Am 10.08.2013 15:43, schrieb Matthew Miller: > On Sat, Aug 10, 2013 at 12:57:15AM -0500, Bruno Wolff III wrote: >> They really downplay the extra security risk of enabling javascript. >> And they really are placing the blame in the wrong place, very few >> web sites really need to require javascript. It would have been >> nicer to see Mozilla push back against sites requiring javascript to >> function rather than to make it harder for people to reduce their >> risk of getting owned. > > This ship has sailed. In fact, it has sailed out of the harbor, across the > ocean, to the remote isles, and brought back a collection of valuable trade > goods. The web today depends on Javascript, and client-side scripting brings > so much of what makes it actually useful that the idea of going back to > entirely server-based scripting is a non-starter. who needs to going back? smart people never built websites which are unuseable without JS JS is nice for additional features and comfort but only a fool builds a ordinary website which doe snot work without JS > The security answer here isn't going back to the web of the 90s. It's using > modern container and security policy systems to contain the risk no policy will help you in case of a hacked server blowing exploits to visitors and this happens all day somewhere else as well as you missed the point that the question is not what is useful or not because this is not your or mine decision - it is always the *endusers* decision and making it each day harder because all the new shiny developers seems to having nothing to do as remove options and hide settings because they thinhk all users are idiots cause and effect: because these attitude most users starting in a few years from scratch to use computers will be idiots in case of how to handle computers because they never got the chance to learn - hence with this attitude i would never became the poweruser i am now and never had done the switch to work as IT professional while my whole knowledge is from learning by doing this attitude is understandable in case of Apple/Microsoft which try to reduce their support but it is *unacepptable* in the context of free and open software
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
