Security and Javascript

MJ Ray mjr at phonecoop.coop
Fri Jun 28 10:06:18 UTC 2013


On 28/06/13 10:18, Alessandro Rubini wrote:
> It is true (modulo my ignorance of javascript), we don't want to tell,
> because it would be seen as paranoid.  The tech world is way beyond
> this.

"# Keep Flash, Java and JavaScript disabled in your web browser, except
for sites that really need it." -- Andrew Ludgate, Sophos (proprietary
anti-virus vendor)

I'm sure you can find many more experts offering similar advice.

It's mainly those with some interest in javascript, like browser makers
and hipster website developers who, are "way beyond this", not the tech
world.

I'd love it if we shared good practice and encourage people to install
things like noscript.net.

On my (CyanogenMod10 and f-droid) phone, I have two browsers: one with
javascript that I use for a few web apps that don't work without it
(including one of the telco ones, annoyingly!); plus one with scripts
switched off.  That's worth it, isn't it?

Regards,
-- 
MJ Ray (slef), member of www.software.coop, a for-more-than-profit co-op
http://koha-community.org supporter, web and library systems developer.
In My Opinion Only: see http://mjr.towers.org.uk/email.html
Available for hire (including development) at http://www.software.coop/



More information about the Discussion mailing list