Yeah, I don't buy their argument about that. One of them said that disabling JavaScript is ok for now, since there are a lot of tech savvy users who disable JavaScript, but as Tor becomes more popular, you will become more unique. That's not true. You will be a smaller percentage of Tor users, but the set should be the same size unless tech savvy users abandon Tor, and actually there are plenty of tech savvy users who don't use Tor yet, so as it gets more popular, the set of Tor uses with JavaScript disabled should increase. Whether or not to disable JavaScript depends on your circumstances. 99% of exploits are written for Windows and I don't use Windows, and the cross-platform ones are Flash and Java based, which already disabled, so it's not a threat that I'm concerned about. I gain a lot by being part of the JavaScript-enabled anonymity set at very little cost/risk. On Windows I would probably disable it.