And another Ubuntu convert!

[Derek Broughton]

Mark Kirkwood wrote:

> Derek Broughton wrote:

>>> - use a firewall
>>
>> Mostly not necessary either - if you don't have servers, you don't need a
>> firewall.  Which is why Ubuntu Desktop versions don't install one.
>>
> If you are using a DSL router, then most have one anyway. It is wise to
> leave it on - another layer of security to protect you (especially if
> you do wish to enable remote access - say from work to your machine at
> home, you can configure the firewall to only allow connection attempts
> from your work ip range - again, another layer of safety in case of an
> unknown ssh vulnerability).

That, of course, means you're operating a server of some sort - and 
absolutely you need firewalls when you do that.
> 
>>> - use a script blocker like noscript in your browser
>>>     
>>
>> That's really, really, pointless.  The fact is, if you turn off
>> scripting,
>> you lose most of the functionality of the web.  Even if you just make it
>> prompt before running scripts you'll be driven crazy.  I'd far rather
>> block specific domains (like adblock).
> 
> Hmm, couldn't disagree more - I was referring to a configurable blocker 
> (like Noscript in Firefix) - this is probably one of the best ways to
> protect yourself whilst browsing. Most sites work well enough for you to
> decide whether or not to trust them by allowing any scripts.

Unless your browser has vulnerabilities, script isn't supposed to be able to 
do anything harmful (activex, of course, is just one huge vulnerability).  
Having a script blocker asking  whether it can run scripts every time you 
come to a new site ruins the experience of the web, for little value.  I 
don't _want_ to have to decide whether to trust scripts on every site, and I 
absolutely don't  believe I need to.