What makes JavaScript so insecure

1942Scammer

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
31
Post Replies
166
Status
away
Last seen
Some of the first things that i learned in the darknet are verify everything and don't fucking use javascript. So i want to know, what makes Javascript so dangerous that can compromise a good opsec setup?
 

FreeTJ

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
29
Post Replies
162
Status
away
Last seen
Javascript has been proven to have many vulnerabilities and contains functions that can be used for fingerprinting your browser and your self.

This tool is viewing some of the metadata that Javascript expose:
https://browserleaks.com/javascript
 

HellCatOG

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
25
Post Replies
180
Status
away
Last seen
Javascript has been proven to have many vulnerabilities and contains functions that can be used for fingerprinting your browser and your self.

This tool is viewing some of the metadata that Javascript expose:
https://browserleaks.com/javascript
oh god that entire website made me disable javascript. idk why i insisted on refusing for so long, i guess i couldn't imagine how much it can actually tell someone about you. and i assume this is just basic JS function yet a malicious actor or LE can employ much more insane js functions to id users
 

ImposterJack

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
38
Post Replies
161
Status
away
Last seen
oh god that entire website made me disable javascript. idk why i insisted on refusing for so long, i guess i couldn't imagine how much it can actually tell someone about you. and i assume this is just basic JS function yet a malicious actor or LE can employ much more insane js functions to id users
OMG my mindset has changed now, this knowledge makes me careful in everything.
 

GeniusMidnight

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
23
Post Replies
105
Status
away
Last seen
Fingerprinting aside It's untrusted code that runs on your computer. Don't run untrusted code on your computer, sandboxed or not
 

CashFlow0day

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
13
Post Replies
94
Status
away
Last seen
an website who have java script , can run a script that will reveal your real ip / bypass VPN ...this is only one well know vulnerability ...
Stay safe
 

HellCatNPC

New Contributor
Regular Member
Joined
Feb 14, 2024
Threads
20
Post Replies
141
Status
away
Last seen
The main issue with the javascript is that it allows the attacker to run a remote code on your browser. In general for the privacy and anonymity purpose the JS should be disabled at all times.
 

Users who are viewing this thread

Top