* shulie <shulie_rele...@optimum.net> [2021-03-16 11:22]: > On 3/15/21 6:26 PM, Jean Louis wrote: > > If I download software into Emacs, I run it in Emacs. > > And you need to be told that emacs is not compatable to web borwser .. > but if EMACS was, it wouldl download random code from an unknown source > and run an entire OS in it with full trottle access and network access. > And it would be JUST as stupid.
Emacs may not be equivalent to common web browser, but it does have web browser built-in, eww that works within Emacs. Additionally there is webkit based browsing within Emacs, depending of configuration at build time. To make Emacs run some code based on extension or some embeded script (beyond Javascript) inside of HTML tag would be relatively easy. The subject of security for Webassembly is built upon the experiences with insecurity with browsers over period of time. There are also many insecurities in operating systems and in just any kind of classes of software that is out there. How to Run a More Secure Browser https://www.dragonflybsd.org/docs/handbook/RunSecureBrowser/ Further you need not consider your personal, with personal data backed computer to be the only one to run WebAssembly. I can imagine plethora of uses of Webassembly. That potentially the vendor/hoster can take control over software is clear. It is clear that Microsoft, Google, Apple all want to run Webassembly to gain more customers. That however opens the door to free software as well, we may as well gain more aware customers, it is upon developers as social group to build upon it. Developers will work and create free software for it (it is inevitable). Question is just how much. Use cases and usefulness vouch for it. It allows computers to be cheaper which would run Webassembly. Computers can run it that are similar to those Chromebooks with low hardware power. It may bring computing to masses, to developed countries, it may increase education in the world due to low cost hardware requirements. The subject of security of Webassembly may be solved by making sure that browser executing binaries is well sandboxed and that OS is separate from browser while making sure that software that is run is free software. I do not know if integrity of the binary may be ensured with some hash, for example, for user to know that the build is reproducible and that it was made from free software version ACME 1.2.3 This is 21st century. Software is supposed to run on many operating systems equally and Webassembly is one solution for it. If you have something technical to add to security of Webassembly, I am sure that developers would consider your bug reports. Use cases: https://webassembly.org/docs/use-cases/ Jean
