Those are the main reasons. And seeing how browsers are essentially designed to run other peoples code with minimal to no vetting processes, I consider this a serious issue.
So how is this any different if we don’t have a browser? People still want to visit “websites” which in your world is even worse. Because now every website is a distinct application (yikes!). The problem is that people are willing to run arbitrary code in the first place.
How many times have _you_ as a developer, run arbitrary scripts from the internet? Blindly accepts packages that you have not vetted?
I would be very different if browsers were tools to view documents though. I am not saying that browsers don't have a purpose. I just question that browsers should answer the question about what their scope is with a loud "yes!"
Thanks for sharing, that's interesting angle that I did not consider. So essentially the argument goes that more "surface area" == more vulnerabilities? While that makes perfect sense, don't you feel like the pressure for more feature comes from somewhere? By analogy, dynamic languages like JS/Python make the job of people writing the compiler much, much harder. But, on the whole and despite all their flaws, it is true that they increased productivity by a lot.
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=chrome
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=firefox
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=webkit
Those are the main reasons. And seeing how browsers are essentially designed to run other peoples code with minimal to no vetting processes, I consider this a serious issue.