> They're actually probably the only way you
> could legally distribute embedded JavaScript if it is under > the GNU
> General Public License.
Onpon4 makes some good points on this here:
https://onpon4.github.io/other/kill-js/
> and it limits what
> Facebook and other malicious sites can do when you type stuff in their
> forms. (They can't use JS to log keystrokes you never > publish.)
I find this is the quickest way non-techie people that non-free JavaScript
can be dangerous. It doesn't hurt to also mention that *what* you type isn't
all a site can get from your keystrokes.
https://www.secureauth.com/products/secureauth-idp/behavioral-biometrics
