See the entire conversation

Use uMatrix and block everything. This assault on our web browsers through JS bullshit has gone far enough. First we came for Flash...
36 replies and sub-replies as of Sep 27 2017

javascript is horrible and needed to die back in 1994.
But how do i admin your pc with out beef?
u want sum logmein pin fuk?
You'll make Eich sad with those words :<
he deserves to be sad
Now now, @BrendanEich was simply thinking ahead. You'll thank him when Skynet is running JavaScript.
1995 not '94. Hey, I created @brave to block scripts, 3rd party trackers by default, 1st party (no-script) optionally & we will ML-automate.
As for "deserve", if you complain re: 1995 JS, you're asking for VBScript. Amzn should do a "Man in the High Castle" show w/ jQuery.vbs lol.
TBF i was using hyperbole to reflect on a technology that's largely insufficient to handle the demands of the modern web.
It was great when it first came out, but the lack of a security model or user control makes it inappropriate for today's web.
Agreed. Much appreciate what it accomplished, just needs to go the way of Flash and for us to head to greener pastures.
Go the way of Flash? You mean, be deprecated for 10 years and *still* be unavoidable? :)
That's not going to happen, but why do you suppose the replacement wouldn't have same functionality?
I am not a smart enough man to have any answers. New tech may not be answer. But a clean slate would be welcomed, as unrealistic it is.
Seems like a bastardization the extent we've taken it without harshly considering the realities it's brought into our digital world.
Evolution in action. No do-overs. JS is evolving from WiB to better. Good luck replacing it. Given this, we are obligated to collab on it. +
TC39 meeting this week (sad to miss; @brave duty calls). Agenda:…. Also, asm.js evolution => WebAssembly, it's real.
TC39 meeting agendas
Now now, js has dramatically improved over the years to be fair
JS has stronger security model (in theory & practice) than other known remote-loaded-3rd-party-code scheme. Problem is 3rd party overloaded.
3rd party could mean jQuery from, or a tracking script. <script src=> includes in 1p origin. I hacked data tainting+
into Netscape 3 as optional improvement, but label creep+overhead killed it. Some years ago I proposed meet (semilattice sense) 3+1st party+
as synthetic origin of 3p scripts, so new policy knobs could bless some 3-in-1p scripts, block rest. CSP could do, but JS engines need work.
JavaScript was never great. And it shifted browsers from empowering users to subjugating them.
honestly this is just silly.
Who here actually programs in JS a lot, or even a little?
all MF DAY. Since 96. My initials are JS.
I used to quite a bit. Haven't done really any web development in probably 5 years.
Big changes in last 5.
I'm sure - when I quit doing it JQuery was just starting to pick up steam and major adoption. I've admittedly never used it.
like an hour ago you were about to write a think piece about how JS doesn't meet the needs of the modern web. come on son.
Posted on medium.
<insert witty joke about not having enough CPU power or memory to properly operate>
Agreed. I was thinking earlier that publishers push you to their app (which is just a web frame) to avoid your ad block and get more data.