
Re: Javascript
I normally just run 'noscript'
and if a web site is SO scripty that allowing its components would either screw up my personal "block JS mode" security model (i.e. allowing sites like CloudFlair or Google Analytics) or else (due to all of the 3rd party servers) requires SO many 'allow' clicks that it becomes IMPRACTICAL, then I do the simple thing:
a) use 'su' to switch to a totally unprivileged dedicated user
b) use the 'export DISPLAY=localhost:0.0' method to run FF on the desktop already running
c) set up FF to allow script, but erase ALL history and cache when it closes [I like this feature]
d) don't open ANY tabs not related to THAT web site
then, any tracking they do will be on what I did on THEIR SITE ONLY, and it all gets erased when I'm done - cookies, 'crackers' (script that stays running when I close a page), history, web cache, yotta yotta. "Track That" - ha ha ha ha!
Now, if their VPN plugin involed the TOR network, I might be interested.
I also can't blame them for trying to monetize their (otherwise free) browser.
I've ALSO been wanting to fork their browser for a while, RESTORE the 3D skeuomorphic menu-based system with NO 'hamburger' icon, like what the legacy UI plugins let you do prior to 57... so maybe a fork like that would DEFAULT TO USING TOR ??? [oh wait, that's been done, hasn't it? 'Onion' browser]