Installed the Luminous Firefox Extension (allows for disabling individual Javascript events on a per website or all website basis), so I’m just wondering which Javascript events should be blocked. I’ve already disabled “headers.User-Agent” & “NavigatorID.userAgent” because I’m pretty sure those are the ones that give out information about your browser (resolution, version, etc.) and system (O.S), but I could be totally wrong about what those two do. I’ve also disabled “scroll,” “mousemove,” and “pointermove,” just so websites don’t know where I’m looking until I click something. I’m obviously a noob for this javescript stuff, so go easy on me.
Side question; is noscript useful if I already use Luminous, or do they both do the same thing?
Thanks 
Edit: I also know that there are many other ways to track a user, such as with cookies and fingerprints. I’m just using this as a measure to help reduce what websites know about my PC and how I interact with their website. The point isn’t to stop all tracking; just reduce it.
1 Like
You liked my post @wendell , but you don’t comment? You’re the person I’d expect to know most about this subject on this forum D:
Maybe @ryan can comment instead?
Much probably depends on the specific website and its requirements for full operation.
What can be blocked in one place in another will impede the operation of the site. Separating Javascript into separate parts is a nice thing but it also quickly moves us towards the rabbit hole… Maybe you can test scriptsafe.
Block: Browser Plugin Enumeration, Canvas Fingerprint, Audio Fingerprinting, WebGL Fingerprinting, Battery Fingerprinting, Device Enumeration, Gamepad Enumeration, WebVR Enumeration, Bluetooth Enumeration, Canvas Font Access, Client Rectangles, Clipboard Interference.
Personally, I use HTTPS Everywhere, NoScript, Privacy Badger, ScriptSafe, uBlock Origin. And as you can guess, the most annoying are NoScript / ScriptSafe when policies are used to block everything. Creating rules can be annoying. While for domains that regularly visit, it is not a problem worse when there are new addresses and there is a lot of it.
Javascript is the curse of our time. I never liked flash, fortunately he died. But at the moment I do not really like javascript which unfortunately is not going anywhere.
And the saddest thing is that a normal user will not use NoScript / ScriptSafe just because of regular interactions to create rules.
I currently use HTTPS Everywhere, Privacy Badger, UBlock Origin, Cookie AutoDelete & Auto Tab Discard (to “sleep” tabs and clear their cookies), Decentraleyes, TrackMeNot, and DuckDuckGo Privacy Essentials.
What’s the difference between NoScript, ScriptSafe, and Luminous? Do they all work against Javascript, but in different ways?
The range of options is different …
NoScript is actively developed and allows you to control variables such as script, object, media, frame, font, webgl, fetch, other.
ScriptSafe is no longer developed but it had a much wider scope of configuration.
Luminous is focused on js in a wide context.
If we are talking about js then the problem remains what a specific website requires.
I’ve seen website that do not want to work correctly when you block variables from mouse movement … etc.
This is in a sense a game of cat and mouse. It would be best to create an add-on which instead of blocking would generate fake white noise and feed spies with meaningless data all the time regardless of the actual action of the user.
They are spying on us everywhere in every possible way.
The world is a damn jungle, buy ak47 and be ready for zombies.
1 Like
I wish this could be the case for so many things, such as with Android apps. But instead, it’s either I give them my data, or the website/service (often) doesn’t work if I don’t.
Thank you for your help @TimHolus . I guess there isn’t a simple way to block javascript elements on all websites and have everything function as normal.
I have not heard about the universal method unfortunately. You would have to create rules down for each www. Block everything and gradually unlock only the necessary minimum. But it will be a terrible job and still a lot of information will leak anyway.
1 Like