Javascript is generally enabled by default, but can be disabled within your browser settings. It is often used to determine which ads to show on a web page, set formatting and layout styles, and gather information about user activity.
So why would it be enabled or disabled?
Disabling it can considerably speed up web page load times, prevent piles of third-party advertisers from tracking things, and eliminate spyware & trojan risks.
Java is a two-way street, it sends data back to the server about the settings and usage of the browser and computer being used. Simply by looking at a web page without clicking on anything, Javascript is running.
"Java exploits" are currently being used quite often to piggyback trojans into computers. (Cell phones and PDAs are at risk too, because they are powered by Java and it can't be turned off. Blackberry/iPhone/cell hacking has become a new goldmine of identity theft because everyone stores all their phone numbers, contacts, emails, account logins, photos, and other personal info on them.)
We've also made the interesting observation that sites offering higher-ticket specialty products and services have noticably higher rates of Javascript disabled (upwards of 30%). Should we assume these people are more security-aware in general, and/or more tech-savvy?
Are the above stats surprising? Higher or lower disabling than you'd expect?
No comments:
Post a Comment