WASM vs. JavaScript: Developers Fracture Over Security and The Future of the Web Stack
The discussion centers on WebAssembly (WASM) proving itself as a direct, high-performance replacement for JavaScript's web intermediary role. Users see WASM offering standardized, near-native speeds while avoiding current JS limitations, a sentiment echoed by 'LPThinker' who noted the need to bypass 'janky glue code.'
Opinion splits sharply on risk. Some praise WASM's potential for better deployment flexibility across various clouds ('fruitycoder'). Others, like 'protogen420,' scream that both WASM and JS are inherently risky mechanisms, pointing to the 'incountably many' cross-site CVEs. 'asudox' went further, advocating for eliminating JavaScript from the stack entirely. Conversely, 'ISO' warns that ditching RCE risks might just trade them for definite Man-in-the-Middle vulnerabilities.
The current mood is one of deep skepticism mixed with ambition. The weight of argument points toward WASM's technical superiority in performance, but the security objections—the fundamental vulnerability of web code execution itself—are creating a stalemate. The fault line runs between developers excited by performance gains and security experts terrified of the underlying trust model.
Key Points
WASM provides necessary performance boost by bypassing JavaScript inefficiencies.
'LPThinker' argues WASM enables direct Web API interaction, ditching 'janky glue code'.
The security risk associated with both JS and WASM is alarmingly high.
'protogen420' insists both are forms of remote code execution, citing too many CVEs.
JavaScript should be completely removed from the web stack.
'asudox' made the strongest argument for jettisoning JS entirely.
Eliminating RCE risks simply trades them for MITM risks.
'ISO' contends that simplifying security might just guarantee exposure to Man-in-the-Middle attacks.
WASM offers superior binary compilation and deployment flexibility.
'fruitycoder' highlighted WASM's use as a universal target across server and cloud environments.
Better framework APIs are needed for WASM to replace React-like applications.
'BlackRoseAmongThorns' expressed interest but noted current framework gaps.
Source Discussions (4)
This report was synthesized from the following Lemmy discussions, ranked by community score.