When the other 90% of websites out there turn off JS then I guess that argument will hold up
At least 90% of the Web sites that I visit do not require JS, and are perfectly usable without it. The few that insist on JS are never revisited. There are many Web sites out there, and so little time.
Would everybody have preferred them to write it using asp.net?
They are free to internally use whatever they want, as long as they send standard HTML to the browser. I do not want to permit random Web sites to run random scripts on my computer. It may be in a sandbox, but even the permitted actions may be undesirable. A small piece of JS code can run DDoS, for example, without you knowing it.
I'm not seeing anything bad coming from the Beta site.
Malicious code is often distributed through ad servers.
Well I haven't seen any security warnings or people beating down the door claiming that there PII was stolen from Slashdot, but I'll keep my eyes open.
That's a good plan. Besides, you have other things to lose than just the PII. It's a good thing that JS sandbox cannot be breached, ever, and that the code of all browsers is going through mathematical proof of correctness before release. It also helps that Firefox's code is secret, and nobody can look for bugs in it.
You don't have to lock the front door of your house. Most likely your neighbors won't be entering. However most of us still lock our doors - just because it's a good idea. I want my computer locked. Most of the JS out there is trying to sell me things and to sell me to others. JS rarely has a value to me. HTML alone is functional enough. I can understand that if you are building a complex piece of software in browser (like Gmail or Google Docs) then you need JS. But most web sites are not that advanced; nor should they be, because it requires a lot of trust. I do not trust any Web site simply because there is no reason for me to do so. With nothing to gain and something to lose, the ratio of those two numbers gets very simple to calculate.