The JavaScript Trap
When you visit a website such as Gmail, your browser will download and run several thousand lines of JavaScript code. JavaScript code is no different to languages like Python, C++ or Ruby — applications written in those languages running on our computers should be free software, so we can run, modify and share them if we wish. JavaScript today is not the JavaScript of the past — it is now used to write powerful, server-side applications thanks to free software like Node.js and the V8 JavaScript engine.
Further, we've recently seen companies such as Research In Motion (makers of the Blackberry) advising customers to entirely disable JavaScript in the WebKit browser on its devices because of a security problem that was discovered. While free software JavaScript can have security problems too, this example illustrates that we have a real need to be able to see what the code we're running on our computers is actually doing, and change it.
Source: http://www.fsf.org/blogs/community/gmail-jstrap
Howto do it:
1. select "Basic HTML" at the bottom of any screen in your Gmail account.
2. Set basic html as default view
3. use No script to block javascript on the site
Or use a desktop email client with imap enabled and pop disabled; this will keep your data on the Google internet server.
More details: http://libreplanet.org/wiki/Group:NoJavaScript/Gmail