I dislike ad tracking, information culling, and I think that JavaScript underpins and makes possible many of the things I dislike about the modern web. We agree on that I'm sure. But so does a web browser. So does the operating system it runs on. Turning off JavaScript only protects you from the parts of the web you don't like by breaking all of the web so much that nothing runs as it's supposed to - but what's the point in browsing a shattered web?

I am a front-end dev, and I've hit the extent that CSS will allow me to style and lay out pages. I need per-element @media queries, and the ability for elements to peek inside and count their contents so I can make it fit into the space better. JavaScript lets me to do that, but I'm afraid that if you disable JavaScript from today forward you're going to run into this a lot more.

It doesn't take a whole ton of JavaScript to supercharge a CSS layout, but if you block all JS you're going to be looking at a broken page.

I use text-mode browsers on the command-line, and for checking the source of pages from the command-line so I understand when there's a time and place for restricted browsing and it's less useful than a full browser to me because of it.

Having said all that, would you mind explaining why you choose to break your exerience of the web by disabling JavaScript, and what gains you perceive from the exercise. I'm genuinely curious but can't find any of you no-JSers in person anywhere.

There are many blogs that don't work at all without JS. I don't bother reading them. Those blogs might be very informative; but my security is worth more than that.

- Poorly written JavaScript that causes my system to stall for a time, to the point where I have to kill all my browser's processes manually; more common than you'd think.

- Websites that attempt to mine cryptocurrencies using my browser with JavaScript; without my knowledge or permission.

- Then there's XSS and CSRF vulnerabilities that can leverage JavaScript to hijack active sessions.

And I am probably forgetting a few more reasons..

I do enable JavaScript for specific trusted websites, and I make temporary exceptions every now and then if necessary. But, I usually try to keep the list of exceptions short.

In regards to needing JavaScript for styling / design purposes.. Are you sure you need it? It might take you a bit longer to tweak and restructure the HTML and CSS to accomplish your design without JS, but it's well worth it.

I am intrigued. Can you send me a URL of somewhere that will mine bitcoins on my computer?

https://bitcointalk.org/index.php?topic=9042.0

http://www.bitcoinplus.com/miner/embeddable

https://github.com/progranism/Bitcoin-JavaScript-Miner

You should probably not embed such scripts into your website(s). If it's not illegal, it's certainly super shady, and an extremely inefficient method of mining bitcoins.

When I asked why they disabled JavaScript, it was rare to get any sort of coherent answer. Usually they would just mumble about viruses, or occasionally about privacy, but every single one of them cited "a friend" as the original source of whatever reason they had.

So my theory is that most people disable JavaScript "just because". Reminds me a bit of the five monkeys and a ladder experiment.

Summary

I generally browse the web to read things. I want a simple document reading environment with limited power over my computer and minimisation of who is informed of my activities particularly as they cross between different sites. Javascript is not needed and is in fact detrimental to these aims in the majority of cases.

--

I use NoScript so in many cases I enable scripts but in others I don't, it depends on the value of what I expect to see and to some extent on the trust in those the scripts are being loaded from.

Sometimes the page is broken although not fatally, most Washington Post links look broken but work fine if you scroll down to where the actual article is.

Some domains are whitelisted permanently but more often I will temporarily allow .

Reasons - Privacy and control

Some sites want me to load Javascript from dozens of different domains, many of which are advertisers and trackers. I don't want to be tracked and each script loaded could be reporting almost anything about the page I am viewing back to the associated domains.

Disabling Javascript disables most of the intrusive moving/audible adverts on the web and hopefully also much of the tracking and privacy invasion that goes along with them.

Of course there is a difference between web applications and information sharing. I don't mind Javascript for an application that needs it but I tend to prefer non-web apps anyway.

It seems odd to me how much work goes into making a web page do things that don't need to be done.

If your web page doesn't work without javascript, you are no longer publishing to the entire world. You are publishing to the subset of everybody who will trust a complete stranger to execute unknown code locally on their own computer--otherwise known as the gullible and the naive.

While it is true that most website authors will not abuse that trust, they may not be entirely responsible for all elements served to visitors, as there may be a compromised ad server, or the website itself might have been subverted without the author's knowledge.

