JavaScript - NoScript extension (Was: Questions on Security)

jon at jon at
Sun Jun 6 20:14:56 UTC 2010

Quoting Brian <ad44 at>:

>> For Firefox on Linux as well as Windows I strongly recommend the NoScript
>> plugin. It blocks all JavaScript on a web page, and lets you turn it back
>> on again per page or domain.
> Indeed it does. And it does it very well; based, of course, on whether you
> trust the site. Whatever 'trust' means.

That can be very subjective. And even trusted sites can be compromised.

>> It can be a bit of a nuisance for casual browsing, but if you have a fixed
>> set of websites that you visit almost every day, then you can allow
>> JavaScript on those sites. It's very easy.
> A nuisance? It's a pain. My browsing is eclectic and noscript does nothing
> for me or my security.

Not if it isn't used properly. Allowing scripts from unfamiliar sites  
leaves you open to attacks such as those mentioned by the OP.  
Personally, I can do without all of the flash on most of the sites. It  
rarely adds any substance and can often be annoying. If  
JavaScript/Flash is required to access a site, I can almost always  
find the information somewhere else.


More information about the ubuntu-users mailing list