There's going to be more and more of these as browsers fully accept and cement themselves into their role as operating systems and inevitably expose more bare metal functionality.
The only way to stop it is to not use a browser that thinks it's an OS. That means not being able to use websites that use new OS features like web components, webgl, etc. It means not using these features as web dev unless you're forced into it by getting paid. Browsers that treat the web as a document instead of an application will have far, far fewer remote exploits.
Is there any everyday usable browser left that is not architectured as an OS and isn’t supposed to work like one ?
While I see your point it seems to me that ship has sailed many years ago, perhaps from the point where Chrome’s OS like kernel/module based architecture was accepted as something to strive for, and browser were deemed secure and fast enough to be pitched as an alternative to native applications.
I am able to use Dillo for a lot of everyday tasks. The limiting factor really poses a different question: are there any everyday usable websites left that are not architected as applications and aren't supposed to work like one?
The answer is some, with degraded functionality and layout if you don't support yesterday's CSS and JS
In addition to the onus on users to make a choice, there's an army of developers out there who can advocate to avoid unnecessary use of exotic features.
Sometimes they're appropriate (e.g. ability to drag-and-drop or CTRL+V paste a photo to an image sharing site), but as a user my personal inclination tends toward traditional interfaces (which as a happy bonus can be more responsive) and I've encountered an overwhelming number of sites that abuse capabilities for no good reason (e.g. those which immediately prompt for your location).
A little taste and restraint would be very welcome on the modern web.
Another way to stop it is to start writing software like this i safe-by-default languages like Rust and others instead of C++ with its numerous footguns.
Well, they tried to write a new browser engine in Rust but gave up and got laid off. A few pieces got integrated into Firefox but the browser is still wildly insecure (cf. the article).
Turns out "Rewrite it in Rust" is actually really hard when you have millions of lines of code. Even Google probably can't rewrite Chrome from scratch.
Maybe if we just try harder, communism will work. You gotta draw the line somewhere.
When you use those features only when you're a web dev, not only you're actually using them anyway (which defeats the purpose by driving demand), but you also increase supply by creating new websites of the kind.
Also, if you not use the websites "that think they're an OS", you're ending up not being able to function in today's world to an increasing extent. e-governments are all about web applications, often with "bare metal functionality" such as legacy Java, ActiveX or Flash applets. They should be long gone, but given that somebody pumped millions into them, it will take them years to go away.
Hell, even regular JS is bare metal today with all the complexity of JIT. I'm getting the impression that suggesting to go away from this realm is naive and a better solution would be to look at it from the perspective of "OK, it happened. How can we make it more secure?".
After all, becoming an OS isn't an excuse to doing less. In fact, browsers now have more responsibility to keep their security philosophy up to date.
Hard disagree. I'm not giving WebGL a pass, nor wasm, web notification, webrtc, webusb, HTTP3, websocks, DOH or whatever bright idea they had last month, just to read a newspaper.
I actually like and use webrtc, but only for actual RTC, otherwise it's a shitshow and disabled.
Some things are indeed useful, but I don't see how you go OK, it happend, time to make it secure - with an ever expanding scope and attack surface. Note - "more secure" is not enough, we need secure.
I got the impression from your post that you're willing to join the crowd that's never willing to turn on JS etc. If it's just about reading the newspaper, you can pick a less invasive data data source. But, say, for e-government, you really don't have a choice and given that all those things are already standard and can be used for good purposes, I guess we really have no option other than isolating those features the best we can.
If your bottom line is "features should only be available when there's a legitimate use case for them", perfect. The problem is when there's a major website and you don't know why it's working, but you turned off entire JS stack and it can't even tell you that.
What are "all those things" that "are already standard"? And why should a rando government or other site requiring an API mean it should be available to all websites everywhere?
Note, I didn't even mention javascript nor disabling it altogether, and I don't wish to imply we shouldn't secure any and all APIs/features.
I'm saying
(1) we will never secure all APIs/features;
(2) they are ever growing so it would be futile even if we could secure the present ones;
(3) even if all the APIs are "secure", they will be misused against users, so they should not be available by default like they currently are;
(4) yes, I do think static/simple sites should be usable without JS.
I used to think of Stallman's browsing habits as silly, but there may come a time where I will visit the web-at-large only from other people's or dedicated-use devices.
"There's going to be more and more of these as browsers fully accept and cement themselves into their role as operating systems..."
That sounds like job security for those employed in "computer security".
I use a text-only browser. Nine times out of ten, that's all I need to get the content I want.
I do not use Windows but "Nessie" looks interesting. Someone posted about this browser a few months ago and commenters crticised it for not being open source. It appears the source is now available:
It treats HTML as a dynamic thing to be filled in by executing some third party code. As opposed to being text in a document. There's no text to fall back to. Just blank stretches. This is treating the web like an application instead of a document.
I often use my browser with JS default and it boggles my mind how developers use JS for things that could be perfectly done with HTML and CSS. For most websites used as websites (reading the content), not apps, JS is completely reduntant. Moreover, it looks like most JS code is used for all possible trackers and ads. JS is great (or: decent enough), but for apps, not for HTML documents.
In my view, HTML6 should remove a lot of clutter and remove backward compatibility for a lot of stuff.
HTML is a language that is too ambiguous to parse, and that's not a good thing for browsers. HTML should be adapted to mobile so it can work faster, use less memory, etc. Something with vector graphics should be a better norm.
And I'm wary of the idea, because it would probably end up as wasm on webgl, with websock and input via webusb, while banning HTTP, HTML and CSS, yet somehow still require javascript.
This is entirely unsupported by the evidence. Many exploits are rendering bugs, or otherwise bugs in libraries created in unsafe languages that inevitably receive memory corruption. All of which are quickly fixed.
Perhaps you like browsing pure html documents to view websites. Everyone else prefers current gen browsers despite the rare risk.
The only way to stop it is to not use a browser that thinks it's an OS. That means not being able to use websites that use new OS features like web components, webgl, etc. It means not using these features as web dev unless you're forced into it by getting paid. Browsers that treat the web as a document instead of an application will have far, far fewer remote exploits.