[TheGreenMachine]

I searched but could not find anything on this.

As much as everyone speaks about security and anonimity here, I am somewhat shocked that no one has posted about the use of Javascript within these sites and how it can circumvent the security posters have taken. Javascript can make calls that bypass proxy services and reveal your true IP. I realize that the operators here have made it known that all IPs are stored only momenterily during login, but what about SB? I ask, because in order to change currencies you have to have Javascript enabled. I see that alone as an overlooked security flaw for the aforementioned reason. I have not attempted to order online, but what about the order process and what happens to sensitive data once the transaction is complete and the session terminated?

[TheGreenMachine]

Wow. I figured this would have a response already.

Perhaps I should re-post this in the Security forum?

[oldpink]

perhaps you should check your facts

[TheGreenMachine]

Quote:

Originally Posted by oldpink

perhaps you should check your facts

Care to enlighten me then? If it isn't an issue, then tell me why.

I use TOR and have read specifically that Javascript calls can return your real IP address.

[ballast]

Java can do what you are describing, but Javascript on a trustworthy site is little to worry about. the Tor docs cover this concern. if you are using Firefox you might want to get the NoScript extension, very handy for whitelisting which sites to allow javascript on. hope it helps.

[TheGreenMachine]

Quote:

Originally Posted by ballast

Java can do what you are describing, but Javascript on a trustworthy site is little to worry about. the Tor docs cover this concern. if you are using Firefox you might want to get the NoScript extension, very handy for whitelisting which sites to allow javascript on. hope it helps.

I do use NoScript as FF is the only browser I would use to hit "questionable" sites. However, as I stated, this site and SeedBoo require JS for certain functions (like accessing user settings, or changing currencies).

After what happened with OG (I was away when it all went down), I am more cautious than ever. TOR has proven to solve half the issue, JS was the other. You have at least laid my concerns with these two particular sites to rest as I have heard pretty much nothing but good over the years about GN and the way he runs his business. I am assuming Sbay is kosher as well?

Thanks, ballast.

[ballast]

yeah TheGreenMachine, Sbay excellent too from all i've heard. had the same sorts of questions when i registered here, after a while you learn whats what. check the security forum, lotsa good stuff in there.

the thing about javascript is the source code is viewable in the browser, so if there were anything funny going on here we'd hear about it.

grow safe

[oldpink]

Quote:

the thing about javascript is the source code is viewable in the browser, so if there were anything funny going on here we'd hear about it

also it depends on what settings you have in your browser or what browser you use
personally I always recomend firefox if your worried, set to max security

[ballast]

Quote:

Originally Posted by oldpink

also it depends on what settings you have in your browser or what browser you use
personally I always recomend firefox if your worried, set to max security

Open-source Firefox all the way man, no telling what secret backdoors the proprietary browsers might have nowdays. switching from IE was quite painless.