Avast WEBforum
Consumer Products => Avast Free Antivirus / Premium Security (legacy Pro Antivirus, Internet Security, Premier) => Topic started by: tonynace on June 08, 2012, 06:32:24 PM
-
When I run Firefox, do I really need NoScript as well when I am running Avast Internet Security 7 with script shield? I would like to disable it, as it gets really annoying having to give permission after permission to some sites to run scripts. Will I get the same level of protection from Avast?
-
My opinion is to use NoScript all the time.
If your going to go to some random website, want to use their scripts so their app works, without doing any research on it, then it's better to completely remove NoScript as that is the point of it.
Many websites that you think are harmless might contain malicious iframes that lead to exploits, etc..
NoScript was meant so that you could trust all the sites that are good while blocking others. You do not need to allow an entire site; just the site(s) that you trust and are associated with the app you are trying to use.
The more you use NoScript, the more sites you won't have to worry about "giving permission after permission". The web was made to get information, and information can be given without scripts, so in many cases you don't even have to look at NoScript on a site your getting information from.
-
I've used it for quite a while, and I often visit new web sites. I don't have the time to research what domains are asking for permission, so I usually just click "temporarily allow." But some sites, especially newspapers, come back with even more, and often I don't get to see the content I want unless I hit "allow." I started using Chrome to look at newspapers as this got to be so bothersome. I still like using Firefox, though, because it has some features that Chrome does not. I haven't had any problems so far using Chrome, so either Avast is doing the script protection, Chrome is doing it, or I've just been lucky to not have visited any sites with malicious code.
-
Regardless of my AV protection, I wouldn't be without NoScript. For the most part my regularly visited sites have been allowed, for the most part you shouldn't need to do much research, as you can use temporarily allow all this site.
-
Well, if you're just hitting temporarily allow all the time without checking the domains, isn't that basically overriding it anyway, so what good is it to use it?
-
http://forum.avast.com/index.php?topic=98764.0
Scriptshield is currently not working for Firefox 12/13, and Chrome 19, but it does work for IE9 and Firefox ESR. Scriptshield is very effective b/c by default it uses a whitelist model, however the temptation to just give temporary permission becomes hassle and security burden. If you look at the breakdown for infected websites you see that traditional scapegoat for malware being porn sites only make up 2.4 percent, with the rest making up overwhelmingly of legitimate websites that were hacked.
http://www.msnbc.msn.com/id/47671318/ns/technology_and_science-tech_and_gadgets/t/surprise-most-dangerous-web-sites-arent-porn-sites/
So the point being if you are dependent on noscript for security, you have to be very very vigilant on what you give permission to b/c nothing is safe (including trusted sites), and a temporary lapse in judgement and temptation to just give temporary privileges for convenience defeats the purpose of using Noscript.
-
You shouldn't use "Temporarily allow all of this page"
Its better to rather use your knowledge of website names to determine which site's scripts need to be ran in order to get what you want. It would be unwise to do "allow all" if the site was hacked with malicious code injected. Then the site would look normal and have an exploit waiting for you.
Anyways, if lots of the sites you visit for research need scripts then they probably aren't good research sites.
-
Well, if you're just hitting temporarily allow all the time without checking the domains, isn't that basically overriding it anyway, so what good is it to use it?
I'm not talking about me doing that, but for you when you visit newspaper sites as you say that they are more troublesome, with lots 3rd party site content. As you are already effectively doing that by using Chrome where you don't have the NotScript add-on (chrome version of NoScript).
This is an exception rather than a rule for all sites.
-
My opinion is to use NoScript all the time.
+1
-
I don't use Firefox but if I did, I'm sure I would not use No Script because I don't want to see constant alerts. I think Avast's Script Shield is sufficient.
-
I don't use Firefox but if I did, I'm sure I would not use No Script because I don't want to see constant alerts. I think Avast's Script Shield is sufficient.
Great double negative and explains why your answer is totally wrong as you have zero idea how it works.
You don't get constant alerts by NoScript.
-
I don't use Firefox but if I did, I'm sure I would not use No Script because I don't want to see constant alerts. I think Avast's Script Shield is sufficient.
Great double negative and explains why your answer is totally wrong as you have zero idea how it works.
You don't get constant alerts by NoScript.
+1 DavidR is 100% correct Dch48, now we fully understand why you have no dea how NoScript works ::) :P :-X :o
-
Hi!
Until last year i used Firefox and NoScrpt as well and everything was ok. Now I'm using Opera without any add-ons.
Does anybody know, if there is a version for Opera or isn't it necessary?
HDW38
-
Does anybody know, if there is a version for Opera or isn't it necessary?
-> https://addons.opera.com/en/extensions/details/notscripts/
-
I don't think it is a case of it isn't necessary for Opera as there will be scripts and cross site scripts run on websites. The most common instance on hacked sites is a cross site scripting attack. e.g. a link on the site, that tries to run a script on another 3rd party site (commonly malicious site).
So unless there is something in Opera that specifically protects against that, then it like other browsers is vulnerable to that kind of attack unless there is something to stop it.
There is a NotScripts I believe for Opera not sure if that is from the same people who made NoScript.
-
There is a NotScripts I believe for Opera not sure if that is from the same people who made NoScript.
No, it isn't.
-
Does anybody know, if there is a version for Opera or isn't it necessary?
-> https://addons.opera.com/en/extensions/details/notscripts/
Installed.
Thx, Asyn.
-
Installed.
Thx, Asyn.
You're welcome.
-
I don't use Firefox but if I did, I'm sure I would not use No Script because I don't want to see constant alerts. I think Avast's Script Shield is sufficient.
There is no alert. You can hover over the icon and select which sites to allow/disallow that are on the current page.
You won't realize that NoScript is even running unless the website is completely rendered helpless with no javascript.
-
I don't use Firefox but if I did, I'm sure I would not use No Script because I don't want to see constant alerts. I think Avast's Script Shield is sufficient.
Great double negative and explains why your answer is totally wrong as you have zero idea how it works.
You don't get constant alerts by NoScript.
I fully understand how it works and even one alert for something safe is too many.
-
What part of no alerts is it that you don't understand, NoScript doesn't give 'any' alerts.
-
What part of no alerts is it that you don't understand, NoScript doesn't give 'any' alerts.
It doesn't tell you that scripts have been blocked and give an option to allow them in the future? If that's the case, then that's even worse. I don't want to cripple my browser in any way.
-
By alerts i mean it gives no annoying pop-up on every website saying
" THIS THIS AND THIS WAS BLOCKED!
DO YOU WANT TO UNBLOCK THIS?
THIS?
HOW ABOUT THIS? " ::) :P
If you want to allow/forbid scripts, simply hover over the icon and click on the site to allow/forbid.
-
What part of no alerts is it that you don't understand, NoScript doesn't give 'any' alerts.
It doesn't tell you that scripts have been blocked and give an option to allow them in the future? If that's the case, then that's even worse. I don't want to cripple my browser in any way.
You can have Noscript give a message about blocked scripts at the bottom of the page. It seems most users don't enable this and just use the 'hover over the icon' method.
-
It also seems to blindly block everything , including Flash, unless you allow it for specific sites. Again I say, no thanks. I want the full browsing experience. For added security, Avast's Safe Zone is perfectly sufficient.
-
It also seems to blindly block everything , including Flash, unless you allow it for specific sites.
For good reason. ;)
Again I say, no thanks. I want the full browsing experience. For added security, Avast's Safe Zone is perfectly sufficient.
Enjoy! :)
-
It also seems to blindly block everything , including Flash, unless you allow it for specific sites. Again I say, no thanks. I want the full browsing experience. For added security, Avast's Safe Zone is perfectly sufficient.
You sound like my neighbor. He said that he wants to see everything. Believe me, he has. I can't remember all the times that I've had to clean his machine. He must be getting wiser, as it hasn't happened for about a year.
-
In NoScript I use the setting "Temporarily allow top-level sites by default." This usually allows most of the content I'm looking for while blocking all the third-party crap. I don't know how it would work for newspapers, might be worth a try.
-
It also seems to blindly block everything , including Flash, unless you allow it for specific sites. Again I say, no thanks. I want the full browsing experience. For added security, Avast's Safe Zone is perfectly sufficient.
You sound like my neighbor. He said that he wants to see everything. Believe me, he has. I can't remember all the times that I've had to clean his machine. He must be getting wiser, as it hasn't happened for about a year.
Well, for me, it hasn't happened since 1999 when I first got on the internet. I have never been infected by anything.
-
You should consider yourself very lucky. :o I wouldn't go without NS these days.
-
You should consider yourself very lucky. :o I would go without NS these days.
Guess you meant "wouldn't"... ;)
-
Thanks Asyn...I fixed that typo. ;D Time for new glasses.
-
Thanks Asyn...I fixed that typo. ;D Time for new glasses.
NP SafeSurf. :)