Option for safe financial services websites

Ask for help about NoScript, no registration needed to post
Plop

Option for safe financial services websites

Post by Plop » Tue Oct 27, 2020 8:13 am

Hey everyone,
I have been using NoScript for a while and am very pleased with it. However, I also take time supporting a number of people who are not so computer friendly and NoScript has sometimes proved challenging.
Allowing top-level websites by default solves most common issues. However, online payment remains a big stumbling block, as websites always need to call on third-party services, which are blocked by default. Allowing the ones you encounter makes it easier in the future but it remains a one-at-a-time approach which leads to a lot of pain and blocked connections along the way.
Since financial payment companies are official and registered businesses, it would seem fairly easy to establish a safe list of trusted services that can be allowed as an option. This seems like a rather safe option and it would go a long way in making online payments easier, without having to reload pages and needlessly re-enter payment details.
What do you all think?
Best,
Plop
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3835.0 Safari/537.36

barbaz
Senior Member
Posts: 9720
Joined: Sat Aug 03, 2013 5:45 pm

Re: Option for safe financial services websites

Post by barbaz » Tue Oct 27, 2020 11:17 am

Use "Disable restrictions for this tab".
*Always* check the changelogs BEFORE updating that important software!
-

Plop

Re: Option for safe financial services websites

Post by Plop » Wed Oct 28, 2020 8:30 am

Using "Disable restrictions for this tab" remains a one-time solution, so it won't help non-IT-friendly users for their next purchase. Not only that but it opens the door to other, unwanted connections so using this on commercial websites, which are full of trackers, defeats the purpose of NoScript.
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Safari/605.1.15

barbaz
Senior Member
Posts: 9720
Joined: Sat Aug 03, 2013 5:45 pm

Re: Option for safe financial services websites

Post by barbaz » Wed Oct 28, 2020 1:45 pm

Plop wrote:
Wed Oct 28, 2020 8:30 am
Using "Disable restrictions for this tab" remains a one-time solution, so it won't help non-IT-friendly users for their next purchase.
???
Do these users also have single-digit IQ? Clicking one button is not rocket science.
Plop wrote:
Wed Oct 28, 2020 8:30 am
using this on commercial websites, which are full of trackers, defeats the purpose of NoScript.
No it doesn't. NoScript is a security tool, not a privacy tool.

It sounds like your "non-IT-friendly users" would be better off with uBlock Origin. It can be used for both privacy and security protection, and unlike NoScript you can set it up to be mostly set-and-forget.
*Always* check the changelogs BEFORE updating that important software!
-

Plop

Re: Option for safe financial services websites

Post by Plop » Sat Nov 21, 2020 9:10 am

Thank you for your reply. I maintain that this proposed solution does not adequately meet the user-side requirement. I re-iterate that the proposed white list for financial services would be a very useful step (for a lot of people, actually, as the financial intermediaries are often only called upon at the end of a long proceed of filling in debit/credit card information that must be resumed from scratch when the page is reloaded).
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Safari/605.1.15

barbaz
Senior Member
Posts: 9720
Joined: Sat Aug 03, 2013 5:45 pm

Re: Option for safe financial services websites

Post by barbaz » Sat Nov 21, 2020 4:28 pm

Plop wrote:
Sat Nov 21, 2020 9:10 am
I maintain that this proposed solution does not adequately meet the user-side requirement.
How so?
What is the user-side requirement?
*Always* check the changelogs BEFORE updating that important software!
-

Plop

Re: Option for safe financial services websites

Post by Plop » Mon Nov 23, 2020 7:03 am

In our case, the user-side requirements is the ability to perform online purchases seamlessly, without ending up, after time spent filling a form, with a purchase button that does not work, only to realise that the seller's website is now calling a financial services platform which has to be manually approved and the information re-entered. This should be done without accepting any and all connections for the tab in question. Surely the use of this is understandable and a white list of trusted financial services platforms can be established rather easily.
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Safari/605.1.15

barbaz
Senior Member
Posts: 9720
Joined: Sat Aug 03, 2013 5:45 pm

Re: Option for safe financial services websites

Post by barbaz » Mon Nov 23, 2020 2:43 pm

Plop wrote:
Mon Nov 23, 2020 7:03 am
Surely the use of this is understandable and a white list of trusted financial services platforms can be established rather easily.
It's understandable, but is it so easy to establish such list?

Did you not know that "trusted financial services platform" is reason enough to set a site trusted by default? (see FAQ 1.5, ref. the explanations of Paypal and of securecode.com etc.)

I still say the best option is to use uBlock Origin, and if you need NoScript use "Disable restrictions for this tab" leaving uBlock Origin enabled and blocking unwanted connections. Though if you know any specific "safe financial services websites" that are not on NoScript's OOB trusted-list, feel free to request they be added :)
*Always* check the changelogs BEFORE updating that important software!
-

Post Reply