I voted yes, mainly because JavaScript can steal cookies from another web page if you are browsing the internet with additional tabs or windows open. And for people who go, "I don't like my browser lighting up like a Christmas tree" there is a preference in NoScript to make it not bother you during browsing.

Thoughts and comments are appreciated.

I have noscript installed, but have it turned off most of the time as I know where I am browsing, and it interfers with many of my sites. Therefore I believe it should be left as optional. After all, that is the mission of open source, CHOICE :p

NO! NoScript is annoying. If you want it download it. I realize it takes 5 seconds to disable but that is 5 seconds I could spend in Quake Live or on a YouTube video

NoScript should be default in Firefox. Browsing without it is insecure and shows a disregard for privacy.

I tried it once, found it really annoying. Might try it again to see if I can disable the nagging.

.

As if the Ubuntu devs don't have enough to do without adding more patches to a perfectly good program as it is? It's not the kind of thing you'd want to ship Firefox with without the end user knowing about it. It requires a lot of setup, telling it which sites you want scripts on and which you don't. If someone is prepared to do that then they can add it themselves.

"Stealing" cookies is not a big deal. Cookies are tiny bits of information that only mean something to the site that set them. It has a number that tracks to the setting servers database and that number means nothing to another site. Just look through some of your own cookies if you don't believe me. People get paranoid about cookies thinking they contain your life story but if the information was anything valuable then it wouldn't be left in a cookie. Preventing Javascript is useful for preventing Javascript exploits however.

NoScript reminds me of that hyper, naggy kid we all disliked so much in school. I voted no.

People get paranoid about cookies thinking they contain your life story but if the information was anything valuable then it wouldn't be left in a cookie. Preventing Javascript is useful for preventing Javascript exploits however.


*Ahem* logging in automatically upon each visit uses a cookie.



I have noscript installed, but have it turned off most of the time as I know where I am browsing, and it interfers with many of my sites.


You can whitelist any site you go to by right clicking the NoScript icon and selecting "allow ..."



Therefore I believe it should be left as optional. After all, that is the mission of open source, CHOICE


Yep, and including around 5 programs you will likely never use in Ubuntu/Kubuntu is totally choice...

I am happy with my current browsing experience.

I said No. I tried NoScript once but I found it such a pain I got rid of it.

Quote:
Therefore I believe it should be left as optional. After all, that is the mission of open source, CHOICE
Yep, and including around 5 programs you will likely never use in Ubuntu/Kubuntu is totally choice...

Yep, but if NoScript were default, most people would think it was a necessary part of the Ubuntu experience, therefore due to the nagging, leave ubuntu. Those other 4 or 5 can just be ignored.

But anyway, you asked for opinion, and those of us who do or don't have it do so for our own reasons, you really shouldn't append our opinions when running a poll. :p

Only if the Firefox devs decide to add it as default.

I find it very annoying, and would more than hate for it to be the default. Also, unless Firefox itself makes it a default, I see no reason for Ubuntu to do it.

If people want proper security, then this is what they should have.

noscript should be default in firefox. Browsing without it is insecure and shows a disregard for privacy.
+1

I use it myself, but new users who are used to insecure browsing would be confused about why pages with flash/java don't work. After they complain about it here and someone explained to them why it isn't working they would probably white listing everything to make it stop bothering them.

NoScript is annoying. Maybe we just need to write a "Proper Etiquette of an World Wide Web Browser" to outline the good behavior from the bad.

Firefox having an option to block third-party scripts would not be a bad idea, but I know some people who dumped noscript because it was too intrusive in it's default configuration. If there was not an option to allow top level sites by default, I would not use it either.

I voted yes, mainly because JavaScript can steal cookies from another web page if you are browsing the internet with additional tabs or windows open. And for people who go, "I don't like my browser lighting up like a Christmas tree" there is a preference in NoScript to make it not bother you during browsing.

Thoughts and comments are appreciated.

It should not be default. Its easy enough to add if you want it. I use it but I know it annoys a lot of people.

No, I play alot of browser based and flash games, this would totally screw them up unless I told it otherwise EVERY TIME. Bah, lol.

I'd say no, partly because it updates so frequently that you'd likely have to download an update after a fresh install anyways. But also because extensions should just be extensions.

That being said, I do love No-Script. It's just not for everyone.

For anybodies general interest if you install toolbar buttons in the FF add ons 3 no script icons can be added to your tool-bar of choice. The first is the regular icon the other two are temporary allowance and removal of permission. Also as another poster mentioned you can set the pop up of options etc to not show and add to the white list as needed. I don't really care if it is in the repositories since like any program you can install or remove what you like although carefully.

