What makes JavaScript so insecure

[1942Scammer]

Some of the first things that i learned in the darknet are verify everything and don't fucking use javascript. So i want to know, what makes Javascript so dangerous that can compromise a good opsec setup?

 

[FreeTJ]

Javascript has been proven to have many vulnerabilities and contains functions that can be used for fingerprinting your browser and your self.

This tool is viewing some of the metadata that Javascript expose:
https://browserleaks.com/javascript

 

[HellCatOG]

Javascript has been proven to have many vulnerabilities and contains functions that can be used for fingerprinting your browser and your self.

This tool is viewing some of the metadata that Javascript expose:
https://browserleaks.com/javascript

oh god that entire website made me disable javascript. idk why i insisted on refusing for so long, i guess i couldn't imagine how much it can actually tell someone about you. and i assume this is just basic JS function yet a malicious actor or LE can employ much more insane js functions to id users

 

[ImposterJack]

oh god that entire website made me disable javascript. idk why i insisted on refusing for so long, i guess i couldn't imagine how much it can actually tell someone about you. and i assume this is just basic JS function yet a malicious actor or LE can employ much more insane js functions to id users

OMG my mindset has changed now, this knowledge makes me careful in everything.

 

[GeniusMidnight]

Fingerprinting aside It's untrusted code that runs on your computer. Don't run untrusted code on your computer, sandboxed or not

 

[CashFlow0day]

an website who have java script , can run a script that will reveal your real ip / bypass VPN ...this is only one well know vulnerability ...
Stay safe

 

[HellCatNPC]

The main issue with the javascript is that it allows the attacker to run a remote code on your browser. In general for the privacy and anonymity purpose the JS should be disabled at all times.