Enturb is broked...

Javascript does not IPfag you by it's existence.

Malicious javascript can be created that could (in theory, i think flash/Java is more a concern than javascript I'll have to check some time) .
This site does not enable users to post javascript at all, so it's redundant as only this sites script will ever be run here and none of the scripts we use collect IP's.

If you go off site then thats a different matter, but then it becomes irrelevant to the question of javascript on this site.

Tor is considerably safer if you use it with the noscript plugin for firefox and are conscious of which domains are approved via that. Read the tor security guidelines from the Tor homepage.

^^^True...if I'm honest...I'm just really untrusting :)

Quote:

Originally Posted by Slippery

That's the problem...I use TOR diligently...but Javascript doesn't use the browser's IP setting. This is why Javascript IP-fags you if you're using TOR.

This is retard

Now that get you looking. Javascript is supposed to receive only data from the site you are visiting, and is not able to get any data from your computer. You trust your browser's implementation of Javascript for that. Typically a script just display a value that the server send to it, which could be the IP that the server communicates with you.

It's possible, everything is possible, for IP to leak, but you are talking browser vulnerability. These are headline news in the IT industry. There are price money for the discovery of them, and I would think criminals are charging big money for undiscovered vulnerabilities.

To get IP fag (for example) you have to visit a site that you trust, who serve you malicious Javascript instead, then execute arbitrary code, including access to system calls to you OS. Your IP is only one of you numerous problems, if you still have a working computer left afterwards.

Currently there is one such unpatched vulnerability in Firefox 3, which also exists in FF2.

While everybody is vulnerable, it's easy to check who's the criminal. You can write a script to log the Javascript downloaded from a site say every 15 min, for criminal activities. It's a risk for Scilons to exploit these vulnerabilities.

If you disable Javascript when you are visiting Enturbulation, that would close unpatched loopholes such as these. But why would you post on Enturbulation? Because it is popular. Why is it popular? Because many people trust their IP with it, don't bother or not patient enough to use TOR. Safety by numbers. If more people are careful and patient, perhaps decentralization would have been more successful, and Enturbulation won't be that much a victim of it's success, always having money good enough for a few months. Otherwise, Usenet ARS has all the Scientology archives since the dawn of the internet, major discussion boards and social networks cost nothing, unlimited bandwidth. If you have a $5,000 bounty on your IP, it's doesn't matter if you are logged in Yahoo, Google, Ning, MySpace or Enturbulation. Every staff have a price.

Free hosting have its advantages. My website is hosted on Google, on a server that I have no control of. Javascripts are mostly open source API such as Dojo, or Google API, with all codes hosted by Google, except for a tiny bit of glue logic in a small file. Try to exploit any vulnerabilities with that.

I can't post with Safari (I'm on a Mac) even if I have javascript on.

Hm the macfags on staff havnt complained but i dunno if they use safari. I don't have a mac here to test it :(

I just had someone with a mac test this in safari, they said they could accept the rules fine.

I dunno much about mac's tbh, but i might just rip out the JS from this mod.

Think i got it all switched over to no longer use javascript.

Least it worked in FF3 with JS disabled for me.

test post from Safari on a mac. That seemed to work fine.

Quote:

Originally Posted by core

I am going to go ahead and change the whole site to HTML for usability.

Change it to XML.