What makes JavaScript so insecure

1942Scammer

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
21
Post Replies
117
Status
away
Last seen
Some of the first things that i learned in the darknet are verify everything and don't fucking use javascript. So i want to know, what makes Javascript so dangerous that can compromise a good opsec setup?
 

FreeTJ

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
13
Post Replies
98
Status
away
Last seen
Javascript has been proven to have many vulnerabilities and contains functions that can be used for fingerprinting your browser and your self.

This tool is viewing some of the metadata that Javascript expose:
https://browserleaks.com/javascript
 

HellCatOG

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
14
Post Replies
111
Status
away
Last seen
Javascript has been proven to have many vulnerabilities and contains functions that can be used for fingerprinting your browser and your self.

This tool is viewing some of the metadata that Javascript expose:
https://browserleaks.com/javascript
oh god that entire website made me disable javascript. idk why i insisted on refusing for so long, i guess i couldn't imagine how much it can actually tell someone about you. and i assume this is just basic JS function yet a malicious actor or LE can employ much more insane js functions to id users
 

ImposterJack

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
23
Post Replies
101
Status
away
Last seen
oh god that entire website made me disable javascript. idk why i insisted on refusing for so long, i guess i couldn't imagine how much it can actually tell someone about you. and i assume this is just basic JS function yet a malicious actor or LE can employ much more insane js functions to id users
OMG my mindset has changed now, this knowledge makes me careful in everything.
 

GeniusMidnight

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
16
Post Replies
71
Status
away
Last seen
Fingerprinting aside It's untrusted code that runs on your computer. Don't run untrusted code on your computer, sandboxed or not
 

CashFlow0day

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
10
Post Replies
68
Status
away
Last seen
an website who have java script , can run a script that will reveal your real ip / bypass VPN ...this is only one well know vulnerability ...
Stay safe
 

HellCatNPC

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
12
Post Replies
85
Status
away
Last seen
The main issue with the javascript is that it allows the attacker to run a remote code on your browser. In general for the privacy and anonymity purpose the JS should be disabled at all times.
 

Users who are viewing this thread

Top