[oceanstone]

Tor has been exploited in the past in ways which only affected those who kept JavaScript enabled [1]. I actually love JavaScript, and the doors it can open for trustworthy developers, but I don't think a deep cover journalist or whistleblower should be browsing with it.

[1] https://blog.torproject.org/blog/tor-security-advisory-old-t...

[wtallis]

So, that's not Tor being exploited, that's just a Firefox bug that was used to get at Tor users because they're more interesting targets. It wasn't a case of JavaScript making Tor less private or less secure except in that it was JavaScript making everything less private and secure, and Tor doesn't protect you from that because Tor isn't a security tool.

[oceanstone]

Right, the Tor browser bundle was exploited. The context of this thread is browser usage of Tor.