Ecmascript was made to standardize JavaScript, but it isn’t based on JavaScript. Actionscript is then based on ecmascript, making Actionscript a sibling to JavaScript, not a subset.

Arbitrary code execution is a vulnerability where you write and execute arbitrary code outside of the intended environment

Just because Actionscript is a language doesn’t mean it has the functionality to do whatever to your machine. It lacks most of those functions because it is mostly a graphics library. It would have to run an already prepared external script via some improper memory pointer somewhere for it to be arbitrary code execution.

And Actionscript is not built on top of JavaScript. Both JavaScript and ActionScript are based on ecmascript. They are different, just like Typescript and JavaScript are different.

Actionscript was object oriented and had proper types unlike JavaScript which to this day is one of the worst programming languages.

Are you sure I’m the one misunderstanding the problem of evercookie? Was the problem that you could access the same cookies from multiple browsers because of ActionScript, or was it that evercookie maliciously restored said deleted cookies after they were supposed to no longer be used? One is a feature that allows transferring sessions between browsers on the same computer. The other is essentially malware.

Flash didn’t allow arbitrary code to run. It had a very limited scripting language (which design-wise is superior to JavaScript, by the way) to control canvas elements and playing sound. You couldn’t execute programs on your computer.

If by late you mean right before action script 2. I was making flash games back then and I remember it being unable to access virtually anything without first triggering a prompt, which you could disable by right clicking, and going into properties.

Your legitimate concerns about JavaScript are blockable by the browser.

Yes, through NoScript. And it should be blocked, not blockable.

It is funny you mention evercookie because that was a JavaScript library, and affected all cookies, not just flash cookies.

Flash cookies being sharable between browsers was bad, but you could still easily clear those cookies, that is until a certain JavaScript library started restoring them automatically.

You really can’t. If it was only HTML and CSS, any accessibility program would be able to select any part of the page, and easily alter the CSS and HTML. That is next to impossible now because of JavaScript.

It shouldn’t be up to the website developer. It should be up to the browser developer. You don’t blame a lemmy instance for poor accessibility with Jerboa.

We still use plugins. In fact you most likely have one installed right now for video encoding. JavaScript not being a plugin is the reason we only have two major browser cores. Chromium and gecko. JavaScript prevents new browsers from entering the ecosystem due to how hard it is to implement unlike how easy it would have been as a plugin.

Flash had vulnerabilities because of neglect from adobe. The core design of flash and its earlier stages made by Macromedia were great. It had a sandboxes environment, and later it even was integrated into a browser sandbox just like JavaScript, eliminating most vulnerabilities.

Flash was very limited in the malicious code it could run, as opposed to JavaScript which can automatically redirect you to malicious websites, install tracking cookies, access the browser canvas to install tracking pixels, freeze your entire browser, take control of your cursor, look at your entire clipboard history, collect enough information about you to competely identify and track your footprint over the entire internet.

Flash couldn’t access your clipboard or files unless you clicked allow every time, couldn’t access anything outside of its little window, and if it froze, the browser was mostly unaffected, and flash had almost no ability to collect any data about your browser.

Accessibility is orthogonal to JavaScript if the site is being built to modern standards.

In other words, accessibility is in the hands of the developers, not the visitor. And the developer really wants that scrolling background and non-selectable text, so tough luck, people with no hands, I guess.

It takes 2 clicks to get a website to work. It took a few minutes for me to get all my most commonly visited websites to work. And you can backup and restore so it takes a few minutes to sync the customization to all devices.

Flash was containerized, and completely safe until adobe just stopped supporting it. A million times better than what JavaScript has become in terms of privacy. There is a reason noscript is bundled with Tor.

And preference is definitely a reality. It is niche at the moment but I see a future where more and more people see JavaScript for what it is. Bloat.

I’ve been using noscript for years. I don’t even have to open up the blocklist anymore because I’ve successfully unblocked only the necessary scripts on all sites I ever visit. I get no trackers, no bloat, no google analytics, no Facebook, no microsoft, no ads, and no adblocker notifications.

I definitely prefer using no-script enabled pages. If it were me, I would prefer a fully non-JavaScript internet with static pages.

