Matthias Kirschner mk@fsfe.org writes:
- From a security point you are lost as soon as you give an adversary
the opportunity to control your system.
Well, javascript is run a restricted environment. I don't see how you'd be lost by running javascript. Also many universities let their students run code on their systems but I don't consider they have "lost".
- Only non-active web content can guarantee that you keep control over
your equipment.
There are security issues also in the code that parses this non-active content. Javascript is replacing a lot of things that used to be separate plugins with poor security track record.