In browser based JavaScript every object you create is assigned to the global scope. For the browser, this object is simply known as window. It is simple to see this behavior in action by opening up the development console in your favorite browser.
Tip
Opening the Development Console
Modern browsers have, built into them, some very advanced debugging and auditing tools. To access them there is a menu item, which is located under Tools | Developer Tools in Chrome | Tools | Web Developer in Firefox, and directly under the menu as F12 Developer Tools in Internet Explorer. Keyboard shortcuts also exist for accessing the tools. On Windows and Linux, F12 is standard and, on OSX, Option + Command + I is used.
Within the developer tools is a console window that provides direct access to the current page's JavaScript. This is a very handy place to test out small snippets of code or to access the page's JavaScript.
Once you have the console open, enter the following code:
> var words = "hello world" > console.log(window.words);
The result of this will be hello world printed to the console. By declaring words globally it is automatically attached to the top level container: window.
In Node.js the situation is somewhat different. Assigning a variable in this fashion will actually attach it to the current module. Not including the var object will attach the variable to the global object.
For years you've likely heard that making use of global variables is a bad thing. This is because globals are very easily polluted by other code.
Consider a very commonly named variable such as index. It is likely that in any application of appreciable size that this variable name would be used in several places. When either piece of code makes use of the variable it will cause unexpected results in the other piece of code. It is certainly possible to reuse variables, and it can even be useful in systems with very limited memory such as embedded systems, but in most applications reusing variables to mean different things within a single scope is difficult to understand and a source of errors.
Applications that make use global scoped variables also open themselves up to being attacked on purpose by other code. It is trivial to alter the state of global variables from other code, which could expose secrets like login information to attackers.
Finally global variables add a great deal of complexity to applications. Reducing the scope of variables to a small section of code allows developers to more easily understand the ways in which the variable is used. When the scope is global then changes to that variable may have an effect far outside of the one section of code. A simple change to a variable can cascade into the entire application.
As a general rule global variables should be avoided.