The Internet is a gift from God. Everything in this world exists solely for His glory. It remains for us to discover how to use it for that purpose. That includes the Internet; it’s the greatest tool in human history (so far) for spreading the gospel of His Son, Jesus Christ.
But that doesn’t mean it can’t be used for evil. Try to understand that the system is run by people who serve the Devil, some knowingly, but most are deeply deceived about it. In order to pursue your calling to divine glory on the Internet, you cannot blithely wade in like it’s all good.
Worse, increasing numbers of websites don’t just use JScript, but they demand you turn it on for access. That’s fine if it’s just something you wanted to see; you can live without it. That’s not so fine when it’s required to access government services or government-mandated services (banking, insurance, etc.). JScript is a forced vulnerability in your browser that leaves your system wide open to all kinds of attacks. It is easily the single greatest route used by criminals to gain control over individual computers and other devices connected to the Internet. For example, Android as an operating system is mostly JScript in itself.
Worst of all, nobody is doing much to help the hapless users. The few effective tools out there require way too much technical expertise to be of any use at all. JScript appears on most websites from third party providers, and stuff like NoScript requires you already know which sources are generally trustworthy. Way too many advertisers, for example, refuse to make even the tiniest effort to filter who gets to insert advertising in their ubiquitous ad windows pasted into every website, it seems. Meanwhile, it’s very easy for criminals to purchase a spot in the ad rotation, and add attacking scripts to those ads.
Currently, the only user-friendly means of control is all or nothing. You can get a button installed into the interface of most browsers to turn off JScript as needed. Of course, most of the various ad-blockers work by detecting the scripting that links in advertising; that’s how they work. But for general protection, there are virtually no smart plugins to help you.
A lot of sites that depend on advertising revenue also make zero effort to restrict what advertising shows up on their sites. They do absolutely nothing to protect you when you visit, so their whining about ad-blocking has no moral leverage. As long as they can’t be bothered to carefully select — because the crooks pay better than the cleaner advertisers — they have no grounds for complaint. Block their ads; it is your duty to your system and personal security to do so.
Meanwhile, there are things you can do to minimize the risk. The single best move is to install and use multiple browsers for different kinds of Internet use. For example, I run a different browser for content logins (blogging, forums, etc.), another for financial logins, another with a script blocking plugin that I can turn on or off on the fly, and another for just catch-all browsing. I run the Open Source Chromium browser with multiple profiles, one for Google logins, and another profile just for Youtube. And for most browsing, I use Links2, which cannot process JScript, only text and images. For a few things I use Lynx, a plain text browser.
This may sound obsessive to you, but the basic principle still stands. I’ve gotten calls to fix home computers hijacked by visiting mainstream websites with criminal JScript, so I know the threat is real. These are people too smart to click unknown links in emails, but lack the technical awareness to handle JScript threats because the whole thing is Byzantine and obscure.
We can’t change the way the system works. What we can do is change how we interact with it.