Are there any reasons, I should turn off scripts and reject all cookies?


#1

Are there any security reasons to use the disable scripts option?

Is there any security advantages to blocking all cookies?

I use Brave with DuckDuckGo and Nord VPN.

Thank you for your time.

Don


Feedback: Is security a joke with Brave?
#2

Well. First of all, You need to clearly understand what cookies exactly mean.

Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next.

Now, speaking of them, Yes. Disabling cookies & scripts can practically benefit you a lot. Not only blocking them are essential for better privacy, but also security. Let me go a little deeper for your better understanding.

Lets consider privacy first.

  1. Cookies : They are basically used to track your web activities, not only on the main sites [from where the cookie has been originated] but also all across your web. Normal users have no idea the amount of database companies like Google, Facebook & Amazon builts & shares. These are just a name of few. Take this video as an reference: https://www.youtube.com/watch?v=EKzyifAvC_U
    Note that cookies can be used as trackers as well [in a sense]

  2. Scripts: Blocking scripts can be helpful to prevent websites from building your fingerprint, for instance, what device are you using, the screen-size, the plug-ins, if add on support is enabled, and many a times, disabling scripts neutralises the ability of the website to scan your web activities like previous tabs opens, Java support, Flash & silver-light support… and much much more

Now consider Security.

  1. Cookies: They can act as a malicious vector for the malicious actors. I wont go in brief here since this article explains what i wish to express: https://www.bitdefender.com/support/cookie-threats-1.html

  2. Scripts: Not only disabling scripts would neutralize 80% of malicious scripts that are built on JavaScript to exploit & harm user or its device, but it helps you to block other kind of script based attack that could potentially lead to further exploitation, on the device level.

This was again the basic fundamental of The Privacy & Security Focused Browser Bundle Known As The Onion Router [Tor] Which has support for Addons like NoScript [A script control addon] By Default.

Hopefully this was helpful :smile:


#3

However, note that cookies & scripts are required for successful functioning like logins that require ID & passcode. Or Online Transactions. Or even basic functioning of websites that carries out excessive use Scripts [like Facebook] But with more & more functionalities, there comes a major risk of malicious vectors that could be used to exploit the user and/or its device. I prefer using the browsing with minimum required settings with an external layer of protection.

This is my setup For general browsing:

Browser with good control over Ads & trackers like Firefox quantum with Ublock Origin & Privacy Badger & NoScript or Brave Browser, Cookies disabled + Duckduckgo + VPN on host [rather then using extension]
[Enable cookies when i have to login somewhere & disable them back once I’m logged out]

Privacy/Anonymity focused browsing:

Tor with All scripts blocked + Security Level set to “safest” + All Cookies Blocked + No third party addons + VPN on host.


#4

Thanks! That is super helpful and answers my question completely :smiley:


#5

Got anything else, Feel Free To Ping Back! :smiley:

Best Regards!


#6

@BOB-vagene best response I’ve seen so far! Thanks :pray:


#7

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.