[babyloneleven]

They make many useful websites unusable though. And when you whitelist you're then vulnerable, because there's no way to know some Javascript doesn't contain an exploit (do you run anti-virus on the web pages you visit?)

[vbezhenar]

Any downloaded executable might contain a virus. That does not mean that I'm not going to download anything from the Internet. But also I'm not going to run every executable that happened to load in my browser. Good websites take a great care to protect their users from malicious scripts. So you should use your own judgement to decide whether you trust that website or not. I definitely don't trust some random website that I've opened by following some links. So I'll browse it without JS and if it does not work, I'll think twice whether I want to risk opening it. But if I'm opening something like stackoverflow, probably I'm safe and they won't run side channel attacks on my computer.