Why shouldn't we? Security on the browser level is actually stricter than that at the OS level most of the time. Any app you download from any random place and run can access your webcam - but a webapp has to request it.

I don't think the web makes Trojans or security flaws any more likely, it just changes where they sit. For the OS you've got buffer overflows which have been common for years and bash injection vulnerabilities.

The issue is if someone can break out of the sandbox. I think it's perfectly acceptable to make a web technology that can be the OS. I don't see any reason that such progress should be halted.

The browser was an application to view and consume content. Basically a book reader where you could access thousands of books just by putting in the right URL to the book.

Now it's the same thing but for applications. For features, functionality. With the right standards it's cross-platform - write once run anywhere. With improving specs and browser vendors caring about speed and UX it can begin to reach the same speeds anything "native" could.

I don't think the security risks outweigh the benefits, and even with those risks we can work hard to mitigate them.

The reason people are making the browser the OS is because there's money in it. Ad money, SaaS money, middleman money.

People whose computers already do useful things, for free, will obviously think that moving everything into the browser is stupid. But if you look at it from the perspective of the profit-driven companies and people pushing for it, the motivation is reasonable, if evil.

The reason I want to make the browser the OS is accessibility. Every other platform requires limiting your audience to a certain kind of person, usually drawn fairly close to class lines. I like software that's easily accessible anyone interested, with a minimum fuss from a usability perspective. The web is the only platform that matches that description.

Its big limitation is hardware access, so things like WebUSB, WebRTC, etc are great in my book.

As a blind person, I'll be the first to tell you that a vast majority of web technologies are built with accessibility as an afterthought at most. Just about when we've figured out how to make good accessible native apps, everything's going into the browser and it's a giant mess. Ugh.

I mean accessibility in a much broader sense than just hearing and vision impaired.

That said, your point is fully valid. The web is a wild untamed place, and without gatekeepers there is no one to impose rules that help people like you.

I think we will overcome that with upcoming toolkits, particularly conversational UI toolkits, but... Well, point taken. :)

WebGl actually exceeded my personal expectations regarding security. This may actually be alright.

It took years to put band-aid security measures onto a standard that initially allowed random websites to dump your VRAM contents and/or remotely exploit kernel-layer video driver bugs.

And graphics drivers/hardware are a much easier to control market than USB devices. You have five or six GPU vendors to yell at and/or blacklist broken driver versions, and tens of thousands of USB vendors.

> We could make the browser the OS.

Nah, the browser is a graphical terminal akin to X11's original usage.

The OS is out there in the clouds...