How dangerous is it to allow Google javascript?

I know it’s dangerous to allow javascript on some website. But very often if you want to register on a website you need to type captcha. If you want to see captcha you need to allow javascript from google and some more google affiliated websites. How dangerous is it ?

You’re allowing the most cutting edge fingerprinting code to run in your browser. So depending on how badly you need to access the site and how you complete that CAPTCHA you decide.

Hi Hiddennn5

https://whonix.org/wiki/Data_Collection_Techniques#JavaScript

But Tor browser have same fingerprint for all users

Fingerprint means many things. I’m talking user behavior like keystrokes and how you complete the CAPTCHA can potentially be linked back to you.

1 Like

Advanced Tor Browser Fingerprinting A good article
You can avoid Mouse wheel fingerprinting - using a normal computer mouse with a mouse wheel instead of a trackpad
And it looks like you can’t avoid Mouse Speed fingerprinting, CPU Benchmark fingerprinting, getClientRects fingerprinting

I’ve spoken with the author of this blog post before. I came to the conclusion that in VMs this is not a problem since hardware emulation makes it uniform.

However other data such as biometrical information like how you use your mouse and keyboard is a harder problem that needs a specialized solution. Fortunately there is one in progress.