JavaScript introduces so many vulnerabilities, it makes adobe flashplayer look like a security suite. JavaScript also breaks all accessibility features like speech recognition and font size and color control.

A manager position is easier to replace than a programmer position. By the time AI is smart enough to replace you, it is also smart enough for you to replace the entire company with and run solo.

They can’t. They have no clue where you are currently in the video, and even if they did run some client side script, you could easily spoof it.

Sample the color of a specified pixel (or something recognizable in the streaming format) every 30 frames from the original video.

Store collection of pixels in a database and share in a peer to peer network or stored on invidious instances. Because the sample size is small, and the database can be split up by youtube channel, the overall size and traffic should remain low.

When streaming a youtube video, if the plugin detects that the pixel in the video doesn’t match the one in the database, automatically skip until where the pixel matches the data in the database.

What does google expect users to do once they realize they get better extensions with firefox?

Imagine ad blockers not working on youtube only on chromium browsers, or tracking cookies/pixels/scripts not being blockable only on chromium browsers.

I already switched

…to Linux.

You can’t just dismiss all those problems as not real. What are you talking about? Those are as real as any other problem, and affect lot of people. They affect me and are more important to me than what for example any quickpay service solves. And mass surveillance is one of the biggest problems of our time. Dismissing it as a non-issue is unhinged.

And stop trying to paint verything as criminal. It doesn’t matter what you need to send 10k anonymously for. You could be obtaining your salary and don’t want others to know how much it is or how much you’ve accumulated (except for when you report it yourself, ie taxes). you could be a whistleblower or reporter, or just care about privacy. One should never have to provide a reason to want privacy ever.

People would accept Monero during a bankrun. In fact, the biggest winners in the China bankrun (besides the corporations) were people who were illegally holding cryptocurrency in China.

In physical purchases, yes, your name will end up on whatever contract, but “it was paid with Monero” is the only information that will be available. Not what else you’ve been buying or who you got it from. And I already gave an example of where your name doesn’t get linked whatsoever. Mullvad VPN. Any online service has no reason to require your personal information. Cloud storage, subscription fees, software licenses, etc. Not everything is physical packages to your door, and there are also peer to peer crypto-cash exchanges. You can absolutely buy anything anonymously even if you are a bitcoin holder.

Yes, when “money” falls, and the societal collapse happens, everyone’s going to trade in bitcoin.

I never said anything about societal collapse. You’re reiterating r/buttcoin arguments against things I’m not saying.

You don’t need to give a reason to want privacy. If you immediately think “that’s just suspicious criminal behavior” then you’re essentially using “protect the children by banning encryption in messaging applications.” As argument.

I honestly can’t believe that’s a real argument you’re making, that’s just ridiculous. Especially given the number of rug pull scams there are with coins.

Yes there are hundreds of thousands of shitcoins and rugpulls, I’m not justifying their existence, but Bitcoin, Ethereum, Cardano, Nano, Monero, Litecoin. These chains alone can surpass credit card max TPS. There is no argument comparing one single blockchain to one single credit card service, because the reality is it is spread out throughout all of them. You don’t need more transactions per second when you can allocate these transactions to different blockchains depending on what is fastest, cheapest, safest or most private at the time.

They aren’t currencies, they’re investment vehicles backed by nothing.

They’re currencies, not investment vehicles, and some of them are directly backed by government bonds and cash (like USDC).

Block chain transactions aren’t as anonymous as you think, people can be easily revealed by looking at the wallet’s history and asking the last person you bought from “where the item was shipped to”…. Public ledger and all…

That is first of all completely untrue with for example Monero where the coins are fungible and virtually untrackable. Second of all, they’re completely anonymous as long as you don’t provide KYC to one of your wallets or withdraw money to a bank account that belongs to you. The biggest bitcoin holder to this day is completely unknown.

Ethereum can now process 1000 x 10 transactions. Visa currently does what, 80000 per second? Yeah it’s not quite 1/10th but….

Visa does 60k TPS, arbitrum can do 40k TPS. But also, 10000 is indeed more than 1/10 of 80000.

How long until arbitrum reveals the rug pull? I’m sure it will be any day now.

