• This forum actively discusses syntheses of psychoactive substances. Our forum is engaged in a research activity and does not encourage anyone to produce, distribute or use drugs! If you are less than 18 years old, leave BB forum immediately!

javascript opsec

GOUPIL

Member
Joined
Sep 14, 2022
Messages
53
Reaction score
17
Points
8
Hello BB users!

I was wondering what is the best way to be secure with javascript?

(my computer can't run qubes, so please tell me other things)

Stay safe!
 

cubesquare

New member
Joined
Oct 11, 2022
Messages
23
Reaction score
11
Points
3
That is an incredibly broad question.
The BEST way is to avoid it completely.
This is obviously not always possible.
Reduce your reliance on any form of scripting and apply standard secure coding practices against everything you do.
Determine what your threat landscape looks like - the CIA/Mossad are going to find a way into your data, script kiddies maybe not - who are you protecting against.
Where is the sensitive data being held, is it easily accessible once you've been hacked?
Sorry - this is not helpful directly because I have zero visibility into your full environment/exposure window.
 

GOUPIL

Member
Joined
Sep 14, 2022
Messages
53
Reaction score
17
Points
8
ok thanks for the answer! but imagine: you have no choice... what's your choice? whonix? vpn? tor? tails?
 

cubesquare

New member
Joined
Oct 11, 2022
Messages
23
Reaction score
11
Points
3
ok thanks for the answer! but imagine: you have no choice... what's your choice? whonix? vpn? tor? tails?
My choice? I would run everything in a docker container and have the container routinely rotated. I would run that container within a secure OS - behind a dedicated firewall.
My knowledge would allow me to run this all on a number of platforms because I know this area.

Maybe I am misunderstanding your question.

Are you wanting to secure your own JS on your own server, or wanting to secure yourself from rogue scripts on systems you connect to as a user?

If it is the second one and your existing machine doesn't work for qubes (or you don't have dual boot available or anything) then I would install tails on a usb stick and boot into that or run tails on a raspberry pi or similar and remote desktop to that for all of your insecure testing. That way every time you reboot, you zero whatever was done, so even if you do compromise the machine with a bad actor link, you reset it as soon as it restarts.
 

GOUPIL

Member
Joined
Sep 14, 2022
Messages
53
Reaction score
17
Points
8
thanks for the answer!
i was asking that because i wanted to use the BB forum with javascript and still being secure!

(i will read the article Grandthumb123)
 
Top