How Important is No Script in FX?

Virgorising · Sep 26, 2013

I have always chosen No Script add on in FX. How important/necessary is this? Would I be really vulnerable if I disabled it, given I do run Norton IS?

Am I being an ingrate and a brat for being annoyed by always having to hit "Temporarily allow this page"?

Thank you.

MustISO · Sep 26, 2013

I use it all the time. Sure it's a pain having to allow some sites but most sites I visit work fine with it enabled. I leave it off for sites I really trust.

Another option would be to browse in a sandbox like Sandboxie. Should really reduce the chance of infections.

Virgorising · Sep 26, 2013

MustISO said:
I use it all the time. Sure it's a pain having to allow some sites but most sites I visit work fine with it enabled. I leave it off for sites I really trust.

Another option would be to browse in a sandbox like Sandboxie. Should really reduce the chance of infections.

Thanks for this. I was, as it turns out, being an ingrate and a brat in this. Happens. No other responses needed!:thumbsup:

SecurityTheatre · Sep 27, 2013

Virgorising said:
I have always chosen No Script add on in FX. How important/necessary is this? Would I be really vulnerable if I disabled it, given I do run Norton IS?

Am I being an ingrate and a brat for being annoyed by always having to hit "Temporarily allow this page"?

Thank you.

NoScript is sufficiently annoying that the TOR project creators disabled it in a version of the browser bundle a few months ago.

What resulted was the FBI placing a FireFox exploit on The Silk Road (and a bunch of other hidden sites) and presumably unmasking all of the TOR users on those sites. I haven't heard about large-scale busts, but I expect to hear about them sometime soon.

Virgorising · Sep 27, 2013

SecurityTheatre said:
NoScript is sufficiently annoying that the TOR project creators disabled it in a version of the browser bundle a few months ago.

What resulted was the FBI placing a FireFox exploit on The Silk Road (and a bunch of other hidden sites) and presumably unmasking all of the TOR users on those sites. I haven't heard about large-scale busts, but I expect to hear about them sometime soon.

OK wait....first, I need pre school level/Sesame street type explanations for the above, cause it all feels important.

This is a new installation of FX cause I just set up this system.

All I could find re The Silk Road, was:
http://library.thinkquest.org/13406/sr/

Is the conclusion: I am NOT being an ingrate/brat cause I am overloaded and tired and so, impatient and I am not the only user who is?

Or, as I suspect, something else?

Thank you.

(Boy, many people here know things I can almost not believe!!!)
___________________________________
Edit: Just learned about yet ANOTHER thing/entity I had no clue about!!!!

https://www.torproject.org/

lxskllr · Sep 27, 2013

Virgorising said:
OK wait....first, I need pre school level/Sesame street type explanations for the above, cause it all feels important.

This is a new installation of FX cause I just set up this system.

All I could find re The Silk Road, was:
http://library.thinkquest.org/13406/sr/

Is the conclusion: I am NOT being an ingrate/brat cause I am overloaded and tired and so, impatient and I am not the only user who is?

Or, as I suspect, something else?

Thank you.

(Boy, many people here know things I can almost not believe!!!)
___________________________________
Edit: Just learned about yet ANOTHER thing/entity I had no clue about!!!!

https://www.torproject.org/

His comment was an example of what can happen. The FBI took down some sites, and hosted malware via javascript which revealed visitor's identity, which is bad on a network that's supposed to be anonymous. If Tor didn't ship their browser with NoScript set to allow by default, the exploit wouldn't have worked. IOW, NoScript can protect you against attacks A/V won't protect you from.

Virgorising · Sep 27, 2013

lxskllr said:
His comment was an example of what can happen. The FBI took down some sites, and hosted malware via javascript which revealed visitor's identity, which is bad on a network that's supposed to be anonymous. If Tor didn't ship their browser with NoScript set to allow by default, the exploit wouldn't have worked. IOW, NoScript can protect you against attacks A/V won't protect you from.

THANK YOU!!!! Got every element of this now!

And, it confirms, Yes, indeed, I was being a petulant, ingrate be-atch re my impatience with NoScript and the modest little things It requires us to do, to do ALL the invaluable things IT DOES!!!

SecurityTheatre · Sep 30, 2013

Virgorising said:
THANK YOU!!!! Got every element of this now!

And, it confirms, Yes, indeed, I was being a petulant, ingrate be-atch re my impatience with NoScript and the modest little things It requires us to do, to do ALL the invaluable things IT DOES!!!

I was also pointing out that NOScript *IS INDEED* sufficiently annoying that even super-paranoid TOR users disabled it at some point.

Of course, most security is just a trade-off of convenience vs protection.

Search

How Important is No Script in FX?

Virgorising

Diamond Member

MustISO

Lifer

Virgorising

Diamond Member

SecurityTheatre

Senior member

Virgorising

Diamond Member

lxskllr

No Lifer

Virgorising

Diamond Member

SecurityTheatre

Senior member

TRENDING THREADS