Request for Mozilla Position on an Emerging Web Specification Specification Title: Web Environment Integrity API Specification or proposal URL (if available): https://rupertbenwiser.github.io/Web-E...
There’s always possibilities to make things safer, but that often comes at a cost of features, features that many web developers (or possibly more likely their employer) would hate to see removed or be inaccessible. At least Firefox has done some great things to keep websites separated so a tracking cookie from tracking service A on site B and site C doesn’t quite get the same possibilities to track you as before (IIRC, take it with a grain of salt). But in general I would lean more towards JS sort of being inherently “unsafe”.
You can always make yourself a lot more secure by browsing the web through a browser confined to a virtual machine, but most people won’t do that. And as with IOT, the S in World Wide Web stands for Security.
There’s always possibilities to make things safer, but that often comes at a cost of features, features that many web developers (or possibly more likely their employer) would hate to see removed or be inaccessible. At least Firefox has done some great things to keep websites separated so a tracking cookie from tracking service A on site B and site C doesn’t quite get the same possibilities to track you as before (IIRC, take it with a grain of salt). But in general I would lean more towards JS sort of being inherently “unsafe”.
You can always make yourself a lot more secure by browsing the web through a browser confined to a virtual machine, but most people won’t do that. And as with IOT, the S in World Wide Web stands for Security.