Why browsers are bloated

https://github.com/WebKit/webkit/blob/master/Source/WebCore/platform/Scrollbar.cpp
https://github.com/WebKit/webkit/blob/master/Source/WebCore/platform/win/ScrollbarThemeWin.cpp
Let's reinvent the fucking scrollbar, which every goddamn platform with a UI already has, and make it behave subtly different from the native one!

Right-click a native scrollbar in some other app:
- Scroll Here
- Top
- Bottom
- Page Up
- Page Down
- Scroll Up
- Scroll Down

Right-click a scrollbar in Chrome:
- Back
- Forward
- Reload
- Save As...
...

Right-click a scrollbar in Firefox and Opera:
Absolutely fucking nothing happens!

What the fuck!? How did these terminally retarded idiots get involved in creating one of the most important pieces of software to the average user?

>>512
Just because there's no language that has never had a vulnerability in programs written in it, doesn't mean it's easier to write insecure code in some languages (C, PHP, Ruby, ...) than it is in others (Scheme, Java, Go).

In general, managed memory is more secure than unmanaged memory (otherwise why not just ring0 everything? So Fast!!). Of course it doesn't matter in the hands of a True Master but you and I both know we're not True Masters. See: every buffer overflow since the beginning of time.

In general, strongly typed languages are more secure than weakly typed languages. That's a string you say? Sure, but it might also be an array. See: http://blog.sucuri.net/2014/10/drupal-sql-injection-attempts-in-the-wild.html

In general, more magic means more ways things can go wrong. The more a language tried to do behind your back, the easier it is for things to slip by unnoticed. See: http://www.sitepoint.com/anatomy-of-an-exploit-an-in-depth-look-at-the-rails-yaml-vulnerability/

So really what we're looking for is a boring, strongly-typed language with managed memory. Vulnerabilities will still happen, but with less regularity.