Question javascript opsec

GOUPIL

Don't buy from me
Resident
Joined
Sep 14, 2022
Messages
66
Reaction score
18
Points
8
Hello BB users!

I was wondering what is the best way to be secure with javascript?

(my computer can't run qubes, so please tell me other things)

Stay safe!
 

cubesquare

Don't buy from me
Resident
Joined
Oct 11, 2022
Messages
150
Reaction score
97
Points
28
That is an incredibly broad question.
The BEST way is to avoid it completely.
This is obviously not always possible.
Reduce your reliance on any form of scripting and apply standard secure coding practices against everything you do.
Determine what your threat landscape looks like - the CIA/Mossad are going to find a way into your data, script kiddies maybe not - who are you protecting against.
Where is the sensitive data being held, is it easily accessible once you've been hacked?
Sorry - this is not helpful directly because I have zero visibility into your full environment/exposure window.
 

GOUPIL

Don't buy from me
Resident
Joined
Sep 14, 2022
Messages
66
Reaction score
18
Points
8
ok thanks for the answer! but imagine: you have no choice... what's your choice? whonix? vpn? tor? tails?
 

cubesquare

Don't buy from me
Resident
Joined
Oct 11, 2022
Messages
150
Reaction score
97
Points
28
My choice? I would run everything in a docker container and have the container routinely rotated. I would run that container within a secure OS - behind a dedicated firewall.
My knowledge would allow me to run this all on a number of platforms because I know this area.

Maybe I am misunderstanding your question.

Are you wanting to secure your own JS on your own server, or wanting to secure yourself from rogue scripts on systems you connect to as a user?

If it is the second one and your existing machine doesn't work for qubes (or you don't have dual boot available or anything) then I would install tails on a usb stick and boot into that or run tails on a raspberry pi or similar and remote desktop to that for all of your insecure testing. That way every time you reboot, you zero whatever was done, so even if you do compromise the machine with a bad actor link, you reset it as soon as it restarts.
 

GOUPIL

Don't buy from me
Resident
Joined
Sep 14, 2022
Messages
66
Reaction score
18
Points
8
thanks for the answer!
i was asking that because i wanted to use the BB forum with javascript and still being secure!

(i will read the article Grandthumb123)
 
Top