The better advice is imo to keep your browser up-to-date. JS exploits have been ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		gregoor on Oct 30, 2016 \| parent \| context \| favorite \| on: The No More Ransom Project The better advice is imo to keep your browser up-to-date. JS exploits have been come increasingly rare these days, mostly due to Chrome's excellent example of patching quickly and paying good money for exploits (e.g. Pwn2Own). JS 0days are imo far too valuable now to waste them on normal users. So no, disabling JS wouldn't make much sense, if your have an evergreen browser. Disable Flash & Java and try to minimize downloads is the security advice I give nowadays. Also don't install anything unless you absolutely have to (there are plenty of good in-browser options for programs we used to install, e.g. for file conversion).

hhmc on Oct 30, 2016 [–]

What do the JS 0days get used for nowadays?

startling on Oct 30, 2016 | [–]

Attacking high-value dissidents: https://blog.lookout.com/blog/2016/08/25/trident-pegasus/

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact