> you're really splitting hairs, that's not what is meant. a serial port is very much the physical rs232 "connector" or an emulation of it.

Key word "or an emulation of it." From the software point of view, all it's doing is sending and receiving bits at some baud rate. The physical hardware interface no longer matters. That's kind of the whole point of these things. Beyond the hardware interface, modern keyboard and mouse speak exactly the same protocol as they have since the PS/2 days. In fact USB keyboards usually still have PS/2 port hardware in them, which is why you can use those USB-PS/2 adapters (which are entirely passive).

They don't "identify as" serial devices. The are serial devices. Always have been. It's not unthinkable that a poorly made device could be vulnerable to a firmware hack and not unthinkable that giving javascript access to serial ports could be a vector for such an attack. Not even hard to imagine a fancy keyboard with programmable RGB lights or OLED displays (that definitely have microcontrollers capable of executing arbitrary code) getting exploited.

> of course, which is why the browser asks the user for permission to acces all these devices!

That's a strange way to admit you don't know how security vulnerabilities work. "There's no way someone could get in uninvited; there's a lock on the door!"

> they can already do that.

Maybe? But adding a system where javascript can directly and explicitly interact with serial ports is definitely not going to make doing it any harder, is it?
=Smidge=

Ride in comfort in your own private island oasis. Just like Epstein's

> this api is about ports that everyday hardware (like e.g. mice and keyboards) hasn't used for decades,

If by "decades" you mean to this very day. A serial port is not the physical connector. Your keyboard is almost certainly USB (no points for guessing what the "S" in "USB" stands for). It presents as a serial device at the hardware and OS level, like all USB devices do. If your OS puts it into a special category and doesn't explicitly label it as a serial device, that still doesn't mean it's not a serial device.

Now, whether or not any particular mouse or keyboard actually has a vulnerability where they have firmware available to be overwritten is an entirely different subject... but it's not unthinkable some devices may be exploited in such a way.

I can definitely see some shenanigans where a malicious website uses this as a vector to keylog. That's *already* well within the realm of plausible exploits, even without the WebSerial API. This is just another surface to attack.
=Smidge=

An otherwise very technical friend called me recently to tell me someone was using my name in emails sent to him. I explained that I'm on a list, that we're ALL on a list. And someone is possibly phishing him directly.

No, don't lose the plot. I'm referring to something specific in Tesla's business model:

How about we use UTC everywhere and each locality picks the time they prefer for lunch break.

Even the grass has a union.

I save time by working from home. No extra daylight necessary.

Never in my life have I started farm work at 9 am. I showed up when the farmer told me to show up (my friend's dad, who was paying me). If your not working in an office, bankers hours don't matter. I started at 6:30am when I worked at an iron foundry to prep for the first shift at 7am. And if there was no DST

Well I also hate taxis. It's a solution to a problem that Elon insists we have. But unlike him l, I have no problem riding a bus with working class people.

More efficient than a bus that can carry dozens of people?
Because that 103 Wh/km (165 Wh/mi) needs a /person on there. And with person=1, it lacks bus scale numbers.
( 0.5 to 2.5 kWh/km is what I see measured energy consumption values for 10m-18m long busses )

Maybe a nerd website is exactly the place that someone with binary arguments would go?

Extreme wealth transfers to immortal corporate entities frequently enough. 100 years from now there will still be a Meta and Alphabet. Or a company that acquired them both.

Nothing.

There is a 30 year old law that prohibits releasing audio from aircraft black boxes. They accidentally "released" the audio by publishing a spectrograph, which is effectively a violation of the law.

So now they're going through all their stuff making sure they aren't accidentally releasing data they are legally prohibited from releasing.

No conspiracy needed.
=Smidge=

I'm in this video, and I don't like it.

Pretty much my initial experience with vibe coding.