Brain on Fire Tim McCormack, distilled.

As I watch my browser fill with extensions which enhance web pages by adding scripts (Greasemonkey, Platypus, Cocomment, ), I wonder whether some sites may start fighting back. Perhaps Google may detect Platypus removing a text ad, and add a page script to re-insert the ad. Will scripts begin to battle, wage wars of privilege, namespace, obfuscation, and timing? Will the javascript sandbox become a bloody battlefield, littered with object literals, new troops parachuting in via JSON headers and asynchronous XML HTTP requests? Will the DOM tree be hung with broken and battered functions? I envision closures spawning closures, surveiling the digital landscape, emerging from their window.setTimeout bunkers to strike again...

I find the current state of affairs in programming deplorable. As it is, a single tiny system program with an unchecked buffer size can often be exploited by an attacker to execute arbitrary code on the system. (Let that sink in for a second.) Your operating system (whatever it is) is so fragile that a single coding error, a typo, could allow anyone to do anything they wanted to on your machine. That's unacceptable. And all too common.