NoScript Sightings

General discussion about the NoScript extension for Firefox
User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: NoScript Sightings

Post by Thrawn » Tue Aug 06, 2013 10:35 am

dhouwn wrote:Somewhere where NoScript should have been mentioned IMHO but wasn't: https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html

Actually it kind of was:
Consider disabling JavaScript (click the blue "S" beside the green onion, and select "Forbid Scripts Globally").
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:22.0) Gecko/20100101 Firefox/22.0

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: NoScript Sightings

Post by Thrawn » Wed Aug 07, 2013 12:01 am

======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:23.0) Gecko/20100101 Firefox/23.0

User avatar
Giorgio Maone
Site Admin
Posts: 8654
Joined: Wed Mar 18, 2009 11:22 pm
Location: Palermo - Italy
Contact:

Re: NoScript Sightings

Post by Giorgio Maone » Wed Aug 07, 2013 10:44 am

Thrawn wrote:
dhouwn wrote:Somewhere where NoScript should have been mentioned IMHO but wasn't: https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html

Actually it kind of was:
Consider disabling JavaScript (click the blue "S" beside the green onion, and select "Forbid Scripts Globally").

Indeed, NoScript is bundled with TOR Browser.
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:23.0) Gecko/20100101 Firefox/23.0

dhouwn
Bug Buster
Posts: 968
Joined: Thu Mar 19, 2009 12:51 pm

Re: NoScript Sightings

Post by dhouwn » Tue Mar 18, 2014 9:41 pm

I believe in the past Noscript also used in the official Ubuntu (or was it Debian?) repository, now I came across it in the Arch repo with a rather frugal description:
https://www.archlinux.org/packages/community/any/firefox-noscript/ wrote:plugin for firefox which disables script

But hey it's recent, unlike when it was in the other repository.

/edit:
Still (or again) in Debian: https://packages.debian.org/search?keywords=xul-ext-noscript
And here when it was is Ubuntu Hardy Heron: https://launchpad.net/ubuntu/hardy/+package/mozilla-noscript (deletion log: https://launchpad.net/ubuntu/lucid/i386/mozilla-noscript and explanation: https://lists.ubuntu.com/archives/ubuntu-motu/2010-April/006682.html: "The issue with it though is that it releases too frequently." Heh)
Mozilla/5.0 (Windows NT 6.3; WOW64; rv:28.0) Gecko/20100101 Firefox/28.0

barbaz
Senior Member
Posts: 8830
Joined: Sat Aug 03, 2013 5:45 pm

Re: NoScript Sightings

Post by barbaz » Fri May 16, 2014 3:46 am

NoScript recommended to prevent ABP and its forks leaking information about installed subscriptions to websites: https://bitbucket.org/adstomper/adblockedge/issue/109/abe-leaks-list-of-subscriptions#comment-10086283
*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26

User avatar
GµårÐïåñ
Lieutenant Colonel
Posts: 3325
Joined: Fri Mar 20, 2009 5:19 am
Location: PST - USA
Contact:

Re: NoScript Sightings

Post by GµårÐïåñ » Fri Jun 13, 2014 5:45 pm

Block JavaScript in Google Chrome. NoScript’s features in Chrome!
http://techie-buzz.com/browsers/disable-javascript-images-cookies-in-google-chrome.html
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
Opera/9.80 (Windows NT 6.1; U; en) Presto/2.9.181 Version/12.00

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: NoScript Sightings

Post by Thrawn » Sun Jun 15, 2014 8:20 pm

I think the author was one of the many people who don't seem to realise the full extent of NoScript's features, though...even the script-blocking in Chrome is not so fine-grained. Not enough to convert me to Chromium at this point.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:30.0) Gecko/20100101 Firefox/30.0

User avatar
GµårÐïåñ
Lieutenant Colonel
Posts: 3325
Joined: Fri Mar 20, 2009 5:19 am
Location: PST - USA
Contact:

Re: NoScript Sightings

Post by GµårÐïåñ » Tue Jun 17, 2014 1:38 am

I know but it was a NS sighting so I posted it :)
~.:[ Lï£ê ï§ å Lêmðñ åñÐ Ì Wåñ† M¥ Mðñê¥ ßå¢k ]:.~
________________ .: [ Major Mike's ] :. ________________
Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; en) Presto/2.9.168 Version/11.52

User avatar
therube
Ambassador
Posts: 7247
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: NoScript Sightings

