Page 9 of 11

Re: NoScript Sightings

Posted: Tue Aug 06, 2013 10:35 am
by Thrawn
dhouwn wrote:Somewhere where NoScript should have been mentioned IMHO but wasn't: https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html

Actually it kind of was:
Consider disabling JavaScript (click the blue "S" beside the green onion, and select "Forbid Scripts Globally").

Re: NoScript Sightings

Posted: Wed Aug 07, 2013 12:01 am
by Thrawn

Re: NoScript Sightings

Posted: Wed Aug 07, 2013 10:44 am
by Giorgio Maone
Thrawn wrote:
dhouwn wrote:Somewhere where NoScript should have been mentioned IMHO but wasn't: https://lists.torproject.org/pipermail/tor-announce/2013-August/000089.html

Actually it kind of was:
Consider disabling JavaScript (click the blue "S" beside the green onion, and select "Forbid Scripts Globally").

Indeed, NoScript is bundled with TOR Browser.

Re: NoScript Sightings

Posted: Tue Mar 18, 2014 9:41 pm
by dhouwn
I believe in the past Noscript also used in the official Ubuntu (or was it Debian?) repository, now I came across it in the Arch repo with a rather frugal description:
https://www.archlinux.org/packages/community/any/firefox-noscript/ wrote:plugin for firefox which disables script

But hey it's recent, unlike when it was in the other repository.

/edit:
Still (or again) in Debian: https://packages.debian.org/search?keywords=xul-ext-noscript
And here when it was is Ubuntu Hardy Heron: https://launchpad.net/ubuntu/hardy/+package/mozilla-noscript (deletion log: https://launchpad.net/ubuntu/lucid/i386/mozilla-noscript and explanation: https://lists.ubuntu.com/archives/ubuntu-motu/2010-April/006682.html: "The issue with it though is that it releases too frequently." Heh)

Re: NoScript Sightings

Posted: Fri May 16, 2014 3:46 am
by barbaz
NoScript recommended to prevent ABP and its forks leaking information about installed subscriptions to websites: https://bitbucket.org/adstomper/adblockedge/issue/109/abe-leaks-list-of-subscriptions#comment-10086283

Re: NoScript Sightings

Posted: Fri Jun 13, 2014 5:45 pm
by GµårÐïåñ
Block JavaScript in Google Chrome. NoScript’s features in Chrome!
http://techie-buzz.com/browsers/disable-javascript-images-cookies-in-google-chrome.html

Re: NoScript Sightings

Posted: Sun Jun 15, 2014 8:20 pm
by Thrawn
I think the author was one of the many people who don't seem to realise the full extent of NoScript's features, though...even the script-blocking in Chrome is not so fine-grained. Not enough to convert me to Chromium at this point.

Re: NoScript Sightings

Posted: Tue Jun 17, 2014 1:38 am
by GµårÐïåñ
I know but it was a NS sighting so I posted it :)

Re: NoScript Sightings

Posted: Sat Jun 28, 2014 1:24 am
by therube
A look at a double-dipping advertising network | Malwarebytes Unpacked

"To protect against this type of threats you may wish to disable Flash or use NoScript"

http://blog.malwarebytes.org/malvertisi ... g-network/

Re: NoScript Sightings

Posted: Sun Sep 21, 2014 4:29 pm
by nimd4
Opera add-ons, "NotScripts" @

Code: Select all

https://addons.opera.com/en/extensions/details/notscripts/

.. What is wrong w/these ppl?! :-0

Edit:
Is there a way to STOP them; some way to disallow and/or pursue them, into ceasing w/their lies and deception(s)?!??

Re: NoScript Sightings

Posted: Mon Sep 22, 2014 3:23 am
by Thrawn
If your concern is about the claim of "NoScript like javascript blocking", then it's hard to say. NoScript is trademarked, but they're not claiming that NotScripts *is* NoScript. And it's possible that the script-blocking interface is more-or-less like NoScript - it just (almost certainly) wouldn't be as reliable, battle-hardened, etc. And JavaScript-blocking is only one of the features of NoScript Security Suite.

So maybe, but to date, Giorgio hasn't felt the need to sue anybody over this.

Re: NoScript Sightings

Posted: Thu Nov 27, 2014 10:12 pm
by barbaz

Re: NoScript Sightings

Posted: Tue Apr 07, 2015 2:54 am
by therube
Security Flaw Leaks VPN Users’ Real IP-Addresses

VPN users are facing a massive security flaw as websites can easily see their home IP-addresses through WebRTC. The vulnerability is limited to supporting browsers such as Firefox and Chrome, and appears to affect Windows users only. Luckily the security hole is relatively easy to fix.

...

The vulnerability affects WebRTC-supporting browsers including Firefox and Chrome and appears to be limited to Windows machines.

...

Firefox users should be able to block the request with the NoScript addon. Alternatively, they can type “about:config” in the address bar and set the “media.peerconnection.enabled” setting to false.

Re: NoScript Sightings

Posted: Tue Apr 07, 2015 5:31 am
by Thrawn

Technically this is a privacy flaw, not security, yes?

"The NoScript Misnomer – Why should I trust vjs.zendcdn.net?

Posted: Mon Jun 29, 2015 3:29 am
by Hobart
Already noted by giancarlos in this post.

Article: The NoScript Misnomer – Why should I trust vjs.zendcdn.net?
Hacker News discussion: The NoScript Misnomer

Looks like "zenDcdn" was put into the default white-list instead of "zencdn", and the author grabbed the domain.
Author says he's talked with Giorgio about the issue. This does count as a "sighting", I think? :)