Mixed feelings about creative work and AI, but if it wasn't for LLMs I would have chosen a different software than Blender for my hobby-level 2D animation.
Made a Blender plugin w/ Claude, and it's saving me so much time (:
It's a bit hard to do comparisons without going into threat models and all that _fun_ stuff :shrug:
For example, JS runs in almost every browser on earth too, yet it took V8 devs 2 years to find out that `Math.expm1()` could return -0.0 (https://chromium.googlesource.com/v8/v8.git/+/56f7dda67fdc97...). This is a cherry-picked example, and JS is clearly more complex than WASM, but still.
Just because stuff runs on a lot of devices doesn't mean it's more or less secure.
Linux runs on quite a few devices too, yet we still find bugs, people still don't ship updates to said bugs, yadda yadda yadda.
My point is just that lots of devs often skip the threat modeling and just think "I'll slap it in a WASM thingie an it'll be fine". Well good luck.
I recall Shopify having a seccomp-based jail to run untrusted ruby code. But their use-case was very limited so they can get away with blocking almost every syscall.
Other than that... VMs? The fact that people consider JS/WASM engines good security sandboxes is a bit scary tbf.