"If you're seeing this message, that means JavaScript has been disabled on your browser.

Please enable JavaScript to make this website work."
techinasia.com/

I'm so sick of websites websites refusing to even display text and images if I don't agree to run their proprietary Javascript on my computer. Isn't it time that browsers started treating requests to run Javascript like requests to use the mic or camera, and asked the user before allowing them? Ideally with crowdsourced info about what the scripts are, and what they do? In other words, make something like #NoScript a standard part of browsers.

Show thread

@strypey Be careful what you ask for: that would kill the peer web before it started. JavaScript on the client isn’t the enemy. Business logic on the server is the enemy.

@aral that's a fine distinction. As a developer, you're in a better position than I am to know. But you'll need to convince me. Because it seems to me that outsourcing processing work to the user's PC - via JS black boxes - is exactly how #SurveillanceCapitalism achieves massive scale, while claiming that #ThereIsNoAlternative to centralized server infrastructure. A myth they've propagated so effectively that even many developers have started believing it:
signal.org/blog/the-ecosystem-

@strypey

JavaScript isn't a black box, though. You can inspect all the code that's running in your browser.

Some JS is obfuscated, but it can be easily de-obfuscated. All browser-side JavaScript is effectively open source, even if it's not licensed as such.

If your concern is about privacy, it's not the JS running in your browser that should concern you. It's the data sent from the JavaScript to the server.

It would be reasonably simple to disable AJAX, thus preventing data to be sent to/received from the server, but allow all other JavaScript, allowing interactivity to still work.

@aral

@danjones fair points. But privacy is only a subset of a much larger concern, which is about *control*. Putting aside the argument we could have over the "black box" part of my post, the fact remains that:

> outsourcing processing work to the user's PC - via JS - is exactly how #SurveillanceCapitalism achieves massive scale, while claiming that #ThereIsNoAlternative to centralized server infrastructure.
@aral

@danjones There are many possible strategies for redecentralizing, and resolving the *many* problems with JS, some of which are described here:
gnu.org/philosophy/javascript-

I agree with @alcinnz that moving interactive functions back into native apps, leaving the web as a platform for static pages that don't require (or use) JS, is a strategy worth exploring.
@aral

@strypey @danjones @alcinnz Maybe the FSF should worry more about its logo appearing next to Google’s as they sponsor the same events than some ridiculous and ill-informed stance against a programming language that spreads FUD about potential alternatives. Remember that an AGPLv3 licensed app specifically built for drones to send hellfire missiles to little children would get the FSF seal of approval. Free Software is just a component of ethical tech but doesn’t care about ethics of use cases.

@aral I share your concerns about open source events being sponsored by Google, as do FSF, but they can't control this. As for approving of child-killing drone software, that's FUD worthy of Microsoft. FSF have often spoken out about the use of freely-licensed code to do much less anti-social things than that:
fsf.org/blogs/rms/ubuntu-spywa

Perhaps you could respond to the concerns laid out in 'The Javascript Trap' with some substance, rather than resorting to whattaboutism?
@danjones @alcinnz

@aral as for the claim that the FSF's criticisms of Javascript are a ...
> ridiculous and ill-informed stance against a programming language

I note that they're far from alone in seeing JS as a problem. Plenty of experienced engineers have serious problems with it too. A quick selection off the top of my head:
* soc.freedombone.net/objects/20
* hackernoon.com/the-javascript-
* onpon4.github.io/articles/kill
@danjones @alcinnz

@strypey @aral @danjones @alcinnz I've been programming for 30 years and I think javascript is very bad. let's not forget it killed off better alternatives at the behest of Google, who embrace it because it powers their surveillance. you can't deploy javascript without tacitly approving of Google's (and other surveillance capitalists') use of it imo.

@walruslifestyle
> let's not forget it killed off better alternatives at the behest of Google

To what alternatives are you referring?

IIRC, when JavaScript was gaining steam, the closest thing to a serious contender was VBScript, which only worked in IE.

Also, Google didn't exist yet.

@strypey @aral @alcinnz

@danjones @strypey @aral @alcinnz Google's existed since 1996. at that time you could run Tk/Tcl scripts in Netscape navigator,with a plugin. you could run perl scripts too, which was big at the time because perl/CGI was the main way to make a web site dynamic back then. Java applets, which made an effort to be secure, were also starting to appear

@walruslifestyle

None of those alternatives worked without a browser plugin, unlike JavaScript.

Because of that limitation, I wouldn't consider them as serious contenders.

And Java applets were an awful user experience.

And Google certainly didn't have the clout to kill any of those off at the time.

@strypey @aral @alcinnz

Sign in to participate in the conversation
Octodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!