I'll answer to your mentioned issue first, but in addition to that there are some extra, but related, information below it.
As for support, you found the best place. You can indeed avoid javascript, and this is where to hang-out for feedback/questions/help/support if you want to be as close to the developers as possible (they don't always post but they do drop by every now and then), and probably also the best place to find help too given the people who gather here. But remember, when you ask for support, you must remember that it is volunteer driven "support". I'm not doing it my self, but you should be able to use for example the open-source Thunderbird mail-client over the Tor network, to post on these e-mail threads, and then use the Tor plugin's to Thunderbird to ensure you're anonymous (remember the plugin). This way, you bypass the java-script for google mails, and you can even use mail encryption if both parties have & use the keys (as you might have seen, some people have their encryption keys below their posts here, so you can send encryption messages to them).
As for the extra information, it's a good timing of you to ask a question like this, as some of us are currently trying to get a discussion going today, exactly about issues like this. It could be helpful if you throw a comment over here (@ link below) to help putting focus on issues which are not covered in the Qubes docs, and come from the bottom-up (by Communuty for Community). This will over time help increase the availability of extra guides and solutions for all sorts of different things. It'd be helpful to have backing as to why we need more focus on less or unofficial guides/scripts/etc. https://groups.google.com/forum/#!topic/qubes-users/dZNWxBOqa08
The better this can be done, the quicker we can get more helpful content coordinated, checked for errors/mistakes/security/easy-of-use/help-finish and make both the unfinished and finished work more visible for the rest of the community. Some of it, if good enough, could maybe end up in the Qubes docs at some point as well. To clarify, instead of top-down, this is a bottom-up approach.
Disclaimer, I don't plan to take any leadership in this, I'm only pushing to get it going, and then afterwards help where I can help as a regular user. It might even be that there won't be a leadership, but things like these are for the discussion to discuss as well.
Basically, if you could post your point of view, entirely what you think, what you would like to see, your own opinion, related to the subject of course.
Javascript itself will not reveal your IP over Tor ie break tor. But javascriptt has always had security issues that could be used to run code that could itself reveal ip etc. This is more an issue with emails and small or spoofed sites etc not a large offical site like youtube.
Honestly I do not understand people using gmail etc if privacy is critical. Even using pgp for all text etc so much can be learned from your habits email accounts contacted time of use etc... Its sad they own so much of the Internet data and portal activity these days such as youtube. I wish this list was not hosted but its so hard to avoid the carrot when its a opensource project.
Use tor to setup a protonmail etc if you need a webmail account.
While I in general agree, some e-mails are created specifically for a specific purpose. People who use gmail on these websites for example, may not specifically use that e-mail for anything else. Since we're already posting on gmail mailing lists, it shouldn't make any difference anyway, google will know irregardless of which mail is used here. Though perhaps there is a legal difference, maybe? But as long it isn't used outside google systems, then having a gmail here shouldn't make much difference. Unless I overlooked something? legal element maybe?
It won't be long before A.I. can just scan and analyze the way how people write to profile people and identify them. It's essentially the same tech as face-recognition software, which many laughed off just a few years back, but today is very real. So too is happening to A.I.'s that can identify people by how they write. Google is likely no exception here, and irregardless of which mail you use, they would probably be able to identify you one way or another if you only once slip up and publicize your writing style. It's like a fingerprint. The future is scary.
That is how 99.9% of those caught using tor are found. Its from bad opsec not actually breaking of tor itself. Tech even the way silk road was brought down was via a spoof more than 100% of breaking tor. but like anything layers. Whats great about qubes is it helps in numerous ways from being resistant to the spread of malware its easy integration oh whonix. It ability to string numerous network tunneling chains together to creating multiple layers if done correctly have the effect of indecent cells working to a common goal with only the end user knowing all parts. Qubes is but one part but its configuration allows for numerous ways and layer for security and or if done with proper opsec anonymity
I could not agree more. Also very well put and easy to understand example. You always have to define the use and what you are protecting and from who. No one way for everything.