> How dangerous is javascript when browsing? JavaScript is how a lot of people lose protection on Tor.
Personally, JavaScript programs have put me in the following situations: * unable to highlight text in article with cursor * unable to copy text in article with Ctrl+C * pop-ups * fan acceleration * kernel panic (I'm looking at you, Twitch!) > Does anyone in this forum browses the Internet with a javascript-disabled > browser? I do most the time. > Or maybe you just disable it when you are visiting a website you don't trust? Even if I can assume a JavaScript program is not malicious, I still refuse to run it because it is proprietary software. My only exceptions are free JavaScript, job applications, and Reddit. Also, if I just installed a new system and haven't bothered setting up AVideo (youtube-dl without DRM or background JS execution) I will temporarily use YouTube's proprietary embedded player if I'm certain the video won't be blocked by DRM when I go to download it with AVideo. More info about AVideo: https://notabug.org/GPast/avideo > What does the LibreJS add-on do? LibreJS is pretty neat. It tries to automatically detect if the scripts embedded in a page are under a free license. Unfortunately, this only works on a tiny amount of sites, and even GNU projects like GNU Taler have issues getting their site to pass LibreJS. However, the practices required by LibreJS aren't just stupid requirements of LibreJS. They're actually probably the only way you could legally distribute embedded JavaScript if it is under the GNU General Public License. In addition, it's really the only polite thing to do. Everything else on a website has copyright information at the bottom of the page, so why do people just neglect the copyright information on embedded scripts? It's only logical that there is a page on the site disclosing ALL copyright info to readers, incl. copyright on scripts. People may hate LibreJS because it does not work at all and probably never will, but everyone should be telling site owners to be transparent about the copyright information of the programs embedded in their pages. Composing an email to ask about copyright is a lot more work than just going to the bottom of the page to see copyright notices. > Does it make web browsing safer? Yes. It prevents crashing from heavy web apps, and it limits what Facebook and other malicious sites can do when you type stuff in their forms. (They can't use JS to log keystrokes you never publish.) > Once I get some answers here I may understand Zeronet dangers [1]. > > Thank you. > > [1] https://trisquel.info/en/forum/zeronet-and-javascript > -- Caleb Herbert OpenPGP public key: http://bluehome.net/csh/pubkey
signature.asc
Description: This is a digitally signed message part