1

Heard that JavaScript interferes with Tor when browsing the internet causing a breach in its security wall, having the effect of a hole in the ozone layer. Why is this? How does this breach work exactly.

The image below shows how to enable Javascript in Tor browser, but notice the next option Allow Scripts Globally (dangerous), which implies Javascript in Tor is somehow dangerous. Why?

enter image description here

Is there a way to actively proof-check to oneself whether enabling or disabling JavaScript is interfering with Tor's ability to anonymize my traffic?

Swangie
  • 994
  • 2
  • 8
  • 32
user610620
  • 272
  • 2
  • 8
  • 17

1 Answers1

1

It is possible that NoScript means allowing JavaScript to run unrestricted in general, not just in the Tor browser but also all browsers, can be very dangerous since after all, it can lead to tracking, XSS, Cross-Site Request Forgery after all. However, if NoScript specifically means allowing JavaScript in Tor browser is dangerous, it could be due to the potential for malicious scripts. Scripts that could accidentally make you install extensions/plugins and compromise your security, scripts that could allow for Self-XSS, or uneccesary scripts that could greatly slow Tor browser down, etc. If the user doesn't have the best security mode enabled, NoScript acts as a second layer of defense for the user's privacy which could be compromised through JavaScript.

TL;DR: NoScript considers using JavaScript unrestricted since it could hurt the user's experience by compromising their privacy through the methods mentioned above. It's not as though it would immediately make you identifiable, but it could increase the chance of hurting your privacy/anonymity. That's why Tor browser has a setting to make the privacy mode "safest" which disables JavaScript, since it can hurt your anonymity/privacy.

Swangie
  • 994
  • 2
  • 8
  • 32