> first, it is executed in your webbrowser, which puts it in a sandbox. That > means that the webbrowser limits what javascript can actually do, and if your > > webbrowser is free software, everybody can check if it is really doing a > proper job.
Security is not the same as user freedom. They are both important, but treating them as though they are the same will lead to incorrect conclusions. > Second, most javascript code that you find on smaller websites is visible in > your console, that means everybody can read what it's doing and in principle, > > every user can find harmful features and inform others about it. That's not source code. Source code is the preferred form for modifying the program, the same unmodified code that the author uses when they write or edit the program. Most JavaScript is minified and looks far different from what the author has, and can require reverse engineering skills to read. If that's source code, then a ready-to-run binary, assembled from Assembly language, qualifies as source code, even though binaries lack comments and variable names. > However, it's true that bigger websites which rely more on javascript mostly > minify and uglify their code, so you get a compressed and non-human-readable > version. When you process source code, it's no longer source code. > My personal opinion is that the fuss about non-free javascript is way, way > too big and exaggerated. It literally gave my machine a kernel panic. You think that's not a big deal? JavaScript also prevents users from doing basic tings on their computers, like highlighting text with their cursor while reading an article. A message popped up and told me "You can't do that!" We're not even talking about copying the text. We're just talking about selecting it with the cursor! And if you turn JavaScript off, the whole article is generated/pulled in with JavaScript and is not present in the page source at all, so you can't read any of it. That's not a world I want to live in, with DRM on simple web articles. > Besides, javascript applications are most of the time deeply connected with > the layout of the webpage and the server as a backend api. So? That JavaScript is a client to their server software, and it should be free software if it's going to run on my computer. > Writing a modified version of the > javaschttps://www.youtube.com/watch?v=igDGkpTHuhkript of a website and > sharing it with your friends? Maybe but difficult and mostly unneccesary. It is very necessary. People modify JavaScript all the time to improve user's lives. Look at Reddit Enhancement Suite. > Writing a modified version of the javascript code of a website and realising > a modified version? > In most cases, that makes no sense since the website might change any day, > making your code useless. What do you think youtube-dl does all the time? And yet people still benefit greatly from their work. Do you think youtube-dl should be shut down? > Again, big single-page-webapps which are running soley on the client are a > different story. Those are even worse. Those especially should be free software or avoided at all costs. Google Drive is the new Microsoft Office. -- Caleb Herbert OpenPGP public key: http://bluehome.net/csh/pubkey
signature.asc
Description: This is a digitally signed message part
