this post was submitted on 28 Mar 2024
1195 points (99.3% liked)

Technology

60140 readers
2756 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] reinei 11 points 9 months ago (1 children)

Whaat‽ You mean auto downloading and executing foreign JavaScript in a users webpage from some server/CDN I might not even know myself as an ad company could be an attack vector? Never!

(This mostly for those people who may not know that some [most? Dunno don't have a source for this] ad networks literally allow advertisers to inject small chunks of html into pages for "more interactive/better ads"!!)

[–] [email protected] 3 points 9 months ago

executing foreign JavaScript

This is a great point I try to convey to my less-technical friends and family. Looking at a webpage is not like changing the channel on a tv of old. Looking at a webpage pulls code from who knows where and executes it on your local machine.

These advertisers expect that I should blindly trust them to execute code on my cpu, in my memory, on my machine? Yeah fuck that, it's a privilege. I don't invite every hobo walking by to come into my house and take a shit in my toilet.

If they don't like that not everyone executes their syphilis-ridden javascript, then they should put their shit behind a paywall. But they won't, since they know they don't have a product worth paying for.