[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] allowing javascripts and using bookmarks



There are two issues I can think of from the top of my head.

JavaScript can be used to glean additional, potentially unique, information
about your system. This information can be used to identify you on
subsequent visits, just like a cookie. If you are logging into these
websites then they already know that you are you anyway.

However there could be an issue if these websites share this identifiable
information with a third party who can then recognise you when you visit
his site. This could be particularly bad if personally identifiable
information such as your name is connected to one of these sites.

I expect Tor browser tries to do something to limit the information
available to JavaScript but you should verify that for yourself.

Another issue with JavaScript is that it can be used to try and exploit
security vulnerabilities in your web browser and (if successful) run
malicious code on your computer.

I don't think it is the end of the world if you decide to enable
JavaScript, especially if it is just for a handful of services you really
need.

I hope this information if helpful for you to understand the risks a little
better.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk