• Kushan@lemmy.world
    link
    fedilink
    English
    arrow-up
    15
    ·
    9 months ago

    I don’t think your second point is correct. You can still embed analytics on a static website. I believe you’re conflating it with your first point by assuming that scripts are disabled on the browser side, in which case it’s a bit of a redundant point.

    I also think it’s a bit unrealistic in this day and age to run with scripts completely disabled. I know it sucks, but we need better ways of protecting our privacy and disabling all scripts is a bit of an extreme measure given so much of the modern web relies on it.

    • thesystemisdown@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      edit-2
      9 months ago

      I think it’s impossible if you want for things to work. JavaScript is so ubiquitous it’s been baked into the browser since 1995.

    • mox@lemmy.sdf.org
      link
      fedilink
      arrow-up
      4
      arrow-down
      2
      ·
      edit-2
      9 months ago
      1. My first two points make a distinction between fingerprinting and more invasive attacks that JavaScript has enabled, including data exfiltration. You might not have encountered the latter, but that doesn’t make them the same thing. (Also, the analytics you refer to that are possible without scripts are far less invasive than what scripts can do, as is hinted in my second point.)
      2. It’s not unrealistic, since scripts can be turned off by default and enabled selectively when needed. (But were that not the case, it would be reason to use them less, not more.)