The Tor people recommend not using NoScript, as due to its complexity most people who use it are unconsciously opening more holes than they are closing.

The Tor people recommend not using NoScript, as due to its complexity most people who use it are unconsciously opening more holes than they are closing.

I looked at the tor website and couldn't find any info, might have not been the correct site. Would you post a link to the recommendations, I don't use tor but the subject seems worthy of understanding. I found this link although I don't know of the validity.
http://archives.seul.org/or/talk/Sep-2008/msg00125.html

NoScript really only works if you fully understand what it does.

Unless you do understand it then it's just an additional and unecessary annoyance.

I don't fully understand it therefore I don't use it.
I've been using the internet for nearly ten years without NoScript and haven't had any problems thus far.

No, some people don't need things like that and giving something in a distro which is mostly personal preference would be sort of wrong.

there are two non nagging add ons that are better in my opinion

adblock plus and adblock G filter with anonproxy a perfectly good browsing experience

It's an excellent extension everybody should use.

The obvious problem is (also outlined by this thread), poor people don't understand what it's all about.

:???:

It's an excellent extension everybody should use.

The obvious problem is (also outlined by this thread), poor people don't understand what it's all about.

:???:

No some people just don't need it.

I looked at the tor website and couldn't find any info, might have not been the correct site. Would you post a link to the recommendations, I don't use tor but the subject seems worthy of understanding. I found this link although I don't know of the validity.
http://archives.seul.org/or/talk/Sep-2008/msg00125.html

http://ubuntuforums.org/newreply.php?do=newreply&p=6365797

# NoScript

Torbutton currently mitigates all known anonymity issues with Javascript. While it may be tempting to get better security by disabling Javascript for certain sites, you are far better off with an all-or-nothing approach. NoScript is exceedingly complicated, and has many subtleties that can surprise even advanced users. For example, addons.mozilla.org verifies extension integrity via Javascript over https, but downloads them in the clear. Not adding it to your whitelist effectively means you are pulling down unverified extensions. Worse still, using NoScript can actually disable protections that Torbutton itself provides via Javascript, yet still allow malicious exit nodes to compromise your anonymity via the default whitelist (which they can spoof to inject any script they want).

No some people just don't need it.Yeah. those people who don't browse the net.

Yeah. those people who don't browse the net.

I don't need it.

Of course no. Ubuntu is for humans.

No. Prefbar meets my needs.

Of course no. Ubunut is for humans.

What is Ubunut?

there are two non nagging add ons that are better in my opinion

adblock plus and adblock G filter with anonproxy a perfectly good browsing experience
The point of NoScript is security/privacy, not blocking ads.

What is Ubunut?
And what is a human?

it would be annoying for users that don't know what it is.

What is Ubunut?

Linux for nuts.


Yeah. those people who don't browse the net.

Not true; the people that randomly click on any link they see, no matter how suspicious. Plus this is Ubuntu we're talking about, it's not like it'll upload a virus onto your computer.

What is Ubunut?

An amusing typo.

d

I use NoScript regularly, however it really confuses others who use my computer -- they often tell me your computer is broken and some websites don't work on your computer.

Yes its a pain for a lot of people until you configure it appropriately. It should not be included by default.

I say no, simply because too many people would find it annoying. I don't really find it annoying, after I've disabled the notification that slides out, but a lot of other people probably think allowing domains on the fly is annoying.

Yep, and including around 5 programs you will likely never use in Ubuntu/Kubuntu is totally choice...

What five programs? :D

What five programs? :D

well, xsane, bluetooth, and probably other stuff. but one can't complain because there is a sizable amount of people who find that useful. noscript on the other hand would annoy the majority

No. Maybe if Ubuntu was a special security-focused distro then it would make sense, but not for a general-use desktop system.

i will keep it for a while longer before i flush it down the pan:p
no for me

it too strict to use it each day too much sites works badly with it, but extremely useful then you need to do dangerous surfing

Privoxy helps, some, with privacy, I have it running on a standalone firewall & it doesn't seem to be a noticeable slow down like it is when on your desktop/notebook machine.

Copfilter has great configuration scripts setup for Privoxy as well.

I haven't worked out how to setup Tor on the firewall/proxy yet, I think it is a tough job.

I don't use NoScript these days & I don't think it should be in Ubuntu by default, it is too complicated, invasive & most users won't want it around.

I use NoScript but I vote no. It's too advanced for new users. (amagad I cannot view youtube with linux, i am going back to *******)