I did but I found it very annoying.
I mean it you literally cant visit any html page and when you do try and allow the page you have to keep allowing more and more code to be rendered....
Seems like a waste or am I missing the point?
I did but I found it very annoying.
I mean it you literally cant visit any html page and when you do try and allow the page you have to keep allowing more and more code to be rendered....
Seems like a waste or am I missing the point?
Kinda missing the point IMO. When you're surfing new, untrusted sites you can temporarily allow scripts.
I presume you followed this:
https://wiki.ubuntu.com/BasicSecurity/NoScript
There's a discussion on how to use NoScripts here:
http://ubuntuforums.org/showthread.php?t=1905730
I use it and advocate its use. I know it's frustrating, especially at first. You can establish a fairly permanent whitelist of your most frequently visited and trusted sites and leave everything else default-blocked. It takes some work up front, but eventually becomes mostly invisible for most things.
For sites not frequently visited or just unknown, it's good to block scripts. A lot of sites are compromised and have scripts placed in their source that are invisible to people browsing the site. A lot of sites are just inelegant. There's no reason for them to be "designed" in such a complicated manner. And you know, there are many sites out there where you can get what you went to the page for without allowing their scripts to run at all. It might be kind of ugly though.
But we are more and more getting into situations where it's better to think of sites as hosting web applications, rather than just websites. In those cases, yes scripts need to be run. In my opinion there are too many places where an application is used but a page would do just fine. They unknowingly expose themselves and their users to unnecessary risks.
Hi
^^^ This. A great post.I use it and advocate its use. I know it's frustrating, especially at first. You can establish a fairly permanent whitelist of your most frequently visited and trusted sites and leave everything else default-blocked. It takes some work up front, but eventually becomes mostly invisible for most things.
For sites not frequently visited or just unknown, it's good to block scripts. A lot of sites are compromised and have scripts placed in their source that are invisible to people browsing the site. A lot of sites are just inelegant. There's no reason for them to be "designed" in such a complicated manner. And you know, there are many sites out there where you can get what you went to the page for without allowing their scripts to run at all. It might be kind of ugly though.
But we are more and more getting into situations where it's better to think of sites as hosting web applications, rather than just websites. In those cases, yes scripts need to be run. In my opinion there are too many places where an application is used but a page would do just fine. They unknowingly expose themselves and their users to unnecessary risks.
I use notscript in Chromium extensively and thinks it's an invaluable tool.
I also disable cookies on almost every site i go to part from ones i know are safe. If the site needs cookies for me to access and is not a trusted site (because i have been not there before), then if i access the site, i will delete the cookie for that site after.
For web e-mail access (Yahoo and Gmail only), i use a dedicated Midori browser and they are they only two sites i visit with that browser.
Kind regards
Last edited by matt_symes; May 25th, 2012 at 05:56 PM. Reason: Missed out an important not.
If you believe everything you read, you better not read. ~ Japanese Proverb
If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain
Thinking about becoming an Ubuntu Member?
I use NoScript everyday with FF for several years. Its a pain at first and takes awhile to customize it -- meaning you can selectively allow certain sites to run scripts. Once you spend a month or too customizing what you want to allow I think its great.
I use NoScript all the time, allowing sites on a temporary basis is handy.
It was a pain in the butt at first, but now I know which sites get picky about what script to allow in order to view all the content.
Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide
Tomorrow's an illusion and yesterday's a dream, today is a solution...
Never liked it. I used it back when I was on Firefox because it's basically the best way to be secure on that browser... but it was a pain and I'm glad I don't need it anymore.
edit: I see NotScripts mentioned. It's worth noting that NotScripts hasn't been updated in months (over a year I think) and doesn't use modern Chrome APIs. It's easily bypassed and doesn't have even close to as many features as NoScript. I suggest that you remove it and use ScriptNo instead. It's still not up to par with NoScript but at least it uses the WebRequest() API.
Hi
Thanks. Getting it nowedit: I see NotScripts mentioned. It's worth noting that NotScripts hasn't been updated in months (over a year I think) and doesn't use modern Chrome APIs. It's easily bypassed and doesn't have even close to as many features as NoScript. I suggest that you remove it and use ScriptNo instead. It's still not up to par with NoScript but at least it uses the WebRequest() API.
Kind regards
If you believe everything you read, you better not read. ~ Japanese Proverb
If you don't read the newspaper, you're uninformed. If you read the newspaper, you're mis-informed. - Mark Twain
Thinking about becoming an Ubuntu Member?
Well, I used to, but I found it a little too excessive.
Adblock does the trick to block whatever annoys me and I don't feel that NoScript protects me essentially.
Bookmarks