Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, the bottom line is that Netflix is sending you code executed on your own machine. You, as the user, should have full access to inspect the executed code. Obfuscated or minified code should only be used as a bandwidth saving device, and not to hide the true functionality from the user. If the browser is seeing it, why can't the user?

Disabling a feature of the user's browser is absolutely absurd. If you want to hide from the user whats going on then that code needs to run on the server.

Can you imagine opening an image in Photoshop and because of some flag half the tools disappear? Yeah, me either, and images don't even run code.



Have you ever tried scanning in a picture of a US Dollar? ;-)


HOLY SHIT. I never knew about this. Makes me wonder though if someone decided to prevent the scanning of every single currency out there and the developers had to code in a shitload of recognition patterns into the scanners firmware.


http://en.wikipedia.org/wiki/Eurion suggests currency has some common features.


Works perfectly fine on Linux (scanning with SANE, editing with Gimp and printing with HPLIP).


Disabling features of user's browser is nothing new. "no right click" scripts, arguments to window.open that remove parts of the browser UI, etc.


Of course, that isn't a defense for disabling the developer console (which should be considered a critical security issue): all of those were as stupid and immoral and indefensible as this.


Don't blame the web page so much as the user agent that respects such silly things. Use a better browser.


I don't use Chrome (I don't use Google products) and I wasn't defending it. It's a critical bug in the browser, but that doesn't mean it's okay for Netflix and Facebook exploit it.


Can you direct me to the button in Photoshop which opens the source code viewer / debugger for the program? Thanks.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: