ティージェーグレェ on Nostr: I doubt I'll change your mind, but I come from a realm in space and time where the ...
I doubt I'll change your mind, but I come from a realm in space and time where the World Wide Web was never good and has only gotten progressively worse with time.
HTTP is stateless, which is I guess a mild win for distributed NUMA stuff (particularly back in the late 1980s/early 1990s when a computer having 2MB of RAM was not even the norm yet); but more or less horrific from a network protocol design, to the point where even FTP (which predates TCP/IP entirely) IMHO is less brain dead. Tearing down/re-establishing TCP connections constantly? So wasteful.
The S in HTTPS is still optional, which means that ubiquitous encryption will never happen. Moreover SSL/TLS have been so bad that they didn't even have rudimentary PFS (Perfect Forward Secrecy) until extremely recently. It's only thanks to Let's Encrypt (RIP Peter Eckersley whom I knew personally) that TLS has become even mildly tractable and instead of being a default, it costs that organization roughly $5 million/year to operate!
No doubt the $$$ made by commercial CA vendors per year has made a killing for decades, so the incentives are aligned such that commercial CA vendors will never want to see Let's Encrypt thrive as well.
Oh yeah, and that thing about rouge CAs being a real threat model that can (and has) completely undermined all the illusion of security that SSL/TLS provide (I was privy to the research of generating a CA cert for *. [insomuch as . is the root of all DNS TLDs] before publication and suffice to say, I don't think that threat is acknowledged for being as bad as the proof of concept was insomuch as the proof of concept was intentionally defanged slightly so as to make it less likely to be abused).
I'm trying to remember how a friend in college described HTTP when he learned about it, something along the lines of: "it is as if gopher and FTP had a bastard step child and it's somehow worse than both of its parents."
To say nothing of HTML being crappier than (uP)[La]TeX for text formatting. It is so painful to write right to left, vertically aligned orthographic systems (such as more or less all CJKV languages) in HTML and it's only been very recently that even poor attempts have been barely possible that many websites for native speakers/readers of such languages, just give up trying entirely and default to English-olonialism text formatting styles.
Oh, and browsers being awful.
And a huge attack surface.
And the browser wars.
The unfortunately reality that though there are hundreds of browser (one of my past employers has probably the leading commercial automated testing framework for such things) they're still basically "dominated" by one, or maybe two at best, vendors which exceedingly horrific anti-trust/hegemonic surveillance capitalism business practices?
I could go on, but no: things going to http(s) over time has been a HUGE backwards move IMHO.
Oh, did I mention anything about performance? Because WebApps also fail there relative to local applications, almost invariably.
Now, instead of seasoned developers actually doing cross-OS development, far too many seem content to develop for one browser, on one OS, everyone else bedamned.
Not to mention a lot of the so-called "frameworks" to "simplify" that terrible "development" paradigm have begat even worse problem (I have lost count of all the "How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript" dependency hell horror stories I've seen.
Software for the PCエンジン? Mostly predates the World Wide Web entirely. Still functions perfectly without a network connection. Has CD-DA audio with the right peripherals. Coders had to be decent to get much interesting to run on a CPU that clocked at 7MHz and had 8 KB RAM 64 KB VRAM, yet still some pulled off FMV with synced audio; something that YouTube requires how much RAM and clock cycles to do now? Sure, the resolutions and color depths might be higher, but lossy compression is more or less a given. Not a win doing things in a browser IMHO. ;(
If more people still wrote HTTP(S) stuff that loaded and functioned properly in lynx, maybe it would at least be an accessibility win, but writing from experience: very few seem to actually design their HTTP(S) stuff with accessibility in mind. ;(
HTTP is stateless, which is I guess a mild win for distributed NUMA stuff (particularly back in the late 1980s/early 1990s when a computer having 2MB of RAM was not even the norm yet); but more or less horrific from a network protocol design, to the point where even FTP (which predates TCP/IP entirely) IMHO is less brain dead. Tearing down/re-establishing TCP connections constantly? So wasteful.
The S in HTTPS is still optional, which means that ubiquitous encryption will never happen. Moreover SSL/TLS have been so bad that they didn't even have rudimentary PFS (Perfect Forward Secrecy) until extremely recently. It's only thanks to Let's Encrypt (RIP Peter Eckersley whom I knew personally) that TLS has become even mildly tractable and instead of being a default, it costs that organization roughly $5 million/year to operate!
No doubt the $$$ made by commercial CA vendors per year has made a killing for decades, so the incentives are aligned such that commercial CA vendors will never want to see Let's Encrypt thrive as well.
Oh yeah, and that thing about rouge CAs being a real threat model that can (and has) completely undermined all the illusion of security that SSL/TLS provide (I was privy to the research of generating a CA cert for *. [insomuch as . is the root of all DNS TLDs] before publication and suffice to say, I don't think that threat is acknowledged for being as bad as the proof of concept was insomuch as the proof of concept was intentionally defanged slightly so as to make it less likely to be abused).
I'm trying to remember how a friend in college described HTTP when he learned about it, something along the lines of: "it is as if gopher and FTP had a bastard step child and it's somehow worse than both of its parents."
To say nothing of HTML being crappier than (uP)[La]TeX for text formatting. It is so painful to write right to left, vertically aligned orthographic systems (such as more or less all CJKV languages) in HTML and it's only been very recently that even poor attempts have been barely possible that many websites for native speakers/readers of such languages, just give up trying entirely and default to English-olonialism text formatting styles.
Oh, and browsers being awful.
And a huge attack surface.
And the browser wars.
The unfortunately reality that though there are hundreds of browser (one of my past employers has probably the leading commercial automated testing framework for such things) they're still basically "dominated" by one, or maybe two at best, vendors which exceedingly horrific anti-trust/hegemonic surveillance capitalism business practices?
I could go on, but no: things going to http(s) over time has been a HUGE backwards move IMHO.
Oh, did I mention anything about performance? Because WebApps also fail there relative to local applications, almost invariably.
Now, instead of seasoned developers actually doing cross-OS development, far too many seem content to develop for one browser, on one OS, everyone else bedamned.
Not to mention a lot of the so-called "frameworks" to "simplify" that terrible "development" paradigm have begat even worse problem (I have lost count of all the "How one developer just broke Node, Babel and thousands of projects in 11 lines of JavaScript" dependency hell horror stories I've seen.
Software for the PCエンジン? Mostly predates the World Wide Web entirely. Still functions perfectly without a network connection. Has CD-DA audio with the right peripherals. Coders had to be decent to get much interesting to run on a CPU that clocked at 7MHz and had 8 KB RAM 64 KB VRAM, yet still some pulled off FMV with synced audio; something that YouTube requires how much RAM and clock cycles to do now? Sure, the resolutions and color depths might be higher, but lossy compression is more or less a given. Not a win doing things in a browser IMHO. ;(
If more people still wrote HTTP(S) stuff that loaded and functioned properly in lynx, maybe it would at least be an accessibility win, but writing from experience: very few seem to actually design their HTTP(S) stuff with accessibility in mind. ;(