There are many easy ways to steal your login/cookie via JavaScript. The only way to be sure is to disable JavaScript for Perlmonks. vroom has announced that now the engine is supposed to strip Javascript from home nodes, but I would rather err on the safe side.

If you are using Internet Explorer, I can help you by telling you my setup :

Set up your zones like this :

• Internet Zone : Javascript and cookies disabled
• Restricted Zone : Javascript disabled, cookies enabled
• Trusted Zone : Javascript and cookies enabled

If you are using other browsers (or Internet Explorer), get yourself a proxy server that strips JavaScript from selected websites (like Perlmonks) - Google will help I guess.