JavaScript - NoScript extension (Was: Questions on Security)
jon at jcosby.com
jon at jcosby.com
Sun Jun 6 20:14:56 UTC 2010
Quoting Brian <ad44 at cityscape.co.uk>:
>> For Firefox on Linux as well as Windows I strongly recommend the NoScript
>> plugin. It blocks all JavaScript on a web page, and lets you turn it back
>> on again per page or domain.
>
> Indeed it does. And it does it very well; based, of course, on whether you
> trust the site. Whatever 'trust' means.
>
That can be very subjective. And even trusted sites can be compromised.
>> It can be a bit of a nuisance for casual browsing, but if you have a fixed
>> set of websites that you visit almost every day, then you can allow
>> JavaScript on those sites. It's very easy.
>
> A nuisance? It's a pain. My browsing is eclectic and noscript does nothing
> for me or my security.
>
Not if it isn't used properly. Allowing scripts from unfamiliar sites
leaves you open to attacks such as those mentioned by the OP.
Personally, I can do without all of the flash on most of the sites. It
rarely adds any substance and can often be annoying. If
JavaScript/Flash is required to access a site, I can almost always
find the information somewhere else.
Jon
More information about the ubuntu-users
mailing list