I was browsing Gemini (the protocol, not the AI) when I came across this gemlog:
I usually disable JavaScript, but this post advises against it. I am also worried by the fact that most users of Fingerprint.com, Am I Unique?, and Cover Your Tracks will likely be using private browsers, so the real-world results would be quite different.
What do you think?
Disabling JS will definitely break websites, but I disagree that it will make you more ubique. Sure, you are now one of the few people with JS disabled, but JS enabled basically uniquely identifies you already. Plus, JS is also a huge attack vector, so if you are that “paranoid” you may as well reduce your attack surface.
Note: I’m not a security expert.
Having JS disabled is very rare for non-bot traffic, so you stand out far more. It isn’t about uniqueness, you are already unique if you aren’t using Tor/Mullvad browser(s). While disabling JS protects against certain kinds of fingerprinting, there is pure CSS and TCP fingerprinting. Firefox RFP (eg. Librewolf) and whatever Cromite or Brave have help to protect against much of JS fingerprinting. You are only ever going to fool naive scripts which these browsers already do a good job of that.
As for security, having JS disabled is a benefit. Just know since you will very likely have to enable to again quite often for random websites, you’ll become used to doing that to the point that it may as well be useless. If a random website doesn’t load just leave it, unless it is worthy of some actual trust. Even more useful would be setting up uBlock Origin with a blocking mode, such as medium or hard.