News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Can you leave javascript enabled on Whonix? : whonix | Torhoo darknet markets

I was looking at the features section on the Whonix website and it states "By using Whonix, the user can anonymously use Java / Javascript." Is it still advisable to leave JS disabled? Can you safely enable it to use services that require JS, and still remain anonymous?
/u/MerchantX
1 points
10 months ago
For 99% of cases you should be fine. Just watch out for the 1% where a whonix-busting zero day is found in Tor's JS engine.

You can be a bit safer by using a separate system that is directly connected to your Whonix workstation VM to do your actual browsing. If anything bad happens to the browsing PC due to JS, your Whonix gateway will be completely shielded.
/u/NeonX
1 points
10 months ago*
While JavaScript itself can be harmless, if there are any potential exploits, then they would usually be done through JS. Java and JavaScript are different. JavaScript is interpreted, and used mostly on the web, while Java is usually used for applications, and can be compiled or interpreted.
Examples where Java is used include Oracle/Aconex systems, Android app development, and Minecraft.

With Whonix, the idea is that if there is any potential danger, then it would be safely contained, since the traffic is routed through another VM, so if the JS compromised the first VM, it still couldn't deanonymize any traffic, because it's the other VMs responsibility.
/u/Wetwhisperers
1 points
7 months ago
Make sense, then if there is a js exploit in the wild the exploit should find its way out of kvm hypervisor [that's what I use] to reach the actual host machine
/u/billythekidd rnod
1 points
10 months ago
You can technically, but you shouldn't.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo