Author Topic: You can lead a horse to the water, but you cannot make it use NoScript..  (Read 57237 times)

0 Members and 1 Guest are viewing this topic.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
I could learn the rest since my IQ is over 160 but I don't feel the need to bother with it.

OMG, what has your IQ to do with anything...!!?? ::)
If your IQ should be really this high, please use it and leave this thread alone, as you already made your point here, what is absolutely ok, imo. Everyone can put his/her opinion here, but throwing IQ into the ring doesn't prove anything...! ;)
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Dch48

  • Guest
I could learn the rest since my IQ is over 160 but I don't feel the need to bother with it.

OMG, what has your IQ to do with anything...!!?? ::)
If your IQ should be really this high, please use it and leave this thread alone, as you already made your point here, what is absolutely ok, imo. Everyone can put his/her opinion here, but throwing IQ into the ring doesn't prove anything...! ;)
asyn

It was just a response to the uncalled for insult that was thrown at me.

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
The intriguing thing is that I do not have Java on my system at all, and I notice no loss of functionality
You would if you went to a site that requires the java runtime. Sites like Yahoo games where my ladyfriend here spends most of her time  ;D. (and never gets infected btw).

Guys,
Java is a completly differnt thing than JavaScript...!!!
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
It was just a response to the uncalled for insult that was thrown at me.

Well, ok. Nevertheless that's no way of arguing, imo.. ;)
Better you solve that via PM, next time...
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Gargamel360

  • Guest
Just one question. How would I know if was making me any more secure if all it wanted to block were things that were perfectly safe? That was my experience in a year of using the HIPS component of Comodo. It never actually found anything that was malicious but just wanted to alert me to actions (necessary actions) being taken by safe applications. It just got too tiresome to bother with (especially when anything needed to be updated like World of Warcraft which I am addicted to  ;D) and No Script sounds like more of the same to me. Things like it and HIPS would be fine if they had an extensive whitelist that was kept up to date but unfortunately that doesn't seem to be the case. I guess I'm just a fan of the default-allow approach to security.

NoScript is only for the browser, does not cover system like HIPS.  
You are correct that it is default deny, but that can be changed without sacrificing all of its protective features.  I have discovered precious few scripts on each website need to be running to make it functional.  

The only time I notice I even have it installed anymore is when I visit sites that I don't frequent, and that is exactly when you want its protection.  The main reason I use this add-on is drive-by download rouges, which all AV's seem near helpless against.  
2 months pre-NoScript: 2 rouge AV attacks
2 months w/NoScript: 0

Now, that could be just random chance, but if anything I surf more high risk now, with NoScript, than I did before without it.
« Last Edit: June 27, 2010, 08:48:53 PM by Gargamel360 »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
2 months pre-NoScript: 2 rouge AV attacks
2 months w/NoScript: 0

Exactly..!
We would see much less traffic in 'viruses and worms' if NoScript would be used...
Nowadays, the Rogues are mushrooming...
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48646
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
I only get the benefit of NoScript during the few times I use Firefox.
Most of the time, I'm using Google's Chrome.
Maybe if FF had the speed of Chrome, I might be persuaded to use it more often.
Currently, Chrome does the job better than FF hence, NoScript isn't used very often.
For the skeptic, I'm reasonable sure that the rest of my security and browsing habits are keeping me out of trouble.  :)
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v24H2 64bit, 32 Gig Ram, 1TB SSD, Avast Free 24.4.6112, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33929
  • malware fighter
Hi bob3160,

Radical script blocking options-non-versatile like NS webcop plug-in
Tools menu (Wrench) ...
Options > Under the Bonnet > Content settings
There is a tab for JavaScript where you can either allow or disallow JS to run, it also allows you to provide exceptions to your choice ...
Under content settings you can also configure Cookies, Images, Plug-Ins and Pop-ups ...
Blocking script can also be done with bookmarklets, but that is after the fact, so after the malcode has run..

I want to come back to the main point of what this discussion was on about from point one, the total protection that a browser can get by using NoScript extension, and the discussion is not what browser, but rather why it was not brought into IE9, GoogleChrome or any other browsers than the Mozilla type. We all have arrived at the fact that blocking malicious ActiveX scripts, having endless Tuesday patch rounds to patch browser bugs etc. is not the same protection after the fact as providing a possibility to be pre-protected with just one plug-in/extension/add-on against all browser-related malcode!

Yes bob, Dch48, that try to talk the urgency of having it in all browsers away because it interferes with their fun/speed/use whatever argument can you throw at it to ignore it, you cannot ignore these plain and simple facts.

It would be a lot calmer at the virus and worms section here, the lists in Norton Safe Web of malicious and suspicious websites would be less urgent, because one could go there with a browser with NS installed and active and still not get a drive-by-download or adware or spyware or being unwantingly redirected and tracked, yes you even can have bogus adcode that takes the place of the real adcode there with NoScript, it blocks XSS attemps, hidden inline scripts, one could read about these threats on unmasked parasites, the webmaster must have forgotten to cleanse it off of his site, still no worry whatsoever, NS inside the browser. That is fun browsing for me, because the malsite probability is not always at the back of my head!

.... How can you talk such a solution down?.....

I know why MS and Google won't give support for full NS, because it may avert their ad-tracking business schemes,
and advertisers and people to cash in on your browsing habits will not be applauding when NS is brought in, but I cannot surf without it, so I keep it close at hand. GoogleChrome speed, separate tab processes, won't crash, but insecure without NS, IE8 and 9, speed, starts up and deeply embedded in the operational system, more secure as IE6 was, but less secure because of the lack of full script blocking features. They all come in so many flavors but again without your friendly webcop, NoScript,

polonus
« Last Edit: June 28, 2010, 03:14:27 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Hard_ROCKER

  • Guest
How can you call NS friendly when all it does is annoy the bejesus out of me and makes my life miserable when browsing the web ? Just like those annoying HIPS programs. Like i or the majority of pc users understand the web code it blocks. We don't and even if we were to understand the jibberish that is JS, Flash, PHP, ASP etc. etc., we would still need time to analyse the code and what it actually does and trust me most of us don't have the time. Life is fast going these days and the majority just don't have the time or the will to learn coding or to analyse code. It's boring and time consuming and quite frankly we would rather do something more usefull with our lives.

If you are retired or unemployed or whatever and have all the time in the world to analyse web code and enjoy doing so then go right ahead and do so but don't expect us to be the same. I personally would rather watch paint dry than constantly analyse web code. And i hate how you make it out in all your posts about NS like we are some sort of idiots for not using NS. We certainly aren't, we just have a different view on things and don't enjoy being bombarded with all sorts of questions/pop-ups. And even if we do get infected , so what ? We have all these security programs installed that should be able to get rid of those infections(like AVAST)  and in worst case scenario even if we cannot get rid of them, we still have our backup programs which in my opinion are worth a whole lot more than some stupid NS. Not to mention not everybody uses FF. I personally hate the bloatness and slowness of FF and i will never ever use it.

You know Damian my friend, computers were invented to make our lives EASIER and certainly not more ANNOYING. This is something that i sometimes feel you don't really understand.

Gargamel360

  • Guest
I use NoScript.
And trust me when I say, I am about as far from being able to read code as anyone you would meet, on or off-line.
I don't need to understand the code it blocks, I just allow the bare minimum to get a sites features working. (1-3 scripts, typically)
It was obtrusive at first, but now I only interact with it a couple times per day, on average.  
(Being currently unemployed, "a day" meaning ~12 hours online)

Can't argue with the backup statement, though.  That should always be #1 priority, imo.  

3 out of 4 PC/human relationships do not make the persons life easier, from what I have seen.
But that is not the computers fault. :)

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33929
  • malware fighter
Hi m2,

If we would take the analogy a tiny bit further and I did not propagate the use of NS inside a browser but a safety belt in a car. And you, m2, came here and said well I want to go onto the road in a car without safety belts, because this makes my life miserable ..life is fast going these days and the majority don't have the time and the will to learn to use a safety belt, it is boring and time consuming and quite frankly, ....etc.
I don't know really but everybody would say the man that want to take the ride without a safety belt has the wrong arguments and moreover he will be fined (in our case will get malware onto his computer), and I can think of a whole lot  of other similar situations where we can make similar analogies - sex and precautionary measures (well back up mechanisms won't do you much good there) etc. etc., so I understand more than you think I do,

polonus
« Last Edit: June 29, 2010, 12:12:48 AM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Dch48

  • Guest
M2 has hit on my main resistance to using NS which is that I would have to use a browser that I don't care for-FF. Aside from the HIPS like annoyances NS would cause and which I would not enjoy, I just don't like FF at all in the first place.

Gargamel360

  • Guest
Try SeaMonkey? ;)


Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
...and in worst case scenario even if we cannot get rid of them, we still have our backup programs which in my opinion are worth a whole lot more than some stupid NS.

Most threats have no intention to crash your system. They want to hide in your system. So they can spy on you (Bankdata, CCinfos, etc.), integrate you machine in a botnet or else. So, sure a backup is a good way to go, but only if you notice the infection at first..! I guess you don't restore your system every couple of days... As in medicine, preventing is always better than curing, imo...!!
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76032
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
1. M2 has hit on my main resistance to using NS which is that I would have to use a browser that I don't care for-FF.
2. Aside from the HIPS like annoyances NS would cause and which I would not enjoy, I just don't like FF at all in the first place.

1. Well, it sure is up to you, what to use. Nevertheless, we still can (and also should) advice the use of NoScript to all the users, who run Firefox...!! ;)
2. There's no annoyance, at all. Set it up, run it. Allow the pages you trust, all others get blocked without nagging. Most scripts on the sites out there are only for statistics, tracking or adds...! So why run them..??
asyn
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0