• Kushan
    link
    English
    159 months ago

    I don’t think your second point is correct. You can still embed analytics on a static website. I believe you’re conflating it with your first point by assuming that scripts are disabled on the browser side, in which case it’s a bit of a redundant point.

    I also think it’s a bit unrealistic in this day and age to run with scripts completely disabled. I know it sucks, but we need better ways of protecting our privacy and disabling all scripts is a bit of an extreme measure given so much of the modern web relies on it.

    • @thesystemisdown
      link
      English
      3
      edit-2
      9 months ago

      I think it’s impossible if you want for things to work. JavaScript is so ubiquitous it’s been baked into the browser since 1995.

    • mox
      link
      fedilink
      2
      edit-2
      9 months ago
      1. My first two points make a distinction between fingerprinting and more invasive attacks that JavaScript has enabled, including data exfiltration. You might not have encountered the latter, but that doesn’t make them the same thing. (Also, the analytics you refer to that are possible without scripts are far less invasive than what scripts can do, as is hinted in my second point.)
      2. It’s not unrealistic, since scripts can be turned off by default and enabled selectively when needed. (But were that not the case, it would be reason to use them less, not more.)