this post was submitted on 13 Oct 2024
997 points (98.2% liked)

Technology

59373 readers
8367 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] mox@lemmy.sdf.org 98 points 1 month ago* (last edited 1 month ago) (2 children)

I love this in principle.

I just wish Mastodon instances were viewable without JavaScript. Opening the door to many types of browser exploit and fingerprinting shouldn't be required just for reading.

[–] SmilingSolaris@lemmy.world 69 points 1 month ago (5 children)

I love the paranoia of you nerds. It's valid but idk how you spare the effort.

[–] mox@lemmy.sdf.org 76 points 1 month ago* (last edited 1 month ago)

idk how you spare the effort.

When you've been building networked systems for longer than JavaScript has existed, it no longer takes effort to spot design choices that put users at risk. When you've watched endless vulnerabilities be exploited over the years, it's not paranoia, but a real-world problem that impacts real people. At that point, the flaws are impossible to responsibly ignore.

Spreading awareness and showing people how to build safer systems does sometimes get tiring, but I think it's important.

[–] AbsoluteChicagoDog@lemm.ee 41 points 1 month ago (1 children)

It's simple, when you understand how shaky the foundation of all digital infrastructure is it's impossible to not be paranoid.

[–] T156@lemmy.world 6 points 1 month ago (1 children)

Relevant XKCD.

The Polyfill incident is bad (that seems to be how the hackers got into the internet archive), and the OpenSSH one could have been really nasty, if it wasn't caught both early, and by chance (a performance engineer at a major software company noticed).

[–] blind3rdeye@lemm.ee 10 points 1 month ago

I'd say this comic is more relevant:

[–] JoeBigelow@lemmy.ca 24 points 1 month ago (2 children)

I actually gave up recently for my mental health of all things. Turns out accepting being tracked in just about everything I do but also getting all the benefits of living in the future, without the effort spent on mitigation, is a huge relief. Does Google know my daily routine? Yes. Did they when I had the tin foil hat on? Probably also yes.

[–] tabular@lemmy.world 12 points 1 month ago (1 children)

I find the negatives detract from the benefits too much, usually. Like having your arm cut off and then receiving lovemaking: I am no longer in the mood.

[–] vzq@lemmy.world 2 points 1 month ago

Have you been watching Bad Monkey? Because that’s literally about half the plot.

[–] xnx@slrpnk.net 4 points 1 month ago

Same it’s much nicer to enjoy the tech/tools. I still ad block on all devices tho

[–] communism@lemmy.ml 17 points 1 month ago (1 children)

It's not paranoid to complain about the unnecessity of javascript when all you want to do is read a public text post on a social media platform. I have javascript disabled on some browsers, and it's annoying to have to whitelist a site that really shouldn't need it.

[–] echodot@feddit.uk -5 points 1 month ago (1 children)

Isn't it basically a fundamental underlying technology of the web I don't understand how you can have it disabled and still be able to access modern websites.

[–] WhyJiffie@sh.itjust.works 10 points 1 month ago (1 children)

it isn't. that is html and css, some would argue it's html only.

javascript is not needed to load a website. It's useful for interaction, and needed to load content separately and dynamically. without it you get a mostly (but not totally) static document like in Office Word

[–] AsudoxDev@programming.dev 0 points 1 month ago (1 children)

CSR exists. You know, WASM CSR websites rely on JS to manipulate the DOM.

[–] WhyJiffie@sh.itjust.works 2 points 2 weeks ago* (last edited 2 weeks ago) (1 children)

that does not mean javascript is essential, and mox's point is still very valid.

using WASM instead of JS is not better either. you simply don't need any clientside executable code on a read-only view of a page

[–] WhiskyTangoFoxtrot@lemmy.world 54 points 1 month ago (1 children)

Mastodon has RSS built-in. Just add ".rss" to the URL to get the RSS feed.

[–] Draconic_NEO@lemmy.world 3 points 1 month ago

It also does have an API which can be used by apps, including alternate frontends which don't use JS.