> How dangerous is javascript when browsing? JavaScript is how a lot of people lose protection on Tor.
Personally, JavaScript programs have put me in the following situations:
* unable to highlight text in article with cursor
* unable to copy text in article with Ctrl+C
* pop-ups
* fan acceleration
* kernel panic (I'm looking at you, Twitch!)
> Does anyone in this forum browses the Internet with a javascript-disabled
> browser?
I do most the time.
> Or maybe you just disable it when you are visiting a website you don't trust?
Even if I can assume a JavaScript program is not malicious, I still
refuse to run it because it is proprietary software. My only exceptions
are free JavaScript, job applications, and Reddit.
Also, if I just installed a new system and haven't bothered setting up
AVideo (youtube-dl without DRM or background JS execution) I will
temporarily use YouTube's proprietary embedded player if I'm certain the
video won't be blocked by DRM when I go to download it with AVideo.
More info about AVideo: https://notabug.org/GPast/avideo
> What does the LibreJS add-on do?
LibreJS is pretty neat. It tries to automatically detect if the scripts
embedded in a page are under a free license.
Unfortunately, this only works on a tiny amount of sites, and even GNU
projects like GNU Taler have issues getting their site to pass LibreJS.
However, the practices required by LibreJS aren't just stupid
requirements of LibreJS. They're actually probably the only way you
could legally distribute embedded JavaScript if it is under the GNU
General Public License.
In addition, it's really the only polite thing to do. Everything else
on a website has copyright information at the bottom of the page, so why
do people just neglect the copyright information on embedded scripts?
It's only logical that there is a page on the site disclosing ALL
copyright info to readers, incl. copyright on scripts.
People may hate LibreJS because it does not work at all and probably
never will, but everyone should be telling site owners to be transparent
about the copyright information of the programs embedded in their pages.
Composing an email to ask about copyright is a lot more work than just
going to the bottom of the page to see copyright notices.
> Does it make web browsing safer?
Yes. It prevents crashing from heavy web apps, and it limits what
Facebook and other malicious sites can do when you type stuff in their
forms. (They can't use JS to log keystrokes you never publish.)
> Once I get some answers here I may understand Zeronet dangers [1].
>
> Thank you.
>
> [1] https://trisquel.info/en/forum/zeronet-and-javascript
>
--
Caleb Herbert
OpenPGP public key: http://bluehome.net/csh/pubkey
signature.asc
Description: This is a digitally signed message part
