Original question by @happeningtofry99158@lemmy.world

As a security-conscious user, I’ve used NoScript since Firefox’s early days, but its restrictive nature has become frustrating. I’m often forced to go unprotected just to access websites with multiple scripts running on different domains, which defeats the purpose of using NoScript and balances security and usability that it once provided.

Is there a way to block browser JavaScript from executing commands that retrieve sensitive information from my local machine, while still allowing JavaScript that is only used for rendering web pages?

by sensitive information I’m referring to

  • local machine time
  • local machine ram
  • local machine operating system + version
  • local machine hardware
  • Serial Number
  • Hardware ID
  • UUID
  • Windows Device ID
  • Windows Product ID

greatly appreciate any insight

  • who@feddit.orgEnglish
    1·
    5 days ago

    The Tor Browser and Firefox’s Resist Fingerprinting mode hide some of the things that can be used to identify your system, but there is no way to hide them all. Short of avoiding all sites that you don’t completely trust, disabling scripts is the best protection available.

    multiple scripts running on different domains

    Off-site scripts can be blocked on a per-site basis with browser extensions like uMatrix (discontinued by still functional) and uBlock Origin (still maintained but harder to use for this purpose). To be clear, these scripts run on your machine, regardless of where they come from.