@jwildeboer I'm far from a web security professional, but IMHO the attack surface doesn't shift that much. Also without #wasm, bugs in rendering engines are found on a regular basis. #wasm now provides a different API for doing things, hopefully designed very carefully. But in the end, browsers are browsers and the best protection is and will probably™ ever be the layer 8.
@exponentialverteilt Last time I checked (which was 2020, I admit), there was no defined way to do integrity checking for wasm binaries on the user side. In times of Pegasus I find that hard to swallow.
@themue on qubeos. Yeah, sure. But that is kind of a dystopia, not the shiny happy web world I hope for.
@jwildeboer When I already see how systems like https://gitpod.io run a complete VS Code in your browser while backend OS runs in a container in their data center it's already crazy. Wrote my first web application as Perl CGI in 1998. With PostgreSQL as DBMS, for issue management. Pages had been dumb and everything had been done on the server.
My hope: #wasm will be the basis for a new generation of efficient, secure (strong sandboxing, capabilities) cross platform apps. A better, lower-level redo of the JVM, inside and outside the browser!
Sandboxing/capabilities particularly helps securely using dependencies, great for FOSS.
Mastodon instance for people with Wildeboer as their last name