You get back to me when that happens. If you look at the tokenomics of ARB you should be able to tell how big of an impact that would have.

Crypto is a solution to a problem nobody has. Need anonymous transactions? Here’s some cash. Need international anonymous transactions? Yeah, those are probably better being tracked anyways. And I say that as a privacy advocate. Yes, privacy matters, no international transaction privacy doesn

Need anonymous transactions? Sure let’s send 10k by letter and see how well that goes. It would take several weeks before it arrives if the mailman didn’t suddenly lose track of it. International transactions are very expensive and get arbitrarily blocked. “Solution to a problem no one has”… I literally cannot pay my student loans because my Japanese bank blocks credit card transactions to the one system the Swedish student loan agency uses for credit card payment, and sending money by bank transfer costs up to 10% of the wired money. Do you think I want to spend over 4,000$ on fees just to pay my student loans? It cost me 0.01$ to send all of that through Ethereum layer 2 in less than a minute to a family member so they instead could make the credit card payment. You think no one has any problems with traditional banking and payment because your privileged ass never had any issues. In China people couldn’t withdraw any money from their banks during the evergreen ponzi. Crypto was available at that time.

Ya know what most “anonymous” international transactions are? Scams.

Most of them are trades, next are off-shore transactions, third are donations. Scammers use Amazon gift cards, not cryptocurrency, because old gullible people have no idea how cryptocurrency works.

Let’s break this down to a single argument though…. Crypto is the answer to a problem nobody has. Smart contracts? For what exactly? Anonymous international transactions? What’s the need? As a society we’ve decided that some types of transactions are illegal. Yes, sometimes governments make things illegal that they shouldn’t, and authoritarians around the world make all sorts of things illegal that they shouldn’t… but for your necessities, they’ll all be available locally. And under an authoritarian enough regime, they can just inspect your mail anyways. Society requires trust, and that’s going to happen locally no matter what coin you use. It’s great that I can have a zero trust model for sending money, but it’s useless, because ultimately you still need to trust the person receiving it to do the exchange.

The problems:

1. Banks refusing to let people withdraw their money (China, 2022),
2. Visa blocking art platforms from all credit card payment until adult content is cleared from the platform (deviantart, pixiv, 2024)
3. International bank transfers being buttfuckingly expensive (everyone, anytime)
4. Credit card companies and banks selling your transaction history to advertising companies (US, 2024)
5. Banks arbitrarily blocking credit card transactions (even very important ones such as student loan payments) because their targets aren’t domestic.
6. Credit card services charging 1.5% - 3.5% fees per transaction despite the actual cost being virtually none.
7. VPN services keeping your credit card information, essentially linking all your activity to you specifically instead of anyone using your IP.
8. Having to register an account, give your name and address, credit card info and phone number to be able to donate to your favorite content creator, then have your data be leaked among millions of other people’s data in a giant data breach.

Why don’t you give me a good few solutions to these problems? Cryptocurrency solves all of them at once.

That’s not happening soon. The stigma is only getting worse in the US and non-us services are paying the price. Look at pixiv who had to IP ban American users.

Paying people. And as I said, you can link crypto to a debit card to pay on these shitty platforms if you want (platforms that are bad for local business to begin with).

There is no diminishing utility for crypto. It has already been integrated to a point where you just don’t realize you can use it.

There isn’t a coin out there that can process 1/10 of the number of transactions that Visa does in an hour.

Ethereum had a sharding update done recently, which boosted the maximum TPSs by 1000 times. Arbitrum claims to be capable of 40,000tps now. That’s 2/3 of visa. Combine all blockchains and they all surpass all credit cards combined.

Also, credit cards charge 1.5% - 3.5% processing fees. Ethereum L2 charge less than 0.01$, making them much cheaper than credit card transactions. https://l2fees.info/

Anonymous vpns would still exist, as block chain existed prior to crypto

No they wouldn’t. They’d be vpns directly linked to your credit card. You’re more anonymous without a VPN at that point.

You’re right, it’s not a ponzi scheme, it’s the “bigger idiot” scam.

It is a currency. It has inflation. Anything with value can become a “bigger idiot” scam. Google stocks are a “bigger idiot” scam except you also help them destroy the internet when you invest.