Whaat‽
You mean auto downloading and executing foreign JavaScript in a users webpage from some server/CDN I might not even know myself as an ad company could be an attack vector?
Never!
(This mostly for those people who may not know that some [most? Dunno don’t have a source for this] ad networks literally allow advertisers to inject small chunks of html into pages for “more interactive/better ads”!!)
This is a great point I try to convey to my less-technical friends and family. Looking at a webpage is not like changing the channel on a tv of old. Looking at a webpage pulls code from who knows where and executes it on your local machine.
These advertisers expect that I should blindly trust them to execute code on my cpu, in my memory, on my machine? Yeah fuck that, it’s a privilege. I don’t invite every hobo walking by to come into my house and take a shit in my toilet.
If they don’t like that not everyone executes their syphilis-ridden javascript, then they should put their shit behind a paywall. But they won’t, since they know they don’t have a product worth paying for.
Whaat‽ You mean auto downloading and executing foreign JavaScript in a users webpage from some server/CDN I might not even know myself as an ad company could be an attack vector? Never!
(This mostly for those people who may not know that some [most? Dunno don’t have a source for this] ad networks literally allow advertisers to inject small chunks of html into pages for “more interactive/better ads”!!)
This is a great point I try to convey to my less-technical friends and family. Looking at a webpage is not like changing the channel on a tv of old. Looking at a webpage pulls code from who knows where and executes it on your local machine.
These advertisers expect that I should blindly trust them to execute code on my cpu, in my memory, on my machine? Yeah fuck that, it’s a privilege. I don’t invite every hobo walking by to come into my house and take a shit in my toilet.
If they don’t like that not everyone executes their syphilis-ridden javascript, then they should put their shit behind a paywall. But they won’t, since they know they don’t have a product worth paying for.