I will often at least temporarily allow scripts to run from the domain I am currently visiting, but if a page is serving scripts from 30 different domains, I may spend some time researching those domains, or simply forget about the page and go elsewhere.

I want my computer to serve my desires, not those of strangers. And I go to the web for information, not fancy layouts.

Also, I sometimes browse over a SSH shell with links, a text-mode browser, and javascript support in that has been suspended indefinitely. Some browsers are simply incapable of rendering images or executing script. You shouldn't ever be tying the core functionality of your website to a user interface, any more than you should make the business logic of software dependant on the GUI.

So, what OS do you run, exactly?

I don't consider Microsoft, Google, Debian, Apple, Nintendo et al to be complete strangers. I don't trust them unconditionally (hence all the rooted, modded, and jailbroken devices in my home), but I do trust that if I do discover malfeasance, that I have some well-established path to seek redress, and that they have the bank accounts, insurance policies, and reputations necessary to make me whole again.

I'm not nearly as trustless as RMS, but I am at least aware enough of the problem to be skeptical even of the software I have actually paid for, and downright paranoid towards everything else. Even the stuff I write myself could be subverted by a compromised compiler or OS. But like the two friends fleeing from the tiger, you don't have to run faster than the tiger to escape; you just have to run faster than your friend.

If someone is likely to be more damaged by breaching public trust and getting caught at it than you are likely to be damaged by trusting them when you should not, you're probably safe to trust them. But then again, even Sony can install a rootkit. You can trust, but remember to verify.

I use No-Script and whitelist sites as required, it's just a click or two, but for any new site I go to JavaScript is disabled.

The web with Javascript enabled is simply broken. Sites take ages to load, refuse to show you content, throw overlays all around the screen, or just stop working.

And then, there are security considerations. But as I said, I never remember them.

But, of course, there are always exceptions.

The majority of the content I consume online doesn't _need_ js. In the sense that it's easily possible to design websites to display text and writings without needing js. So from a practical standpoint, I think js is mostly unnecessary. There are obviously services which wouldn't be possible without js (e.g., openstreetmaps), and I do un-block js for those sites.

You are of course correct that js is not the only way users can be tracked, however it is one of major components in tracking.

Looking at the EFF's panopticlick [0], with js blocked: > Within our dataset of several million visitors, only one in 57,814 browsers have the same fingerprint as yours. Currently, we estimate that your browser has a fingerprint that conveys 15.82 bits of identifying information.

With js enabled: > Your browser fingerprint appears to be unique among the 4,104,774 tested so far. Currently, we estimate that your browser has a fingerprint that conveys at least 21.97 bits of identifying information.

So even something as simple as disabling javascript turns my online fingerprint from being unique to being one of 5% of users who have used that site. So while disabling js doesn't make one immune to tracking, it does make it more diffuclt.

In summary, for most of my use of the web, js is unnecessary and does more harm (tracking) than good (it's not needed for consuming text). I enable it on a case-by-case basis for some websites, if it's needed. But unless the js is truly critical to the presentation of the information, I won't enable it and I'll likely leave the site. Because, yes, much of the web is broken without js; but that's frequently due to (in my opinion) poor site design which doesn't fail gracefully in the absense of (usually unnecessary) js.

I'm not sure what to do about the people who turn JavaScript off, the reason I reach for it are when HTML and CSS can't do something.

Because this "experience" is not designed with me (the user) in mind. Most of the times it is created to extract value from me, not to provide it for me. Aside from webapps, which use JavaScript to drive the program doing things useful for the users, JS serves two main purposes:

- so that advertisers can better target ads for me (their ads are mostly worthless, I don't want them anyway)

- so that the website author's sales team can "convert" me easier (I want to be "converted" by value of what they offer, not by cheap "experience" tricks)

JavaScript is mostly detrimental to the main goal I browse web for: to learn, read stuff I care about and participate in meaningful discussions.

Unfortunately Internet today is one big marketing event. The real value is being drowned by all that startups and companies trying to sell me some half-baked nonsolution to my nonproblems.