2020-12: another reason why JavaScript SUCKS badly and websites NEED TO WORK without JS: it might “destroy” NAT security:

NAT Slipstreaming allows an attacker to remotely access any TCP/UDP service bound to a victim machine, bypassing the victim’s NAT/firewall (arbitrary firewall pinhole control), just by the victim visiting a website.


Confirmed! JavaScript is indeed EVIL!

just imagine you surf a hacked website… that hijacks your phone calls expensive numbers… sends spam mail and whatsapp messages to your trusted friends and encrypts all your holiday pictures.


“The duo used an integer overflow in the JavaScript engine of the web browser to exfiltrate a picture from the phone. They earn $25K and 6 Master of Pwn points.”



as seen on: