Author Topic: In 2009 Firefox will have its internal firewall module!  (Read 12158 times)

0 Members and 1 Guest are viewing this topic.

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #15 on: December 21, 2008, 09:08:21 AM »
And just how exactly is my post suggesting how you should spend your time ?

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3866
  • Just an avast user
Re: In 2009 Firefox will have its internal firewall module!
« Reply #16 on: December 21, 2008, 09:34:31 AM »
C'mon guys we do not need this very personal sparring in the forum. 

Both of you have good points to make ... let's make these discussions - and debates about technical issues - just that and do our best to refrain from letting it become personal comments. 

(Else you will have to end up - if you have any decency and just as I had to do the other day - apologizing). 

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #17 on: December 21, 2008, 09:52:26 AM »
alanrf what good points did he make ? I fail to see them ... And it was not me who started it on a personal level just read the whole thread please. He keeps going on a personal level in almost every post he makes btw if you haven't noticed. Enough is enough, i've been holding myself back but not anymore. Sorry it's just the way it is.

And i have no problem apologizing and never have but in this case i most certainly won't because i have nothing to apologize for and quite frankly even your suggestion that i apologize is ridiciouls to me. I do appreciate your effort in trying to smooth things out though. :)

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3866
  • Just an avast user
Re: In 2009 Firefox will have its internal firewall module!
« Reply #18 on: December 21, 2008, 10:29:48 AM »
darth_mikey,

I do not want to be rude but you are over reacting ... and yes, I can understand why you are. 

To be honest, I think you are probably right about the "who started it" questions ... but if you take a deep breath does "who started it" matter?  It takes two to slide into a personal level in this forum even if it only takes one to start it.  Heavens above I know how difficult it is to just turn the other cheek, but sometimes maybe we just need to not let such things provoke a response in kind.

TheSpirit was clearly posting from ignorance where you, keeping up with the forum, were aware that I had posted previously (more than once) about the NoScript add-on for Firefox.  You were also quite right in my assessment that this is feature that I have described elsewhere as a non-starter, going nowhere offering for the average user of Firefox. The average user is not going to deal with the hassle of training an add-on and the ongoing forever pain of responding to every new site they visit on the Web.  Anyone who thinks this is a winner does not work with ordinary users day in day out. 

Let me also say that I give great credit for the work the NoScript developers are doing ... I hope that (though I cannot easily see how) they could make this something along the lines of the very successful AdBlock Plus add-on with a pretty much (I know I am a pain about this - but it is vital to the success of security - and why products like avast succeed) "set it and forget it" approach. 

Finally to return to the main thrust of your last post ... I was not trying in my "oil on troubled waters" post to compare your responses with those TheSpirit in this particular thread.  I was suggesting that you both bring value to this forum.  TheSpirit is newer here ... I hope that he will also get used to the forums and be better able to deal with the interplay. 

At last, I did not suggest that either of you apologize ... I did suggest that if you continued down this avoidable path you might end up needing to do so.  I hope that things will work out so you do not.

Hard_ROCKER

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #19 on: December 21, 2008, 11:18:48 AM »
alanrf, i've clearly stated in my post about NoScript that what i said is only my personal opinion, now why he had to take things on a personal level and "diss" my opinion is beyond me. Like i said this is not the first time he did that(not to me to others) and i am sorry but if someone disrespects me like that you can't expect me to stay quiet. Enough said about this, i won't discuss it anymore as it's pointless ...

Back on topic ... Yes i too have great respect for mr. Maone and the work he puts into NoScript but like i said i don't believe that this extension is usable for the average user however after doing a bit of research i've changed my mind. Like i mentioned in one of my posts, NoScript does offer some additional protection(XSS and ClickJacking) even if you allow all scripts globally so perhaps it's still a good idea to install it, set it to allow scripts globally(if you're like me and are annoyed by that) and i believe i will do just that. It's been a long long time since i've had it installed(when Polonus first introduced it to us yrs ago) and i see the tool has been greatly improved since then so i think it's time again i play with it and try to find out a bit more about it.
« Last Edit: December 21, 2008, 11:38:24 AM by darth_mikey »

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: In 2009 Firefox will have its internal firewall module!
« Reply #20 on: December 21, 2008, 02:57:33 PM »
Hi darth_mikey, alanrf and The Spirit,

Let us shove emotions aside and let us look at the facts as they are presented to us. Browser security can be adopted in two ways by settings and automatically so using specific knowledge about what threats there are around the corner, when you use this insecure tool by default on the Internet.
The developers of these tools have been making tools with a lot of features, but security came into the bargain at a very late onset, so to say. Concluding the contents of this thread and listening to and knowing the lines of his contemplation, I think this is the line in which darth-mikey would operate to establish browser security. That is the model that suits him best.
On the other hand this is not the model that can be used for the average user. They lack the insight to take security measures on the OS level into their own hands (limited rights, checks for what is allowed to run (ActiveX, BHO's, toolbars, handling of messages etc. etc.) and here the use of NoScript and/or Abe can be helpful, where in the old days we had things like Privoxy and other external filtering systems, limiting of insecure redirects etc. can enhance security. This is another model alltogether and if that could be achieved on the fly and in the background like for instance an extention like Firekeeper does it, it could help a lot of users. It is a pity I tell this only for a fraction of the general user community, because the larger part of them are not aware and have the opinion a browser is only for fun and security should be provided by others. I think therefore as you listen here carefully to what is being told, there really aren't that many conflicts only the methods to achieve this secure situation may differ, but they can also enhance each other,

polonus
« Last Edit: December 21, 2008, 03:23:54 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: In 2009 Firefox will have its internal firewall module!
« Reply #21 on: December 21, 2008, 04:01:39 PM »
@alanrf

these numbers (likely estimated by defect) come from the analysis of the update pings to Mozilla's update service (which is performed only by active non-disabled add-ons) and of the web server logs for the "thanks for updating" release note page on noscript.net,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Go Pack Go

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #22 on: December 21, 2008, 04:39:50 PM »
Quote
For the most popular web applications there will be rules available that can be installed automatically.

This feature will be the big plus that could lead to mass adoption.

If NoScript had a blacklist/whitelist I would use it.  It is too many decisions for the average user.

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33633
  • malware fighter
Re: In 2009 Firefox will have its internal firewall module!
« Reply #23 on: December 21, 2008, 05:26:34 PM »
Go Pack Go,

My policy with NoScript actually is deadly simple, I block all with default settings, yes all, and only temporarily allow where I am in need of some functionality to run, in practice that is when I use web applications like webmail or a known page asks to run javascript, and for video etc. A double click on the NoScript logo is just fine. Anyone can do this, it is just the nuisance of the extra click if that is holding one back. On the other hand I do not know now how many times NoScript must have saved me, and actually NoScript has a blacklist/whitelist for what you permanently allow/disallow..

polonus
« Last Edit: December 21, 2008, 05:31:00 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86674
  • No support PMs thanks
Re: In 2009 Firefox will have its internal firewall module!
« Reply #24 on: December 21, 2008, 06:50:45 PM »
I too have it set to block all and for the most part that is fine and I only ever have to interact an either temporarily allow or allow a site (one I will regularly visit) if it doesn't display properly, e.g. uses javascript.

So for me it isn't so much of a hassle, however, besides the whitelisting (remainder blacklisted by default) there is a means of 'importing' and exporting a whitelist, which could make that a little less onerous, if you already have a list of domains you trust.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline alanrf

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 3866
  • Just an avast user
Re: In 2009 Firefox will have its internal firewall module!
« Reply #25 on: December 21, 2008, 07:57:36 PM »
polonus.

Quote
these numbers (likely estimated by defect) come from the analysis of the update pings to Mozilla's update service

Thanks for the update.  I picked this up too from one of the NoScript threads in the Mozillazine forum.  Pretty obvious really, it should have occurred to me before.

Go Pack Go

  • Guest
Re: In 2009 Firefox will have its internal firewall module!
« Reply #26 on: December 21, 2008, 08:32:05 PM »
Go Pack Go,

My policy with NoScript actually is deadly simple, I block all with default settings, yes all, and only temporarily allow where I am in need of some functionality to run, in practice that is when I use web applications like webmail or a known page asks to run javascript, and for video etc. A double click on the NoScript logo is just fine. Anyone can do this, it is just the nuisance of the extra click if that is holding one back. On the other hand I do not know now how many times NoScript must have saved me, and actually NoScript has a blacklist/whitelist for what you permanently allow/disallow..

polonus

Yeah, if I remember correctly, if you allow a page, it has to reload the webpage doesn't it?  On dialup it is a real pain in the @$$.

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 86674
  • No support PMs thanks
Re: In 2009 Firefox will have its internal firewall module!
« Reply #27 on: December 21, 2008, 09:02:00 PM »
I'm on dial-up, I haven't found that too much of a pain in the rear, I guess my patience threshold is fairly high ;D ;D

If you have a whitelist in some other software, perhaps you could export that, edit those not applicable to the functionality NoScript is looking after and import that list.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 22.5.6015 (build 22.5.7263.730) UI 1.0.711/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security