Re: Untrusted Code?
Absolutely.
I propose that we create a language which is subject to a strict security model and runs inside a user-space application. Such a language wouldn't facilitate any kind of arbitrary code execution, but instead be formed from a limited subset of a common language, and not allow interaction with, say, the filesystem, or direct networking, or hardware, etc.
We could base the language syntax on some popular language, to make it easy to learn, and have browsers implement their own scripting engine isolated from the OS to execute it, subject to the browser DOM model. We could even have it compile down to a nice virtual-machine like architecture in later years and some primitive form of assembly that gets interpreted by the browser while still subject to the same model, for performance reasons.
Oh, look, you just invented Javascript and WebAssembly.
Basically, if you want the computer to be useful, it has to perform actions. You CAN have a remote server perform actions on your behalf, but then you really have little need for a computer at all. That's what we used to call a thin client, and they often have bad reputations for a number of reasons. Unless you want an entirely thin client based on web services performing all calculations, you have to act on some kind of code in a limited fashion. That means isolating yourself as best as possible (see above).
Biting the hand that feeds IT
