Security and Javascript

MJ Ray mjr at
Fri Jun 28 10:06:18 UTC 2013

On 28/06/13 10:18, Alessandro Rubini wrote:
> It is true (modulo my ignorance of javascript), we don't want to tell,
> because it would be seen as paranoid.  The tech world is way beyond
> this.

"# Keep Flash, Java and JavaScript disabled in your web browser, except
for sites that really need it." -- Andrew Ludgate, Sophos (proprietary
anti-virus vendor)

I'm sure you can find many more experts offering similar advice.

It's mainly those with some interest in javascript, like browser makers
and hipster website developers who, are "way beyond this", not the tech

I'd love it if we shared good practice and encourage people to install
things like

On my (CyanogenMod10 and f-droid) phone, I have two browsers: one with
javascript that I use for a few web apps that don't work without it
(including one of the telco ones, annoyingly!); plus one with scripts
switched off.  That's worth it, isn't it?

MJ Ray (slef), member of, a for-more-than-profit co-op supporter, web and library systems developer.
In My Opinion Only: see
Available for hire (including development) at

More information about the Discussion mailing list