You can Make Firefox even safer now


Recommended Posts

Updated to 1.0.6

What's new:

+ Whitelist import/export (thanks hsmwrv for suggestion)

+ Only 2nd level (base) domains shown by default in the "Allow" menu items (easier operation for non-geeks; geeks can still revert to the old fine grained interface using the "Appearance" options)

+ Blocked scripts audio feedback (thanks to Markus for suggestion)

+ about:config/noscript.permanent can be changed live (no FF restart)

x chrome content URL are properly whitelisted (XUL error pages OK)

x Fixed empty permanent list problem (thanks to Patrick and Oremina for report)

Install From extensionsmirror

Link to comment
Share on other sites

I tried it, no thanks. It made Firefox unstable for me and was extremely annoying too. Allow this site, allow this site, etc...

I don't want to block every site and then allow them one by one. Too many sites have problems or won't work at all without it; Neowin looks horrible with it turned off for example. I would much rather have a blacklist where I could only block javascript on sites I select, like the beta of Google Groups; I hate that stupid floating bar they added.

Link to comment
Share on other sites

Okay.... Here is MY OPINION and knowledge. I have been using IE for agesand never EVER once had a virus, trojan, worm, or anything like that. THEN i hear people say, WTF!!!! IE hac2ed My MAcHINE! SCREW IE! and then I think, maybe its the user, because as i stated before, ive never ever had any trouble with ie, n im plan to stick with it. Im not anti ff, im just saying........ maybe some of you guys visit dodgy sites...

585944769[/snapback]

You may have never had any trouble, but that's pure luck. Blaming it on the user is ridiculous. At any given time, I can go to a 0-day exploit site and get an IE exploit that will allow remote execution of code. If none are public, you can always ask around and find a working private one. Such is not the case with Firefox, as they only come along every so often. I'm not saying any one browser is more secure than another, but I am saying that it's stupid to blame exploits on the user, when all they do is visit pages.

Link to comment
Share on other sites

I tried it, no thanks. It made Firefox unstable for me and was extremely annoying too. Allow this site, allow this site, etc...

I don't want to block every site and then allow them one by one. Too many sites have problems or won't work at all without it; Neowin looks horrible with it turned off for example. I would much rather have a blacklist where I could only block javascript on sites I select, like the beta of Google Groups; I hate that stupid floating bar they added.

585982356[/snapback]

I don't know what problems your having with your Firefox, but Neowin looks no different with javascript turned off then it does with it's turned on. Before I used this extension I had javascript disabled and never seen any site display Unproperly because of it. I only enabled it when I needed to use a funtion that required it. This extension makes it a lot easier. Some funtions of sites won't work.. like here at neowin the show all for clickable smilies won't work. but it still looks the same. Not saying your are lieing, but I think there maybe another problem with your browser that is triggered when you disable javascript. But each to there own. Thanks for your input.

Link to comment
Share on other sites

but Neowin looks no different with javascript turned off then it does with it's turned on.

Ok, you're right. I hadn't really tried it since Neowin updated, but it used to mess up all the fonts. As for the problem, it crashed the browser several times when I tried to add a site to the white list. Maybe it is just something on my system though, I don't know. I'm not trying to put it down, I'm sure it's great for some people. I'd rather just block JS on select sites instead of having to allow it on them. If it had a blacklist feature where you could do that I'd definately be more interested. Thanks though. :)

Link to comment
Share on other sites

Skyfrog: The only problem with that method is if you visit a site and you have javascript enabled and it's a site that's going to take advantage of some vulnerability then it's to late to blacklist it. So, then you would have to rely on someone else's list or warnings. It only takes 1 sec to add one to the whitelist as it is now. Btw, are you trying the latest version of it? it's 1.0.7 now. Many more improvements have been added.

And don't worry about expressing your opinion, I like talking to people and going back and forth, I learn things that way. It's not my extension anyway, I just want to help people out. This may be the best Security extension for Firefox. A lot of vulnerabilities use javascript or java to execute them.

NoScript CHANGELOG

TODO:

Allow some URL only for current session life-span (many requests!!!)

v 1.0.7

=====================================================================

+ "Popup blocker" notification message style (Firefox only)

+ Autoreload synchronizes every view whose permissions have changed

+ Spanish translation (thanks to Alberto Mart?nez)

x Improved subframes management in the contextual menu

x Better UI support for "special" TLDS like co.uk, co.nz and others

x Improved support for numeric addresses

x Audio feedback with more discreet sound effect :-)

Link to comment
Share on other sites

TODO:

Allow some URL only for current session life-span (many requests!!!)

Turn javscript: links into regular links where JS is disabled (zasxae)

Block plugins as well

v 1.0.8

=====================================================================

+ Whole addresses are shown when a port number is specified, no

matter which the Appearance options are, since enabling a domain

doesn't enable it for non-standard ports (thanks to jayvdb for

suggestion)

+ Stop every browser activity before changing policies (this should

be a workaround for most crashes dued to Firefox CAPS bugs)

Link to comment
Share on other sites

  • 2 weeks later...

TODO:

Turn javascript: links into regular links where JS is disabled (zasxae)

Block plugins as well

v 1.0.9

=====================================================================

+ Temporarily allow URLs (for current session only): temporary items

are shown in italics font

+ Clean uninstall in Deer Park

+ Added jar: to the default white-list, to allow about:plugin

and other "special" URLs to work out-of-the-box

x Better work-arounds for Firefox synchronization bugs

x Fixed conflict when a "View Source" window was open

Link to comment
Share on other sites

Okay.... Here is MY OPINION and knowledge. I have been using IE for agesand never EVER once had a virus, trojan, worm, or anything like that. THEN i hear people say, WTF!!!! IE hac2ed My MAcHINE! SCREW IE! and then I think, maybe its the user, because as i stated before, ive never ever had any trouble with ie, n im plan to stick with it. Im not anti ff, im just saying........ maybe some of you guys visit dodgy sites...

585944769[/snapback]

I agree, I've been using IE from the day I started using computers and I've never had one problem. I'm completely agree that it IS the users fault and not the browser. A good user can use it no problem at all.

Also, IE6 with SP2 doesnt allow ActiveX to run without clicking on a bar (if that isnt turned off) so its unlikely that spyware will get in that way.

Link to comment
Share on other sites

I agree, I've been using IE from the day I started using computers and I've never had one problem. I'm completely agree that it IS the users fault and not the browser. A good user can use it no problem at all.

Also, IE6 with SP2 doesnt allow ActiveX to run without clicking on a bar (if that isnt turned off) so its unlikely that spyware will get in that way.

586065713[/snapback]

The first web browser I used was Lynx, using PPP access to a local ISP, back before the web had any graphics at all.

http://lynx.isc.org/release/

Then it was Mosaic, then Netscape, until IE finally appeared. At first, IE was fine, I switched to it from Netscape, but then all the advertising, viruses, and other junk showed up on the web making IE a nuisance to use. It took MS about eight years to finally begin to address the problem with ActiveX and these other security and spam issues! In that time, most of us got tired of the hassle and simply switched to Firefox or Opera or other browsers.

I wonder if MS would have even done anything had it not been competition from other browsers?

Today, MS is about to release IE7, a ripoff of Firefox and Opera, just as IE was originally a ripoff of Netscape. Maybe it will work ok, about a decade late, but this time, I think I'll stick with the alternatives. I don't see any compelling reason to switch back.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.