Meltdown & Spectre vulnerabilities and javascript

I’m sure folks here are aware of the publicity surrounding these two issues with pretty much most hardware and software platforms. If not just google it :wink: and you will be flooded with information.

Just to point out that disabling javascript is being recommended as a temporary fix for some of the problems associated. This in turn will stop both freshWDL and the Steelseries gauges working in peoples browsers if this is implemented.

Stuart

On Saratoga templates, it will stop the AJAX updates too. But… the Saratoga templates were designed to work without requiring JavaScript – the JavaScripts just provide a more realtime update capability. Other templates using JavaScript frameworks for presentation will cease to operate if JavaScript is disabled.

The more prevalent issue (than Spectre/Meltdown) is the widespread deployment of cryptominer JavaScript malware via ad networks – It’s good to have plugins like ad block/uBlock/NoScript to prevent malicious ads from downloading and consuming all your CPU power to mine virtual currency for some miscreant.

I ALWAYS browse with javascript off. It is enabled on specific sites thanks to noscript. This is exactly the reason I have all browser side scripting off, dns blackhole, ublock, large hosts file, all set very aggressively. I do find a lot of sites are broken while doing this but its a price to pay.

FYI, this forum doesn’t set off any of my blockers even with scripts being permitted here. Its disgusting out there and I’ve seen “popular” sites loading all kinds of 3rd party scripts of dubious origins. When your site is loading scripts from 20-30 different domains, you have problems.