HTML, CSS, SVG and other things your browser will interpret might be more complex than JavaScript and surely their implementation contains bugs and exploits. Hell, I recently learned about CSV injection (comma separated values). You can't realistically discard JavaScript and think that you're safe. The world is full of complex data formats ready to be exploited. Proper solution is to embrace sandboxes and put many walls around it, so inevitable bugs won't be exploited.
This is wrong. The focus will simply switch to sandbox escapes.
On x86, the only real "sandbox" you have is what your MMU gives you. For as long as executable has access to browser's address space, it can do anything a browser can, including reading your webcam, mic, sensors, GPS, etc
>> This is wrong. The focus will simply switch to sandbox escapes.
Thank you. We have a winner here! And the people trying to escape them will have the full capability of native code running on your CPU.
In the mean time, permissions will be granted for ever increasing parts of the system. Users will not be prompted to "allow" for every site they visit because that will be tedious so browsers will start the enable permissions by default. But either way, we now have the browser acting as the keeper of permissions that our OSes are not able to enforce at the granularity we need for such things.
We've been continually migrating the browser to the role of an OS. It's just insane.
How is it insane? It does a lot of things better than our current OSes. As long as we go into it knowing that's what we're doing it's an inherently better application and security model in a lot of ways.
