Ask HN: Anyone else worried about WebAssembly?

The cons are legitimate concerns, but compared to the plausible alternatives I still don&#x27;t think they&#x27;re too bad.<p>Assuming a reasonable implementation in browsers, WA code should still be significantly safer to run than installing native applications locally on almost any major desktop OS, since there is a sandbox model in place for the in-browser code but the desktop OSes all have relatively open and crude security models that are 20+ years past their use-by date.<p>We already have plenty of malware-like scripts written in JS trying to fingerprint you, steal your processing power to mine Bitcoin, trick you into entering sensitive data in the wrong place or otherwise exploit you, so I don&#x27;t see that WA is particularly likely to be worse in that respect. It&#x27;s not great, but we should fix these things by tightening the security models for all downloaded code; it&#x27;s not a problem specific to one language.<p>The barrier to exploration by curious learners is a significant drawback, for sure. Plenty of people have learned basic programming skills by examining interesting websites over the years. But again, even in JS, usually you just get some obfuscated, minified bundle these days unless a site is specifically leaving natural JS for visitors to read as tutorial sites sometimes do, so again I&#x27;m not sure we&#x27;re losing anything that wasn&#x27;t already getting lost anyway.