I can't downvote you, but an arbitrary binary is unequivocally a much bigger security and privacy threat than a js script executed in the browser, this is an indisputable fact. My guess is that you're getting downvoted because you're confidently espousing an opinion that any security expert would easily disabuse you of, if you're willing to listen.
> This is absurd. A binary reviewed and vetted by a Linux distro is really unlike to contain spyware
What's absurd is your special pleading a linux distro review to conclude that arbitrary code execution is more secure than a js script. This is wrong on so many levels. This comparison is also specious because you're comparing a curated repository to arbitrary js on the internet. You are also woefully misinformed if you think that "linux distro review" precludes the existence of your vaguely defined "spyware", arbitrary binaries (unlike js scripts) have unrestricted socket access and quite regularly emit all kinds of telemetry over the internet.
> Additionally, it's false that desktop applications are not sandboxed. On the contrary, the sandbox implemented around an application can be way more fine-grained that a browser. Firejail is a good example.
You have no idea whether or not an arbitrary binary is sandboxed before you execute it, thus it is capable of literally anything - not true of an arbitrary js script which is always sandboxed.
> Browsers are behemoths and you can look up for yourself how many vulnerabilities they have and also the SLOC count.
The top browsers are literally the most hardened sandboxes in the history of computing and there are far more vulnerabilities exposed through the uncountable ecosystem of arbitrary binaries than through browsers, many of which are never patched, and when they are, often aren't received by users because they may not upgrade them. Additionally, the vast majority of browser vulnerabilities are of a modest threat level, with the higher threat vulnerabilities usually being discovered by highly sophisticated security research firms where they are usually safely patched before ever being exploited in the wild.
> This is material for /r/ShitHNSays
Indeed. Try submitting this thread and see how that turns out for you.
> This is absurd. A binary reviewed and vetted by a Linux distro is really unlike to contain spyware
What's absurd is your special pleading a linux distro review to conclude that arbitrary code execution is more secure than a js script. This is wrong on so many levels. This comparison is also specious because you're comparing a curated repository to arbitrary js on the internet. You are also woefully misinformed if you think that "linux distro review" precludes the existence of your vaguely defined "spyware", arbitrary binaries (unlike js scripts) have unrestricted socket access and quite regularly emit all kinds of telemetry over the internet.
> Additionally, it's false that desktop applications are not sandboxed. On the contrary, the sandbox implemented around an application can be way more fine-grained that a browser. Firejail is a good example.
You have no idea whether or not an arbitrary binary is sandboxed before you execute it, thus it is capable of literally anything - not true of an arbitrary js script which is always sandboxed.
> Browsers are behemoths and you can look up for yourself how many vulnerabilities they have and also the SLOC count.
The top browsers are literally the most hardened sandboxes in the history of computing and there are far more vulnerabilities exposed through the uncountable ecosystem of arbitrary binaries than through browsers, many of which are never patched, and when they are, often aren't received by users because they may not upgrade them. Additionally, the vast majority of browser vulnerabilities are of a modest threat level, with the higher threat vulnerabilities usually being discovered by highly sophisticated security research firms where they are usually safely patched before ever being exploited in the wild.
> This is material for /r/ShitHNSays
Indeed. Try submitting this thread and see how that turns out for you.