[Bug-gnuzilla] A need of a paradigm shift for solving the JavaScript Trap

[Julian Marchant]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I highly appreciate what LibreJS is trying to do, and it's better than
nothing. But I seriously think that LibreJS is entirely the wrong
approach to the problem of non-free JavaScript.

Right now, LibreJS is failing because it requires a format that isn't
recognized anywhere, but theoretically, this could be solved in the
future, so let's suppose that it does. Let's suppose even further that
LibreJS succeeds so much that it causes a large portion of the Web to
release scripts under libre licenses and document the licenses in a
format LibreJS can understand.

So LibreJS is popular, and people are labeling their scripts and
linking to source code. But people are still behaving the same as
before, blindly trusting several JavaScript programs that are silently
being installed into their browsers every day. The only difference is
that LibreJS thinks the scripts are libre. These are still scripts
that are updated automatically, basically completely unaudited, and
never edited by anyone.

I get that LibreJS is supposed to be only a first step, but I think
it's the *wrong* first step. I think we need an entire paradigm shift
in how we deal with the problem of JavaScript code, one which involves
not automatic script analysis, but direct user intervention.

This is what I propose: the first time a website requests use of a
particular JavaScript file, the web browser should tell the user, show
the JavaScript code requested, and offer three choices:

1. Install the requested script

2. Install a different script for this purpose

3. Don't install any script

If the user chooses to install a script, it should be installed
*permanently*, i.e. saved to a local directory.

On repeat visits to the same website, the scripts requested should be
compared to your installed scripts. If you have the same script
installed, it should just run the script you have installed. If you
don't, it should ask you if you want to update your copy of the script
or continue to use the locally installed script, showing you either
the two scripts side-by-side, or perhaps a diff. Here, it can offer
you the option to reject the suggested script permanently.

This kind of system would take away the often undeserved trust that
JavaScript use gives to website maintainers. It would encourage
everyone to actually think about what JavaScript code they run, the
same way they think about any other program they might run.

Another great thing about this system: it would be useful for more
people than just us. People interested in security would find it
useful for every script to be accepted or rejected on a case-by-case
basis, too.

Please discuss.

- -- 
Julian Marchant
Email: address@hidden, address@hidden
GnuPG keys: 0x3D015302, 0xD0AF3FA4
XMPP: onpon4 @ riseup.net
Diaspora: onpon4 @ nerdpol.ch
Website: https://onpon4.github.io

Protect your privacy with GnuPG:
https://emailselfdefense.fsf.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJUTaHXAAoJELP1a+89AVMCoA0H/iaJAQ1fQof70DcRVW4RR3d5
6eCARYPBmMv+h00EgzN5VmLbhcZ0gjFuYmJrN9AjGzP7jZu7eAGwL3HKfbT9AgrW
DGWqErrX6w2wwpbVUGi+0PilGxWX/A38zL477f/Q7jqWPiYE6UvXqcSP1Iy2MBjK
JM841lSSIoPC7lgxmTqDRgyw927SMU3+aevFKtCi3C5UaNoar9SE4vf8OFAo3yl7
aaBb/CfYsrn4JSwct+mTDPaVH+/7ADLJ3eT/F1icvP3a1ITa12OHz0BQvKKLfoM+
XCdVYZsHucYkrkO0b0y4sTo+jnMDmvkRkuF/J2XaPCLnVTL+LnalbCTDKDhdpOo=
=1h/s
-----END PGP SIGNATURE-----