Sometimes people put games and desktop apps in websites.
And, really, when you download a game or desktop app as a traditional executable, the OS gives it so much access to your private data that the term "leak" isn't meaningful any more. Any video game you install as a .exe can silently access every email and online banking account you either are logged into or will log into in the future.
A video game installation is a conscious choice that I can make depending on whether I trust the vendor or not. Me visiting New York Times and getting 58 trackers scraping my device configuration and preferences is not a choice.
It is not. I can open someone’s blog without knowing what trackers they have. A site has inherently a different trust boundary than an executable, and it should stay that way.
Not only that, you can vet someone's blog, decide you are ok with the trackers and revisit 24 hours later only to find that they've changed since you last visited.
And? Why should we still be adapting the security and privacy model we had 20 years ago?
To your analogy, 20 years ago this bit us all in the ass just as much because every EXE brought with it all sorts of toolbars and adware. I don’t want the web to become this.
20 years ago laptop weight was measured in pounds, clock speeds we're in MHz, storage was in single GB ranges, and battery life was a quarter of what it is today. Dial up was common, there was no youtube or spotify. Let's not hold ourselves to the standards of 3 generations ago of technology
And, really, when you download a game or desktop app as a traditional executable, the OS gives it so much access to your private data that the term "leak" isn't meaningful any more. Any video game you install as a .exe can silently access every email and online banking account you either are logged into or will log into in the future.