Oh, please. I work as a security research for a rather large company in that space. As I said, I am well aware of the risks.
As I said in my original post, javascript is heavily sandboxed. Aside from the fact that the Pentagon and FBI will not care about a portscan, not in the least, Javascript prots canning has not worked for some time as the xmlhttpobject has been modified.
All the claim you make against javascript are only possible if the sandbox is broken or your browser is being exploited. Javascript as designed, running sandboxed and restricted to a very finite space of mostly DOM modification, is not anywhere near the risk you make it out to be.
The executive summary is that disabling JavaScript entirely means having an essentially unusable internet, for no good reason. Keep your browser updated, use adblock and privacy addons if you must, but disabling javascript entirely or not refusing to read a website that didn't downgrade gracefully is foolish.