Post by therube » Sat Jun 28, 2014 1:24 am

A look at a double-dipping advertising network | Malwarebytes Unpacked

"To protect against this type of threats you may wish to disable Flash or use NoScript"

http://blog.malwarebytes.org/malvertisi ... g-network/
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:29.0) Gecko/20100101 Firefox/29.0 SeaMonkey/2.26.1

User avatar
nimd4
Posts: 10
Joined: Tue Apr 14, 2009 9:03 am

Re: NoScript Sightings

Post by nimd4 » Sun Sep 21, 2014 4:29 pm

Opera add-ons, "NotScripts" @

Code: Select all

https://addons.opera.com/en/extensions/details/notscripts/

.. What is wrong w/these ppl?! :-0

Edit:
Is there a way to STOP them; some way to disallow and/or pursue them, into ceasing w/their lies and deception(s)?!??
Last edited by Thrawn on Mon Sep 22, 2014 3:20 am, edited 1 time in total.
Reason: Language
Z68A-G43 (G3) - i7-3770 - Vengeance 2x4GB 2133MHz - GTX 650 Gainward
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:32.0) Gecko/20100101 Firefox/32.0

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: NoScript Sightings

Post by Thrawn » Mon Sep 22, 2014 3:23 am

If your concern is about the claim of "NoScript like javascript blocking", then it's hard to say. NoScript is trademarked, but they're not claiming that NotScripts *is* NoScript. And it's possible that the script-blocking interface is more-or-less like NoScript - it just (almost certainly) wouldn't be as reliable, battle-hardened, etc. And JavaScript-blocking is only one of the features of NoScript Security Suite.

So maybe, but to date, Giorgio hasn't felt the need to sue anybody over this.
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:32.0) Gecko/20100101 Firefox/32.0

barbaz
Senior Member
Posts: 8830
Joined: Sat Aug 03, 2013 5:45 pm

Re: NoScript Sightings

Post by barbaz » Thu Nov 27, 2014 10:12 pm

*Always* check the changelogs BEFORE updating that important software!
Mozilla/5.0 (Windows NT 6.0; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0

User avatar
therube
Ambassador
Posts: 7247
Joined: Thu Mar 19, 2009 4:17 pm
Location: Maryland USA

Re: NoScript Sightings

Post by therube » Tue Apr 07, 2015 2:54 am

Security Flaw Leaks VPN Users’ Real IP-Addresses

VPN users are facing a massive security flaw as websites can easily see their home IP-addresses through WebRTC. The vulnerability is limited to supporting browsers such as Firefox and Chrome, and appears to affect Windows users only. Luckily the security hole is relatively easy to fix.

...

The vulnerability affects WebRTC-supporting browsers including Firefox and Chrome and appears to be limited to Windows machines.

...

Firefox users should be able to block the request with the NoScript addon. Alternatively, they can type “about:config” in the address bar and set the “media.peerconnection.enabled” setting to false.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.19) Gecko/20110420 SeaMonkey/2.0.14 Pinball NoScript FlashGot AdblockPlus
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:36.0) Gecko/20100101 Firefox/36.0 SeaMonkey/2.33.1

User avatar
Thrawn
Senior Member
Posts: 3106
Joined: Mon Jan 16, 2012 3:46 am
Location: Australia
Contact:

Re: NoScript Sightings

Post by Thrawn » Tue Apr 07, 2015 5:31 am


Technically this is a privacy flaw, not security, yes?
======
Thrawn
------------
Religion is not the opium of the masses. Daily life is the opium of the masses.

True religion, which dares to acknowledge death and challenge the way we live, is an attempt to wake up.
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:37.0) Gecko/20100101 Firefox/37.0

User avatar
Hobart
Posts: 2
Joined: Thu Jun 17, 2010 9:52 pm
Location: DENVER CO US
Contact:

"The NoScript Misnomer – Why should I trust vjs.zendcdn.net?

Post by Hobart » Mon Jun 29, 2015 3:29 am

Already noted by giancarlos in this post.

Article: The NoScript Misnomer – Why should I trust vjs.zendcdn.net?
Hacker News discussion: The NoScript Misnomer

Looks like "zenDcdn" was put into the default white-list instead of "zencdn", and the author grabbed the domain.
Author says he's talked with Giorgio about the issue. This does count as a "sighting", I think? :)
NoScript donor ;) Giorgio++
Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101 Firefox/38.0

Post Reply