SoylentNews is people
SoylentNews
From ZDNet:
Around half of the websites that use WebAssembly, a new web technology, use it for malicious purposes, according to academic research published last year.
WebAssembly is a low-level bytecode language that was created after a joint collaboration between all major browser vendors.
[...] However, while the vast majority of samples were used for legitimate purposes, two categories of Wasm code stood out as inherently malicious.
The first category was WebAssembly code used for cryptocurrency-mining. These types of Wasm modules were often found on hacked sites, part of so-called cryptojacking (drive-by mining) attacks.
The second category referred to WebAssembly code packed inside obfuscated Wasm modules that intentionally hid their content. These modules, the research team said, were found [as] part of malvertising campaigns.
(Score: 2) by Unixnut on Thursday January 09 2020, @10:22PM
> How is this different to back in the days when folks install random desktop apps downloaded from ICQ or even before then random media people hand around in school/college/office/magazines?
Or a more apt example: ActiveX and java applets, which were binaries run straight off the web in your browser. They were really good, but the problem was the lack of clear security and sandboxing for ActiveX (it was a security nightmare) as well as not being cross platform (it was windows only), and Java applets (while cross platform) were so slow to start (because they had to start the entire JVM just for each small browser applet).
As technologies, when properly applied and used, were great, but they were crippled by mistakes made in their development and tech limitations of the time. We have had decades of development and improvement in security/encryption/browser sandboxing, so Webassembly might be an improvement over using Javascript (hell, people "compile" code to java via ASM.js, to emulate an equivalent of webassembly already, but less efficient).