript today.

      I disagree. Some websites (with lazy developers) work less well without JavaScript. You’ll gain less annoyances (no JS = no pop-ups and no sophisticated anti-adblock techniques), more speed, less energy consumption, less potential security risks. You’ll lose… not really much. “Web applications” (usually worse, slower and less reliable than installed software), a couple of websites which are very focused on providing effects over contents - sounds like a fair deal to me, but again, YMMV.

      Yes, there will never be absolute security. If it runs on a computer, it most likely has security flaws.