I'd sleep more soundly at night knowing that the executable code used to make video calls through webRTC was running through exactly the same sandbox as other executable code such as asm.js. Why does anyone believe that the Skype codebase won't be subject to the same sort of attacks and vulnerabilities once it becomes part of the browser?īecause with plugins you're relying on a separate sandbox model from the rest of the browser.