Feature request: "Self-destructing" temporary permissions

Ask for help about NoScript, no registration needed to post
Guest

Feature request: "Self-destructing" temporary permissions

Post by Guest » Sat Dec 28, 2013 11:46 pm

The Self-Destructing Cookies extension can delete cookies when the tab using them is closed.
I'd like to see a similar feature in NoScript: Automatically expire those temporary permissions that aren't used by any open tabs, maybe after a configurable grace period ...
Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Feature request: "Self-destructing" temporary permission

Post by Thrawn » Wed Jan 01, 2014 11:37 pm

In some ways, that's a nice idea. I'm sure a lot of people would like to use it.

However, from a security standpoint, it is not really all that helpful. Either a site is going to attack you immediately, and revoking later won't help, or it's safe, and revoking isn't needed.

From a privacy perspective, it makes sense to destroy things immediately after you're finished using them. But from a security perspective, it doesn't. All it will achieve is a false sense of security.

And Self-Destructing Cookies works by polling the cookie jar constantly, checking whether there are open tabs associated with cookies. NoScript would have to do this for your whole whitelist, imposing a performance hit (especially for big whitelists), without really giving you any more security.

So I like this idea, but if it came to a vote, I would vote against it.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:26.0) Gecko/20100101 Firefox/26.0

Guest

Re: Feature request: "Self-destructing" temporary permission

Post by Guest » Sun Jan 05, 2014 12:27 am

Thrawn wrote:In some ways, that's a nice idea. I'm sure a lot of people would like to use it.

However, from a security standpoint, it is not really all that helpful. Either a site is going to attack you immediately, and revoking later won't help, or it's safe, and revoking isn't needed.

From a privacy perspective, it makes sense to destroy things immediately after you're finished using them. But from a security perspective, it doesn't. All it will achieve is a false sense of security.

And Self-Destructing Cookies works by polling the cookie jar constantly, checking whether there are open tabs associated with cookies. NoScript would have to do this for your whole whitelist, imposing a performance hit (especially for big whitelists), without really giving you any more security.

So I like this idea, but if it came to a vote, I would vote against it.


Yes, I was thinking mainly from the privacy and less from the security perspective - and cannot remember my temporary whitelist having more than a dozen entries ...
Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Feature request: "Self-destructing" temporary permission

Post by Thrawn » Tue Dec 09, 2014 11:23 pm

You know, I've reconsidered; I actually think that this would be helpful when investigating which scripts are needed vs junk. But there might still be problems regarding a false sense of security. And it would likely be a good-sized chunk of work for Giorgio, who is already very busy.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:34.0) Gecko/20100101 Firefox/34.0

barbaz
Senior Member
Posts: 9688
Joined: Sat Aug 03, 2013 5:45 pm

Re: Feature request: "Self-destructing" temporary permission

Post by barbaz » Tue Dec 09, 2014 11:49 pm

Thrawn wrote:I actually think that this would be helpful when investigating which scripts are needed vs junk.

How so?

Thrawn wrote:But there might still be problems regarding a false sense of security.

What problems? I don't see how this feature would give me a false sense of security. You allow a site once, that's generally all the chance it needs to do malicious things to you if it's going to, and revoking the permission later won't make any difference.
More like, if the configurable grace period is implemented, this feature would be a convenience for long browser sessions when I may forget what all I've Temp-Allowed and I didn't think to check the Revoke Temporary Permissions tooltip. If temporary permissions for objects are revoked as part of this, it could also help mitigate the need for this RFE. So to me, it would have a good use that is neither security nor privacy related.

+1 from me if it has that configurable grace period (otherwise I wouldn't use this feature at all), but this feature is not super important IMO.
*Always* check the changelogs BEFORE updating that important software!
Opera/9.80 (X11; Linux x86_64) Presto/2.12.388 Version/12.16

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: Feature request: "Self-destructing" temporary permission

Post by Thrawn » Wed Dec 10, 2014 7:58 pm

barbaz wrote:
Thrawn wrote:I actually think that this would be helpful when investigating which scripts are needed vs junk.

How so?

No need to revoke temporary permissions - possibly wiping out temporary permissions on other sites - once you're done.

Besides the convenience, there is also the fact that the sooner you wipe temporary permissions, the sooner you shrink your attack surface for trusted sites to be compromised. NS is pretty effective at stopping such attacks anyway, but the fact remains.

Thrawn wrote:But there might still be problems regarding a false sense of security.

What problems? I don't see how this feature would give me a false sense of security. You allow a site once, that's generally all the chance it needs to do malicious things to you if it's going to, and revoking the permission later won't make any difference.

Yes, you understand that, and so it's not a problem for you - but what about Joe User?

More like, if the configurable grace period is implemented, this feature would be a convenience for long browser sessions when I may forget what all I've Temp-Allowed and I didn't think to check the Revoke Temporary Permissions tooltip.

It might also have some application for people who want to allow things per-tab; it won't quite do that, but it would come close if you visit sites sequentially.
+1 from me if it has that configurable grace period (otherwise I wouldn't use this feature at all), but this feature is not super important IMO.

No, it certainly isn't.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:34.0) Gecko/20100101 Firefox/34.0

barbaz
Senior Member
Posts: 9688
Joined: Sat Aug 03, 2013 5:45 pm

Re: Feature request: "Self-destructing" temporary permission

Post by barbaz » Wed Dec 10, 2014 11:33 pm

Thrawn wrote:Besides the convenience, there is also the fact that the sooner you wipe temporary permissions, the sooner you shrink your attack surface for trusted sites to be compromised. NS is pretty effective at stopping such attacks anyway, but the fact remains.

Interesting, I didn't think of it that way. That would be nice.
Still not hugely important though.

Thrawn wrote:
Thrawn wrote:But there might still be problems regarding a false sense of security.

What problems? I don't see how this feature would give me a false sense of security. You allow a site once, that's generally all the chance it needs to do malicious things to you if it's going to, and revoking the permission later won't make any difference.

Yes, you understand that, and so it's not a problem for you - but what about Joe User?

Well, I can't speak for Joe User generally, but one of the least techie people I know seems inclined to think that on the Internet, allowing something even once is REALLY scary because it just might attack right then and there...
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (X11; FreeBSD amd64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/30.0.1599.17 Safari/537.36

fatboy
Senior Member
Posts: 59
Joined: Fri Jul 25, 2014 6:56 am
Contact:

Re: Feature request: "Self-destructing" temporary permission

Post by fatboy » Thu Oct 08, 2015 2:05 pm

There are initialization for toolbarbutton (CB), abolishing the temporary permissions when changing or closing active tab.
The switch is only separately: CB_Disable_Initialization or Disable/Enable Button.
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0 SeaMonkey/2.21

barbaz
Senior Member
Posts: 9688
Joined: Sat Aug 03, 2013 5:45 pm

Re: Feature request: "Self-destructing" temporary permission

Post by barbaz » Sun Feb 14, 2016 9:46 pm

User Riar has suggested that marking any sites that had auto-revoked temporary permissions would help eliminate some of the potential for false sense of security, in that users could know what was automatically revoked and they wouldn't be fooled by Unicode-lookalike domains, by being accustomed to Temporarily Allowing the same site(s) a lot. I think that is a good idea and should apply to this RFE if it is implemented.
That discussion (which is about auto-revoking temporary permissions after user-configured time period) is at viewtopic.php?f=8&t=21615
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply