Page 1 of 1

Marketing NoScript

Posted: Thu May 09, 2013 11:27 pm
by Thrawn
NoScript is consistently in the top 10 most popular addons on AMO, which gets it a lot of exposure. However, I think that a lot of people look past it, because they either don't know anything about JavaScript (and would only check it out if they're curious), or they do know about JavaScript, they think "Nah, turning off JavaScript breaks everything," and they move on.

In addition, NoScript has become much more than just a JavaScript blocker, but someone looking at the top 10 on AMO doesn't see this.

I myself, years ago, when I was first discovering the power of Firefox addons, heard about NoScript and assumed that it would be something like QuickJava, letting you easily switch JavaScript on and off, so I wasn't really interested. The reality is of course very different. It was only later, when I tried NoScript out, that I realised how advanced and flexible it actually is, and how much it actually protects you from.

Maybe NoScript's name could be extended to something that better describes it, like 'NoScript Security Suite', or 'NoScript Threat Blocker', or 'NoScript Site Permission Manager'. Something that would give people, at first glance, a better idea of what it is for, and also suggest that it is more than just switching off JavaScript, if they even know what that means.

What does everyone else (particularly Giorgio, of course) think?

Re: Marketing NoScript

Posted: Fri May 10, 2013 1:29 am
by GµårÐïåñ
I don't know, I think if they read the description and took a second to look at the NoScript webpage, then they would know exactly what it does.

This is blurb just under its name:
The best security you can get in a web browser!
Allow active content to run only from sites you trust, and protect yourself against XSS and Clickjacking attacks.
*emphasis mine

This is just in the box below the screenshots:
About this Add-on
Winner of the "2006 PC World World Class Award", this tool provides extra protection to your Firefox.
It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, guarding your "trust boundaries" against cross-site scripting attacks (XSS), cross-zone DNS rebinding / CSRF attacks (router hacking), and Clickjacking attempts, thanks to its unique ClearClick technology. It also implements the DoNotTrack tracking opt-out proposal by default, see http://snipurl.com/nsdntrack .
Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality...
Experts do agree: Firefox is really safer with NoScript ;-)
*emphasis mine

Its enough to get any serious and intelligent person take a closer look, and in the case they don't know or care, they wouldn't benefit from it anyway, they wouldn't have the proactive dedication. Just saying.

Re: Marketing NoScript

Posted: Fri May 10, 2013 3:45 am
by Thrawn
I agree, people shouldn't need hand-holding.

But both of those helpful descriptions only appear if someone clicks through to the NoScript addon page. The front page of AMO has approximately 25 links to specific addon pages, not counting themes, collections, categories, or the search box. Unless people can see a specific reason to open NoScript's page, it will probably get lost in the noise.

I think NoScript could get more attention if people could immediately get an idea of what it does, just by seeing it in the top 10 list. It deserves to be higher than #6!

Re: Marketing NoScript

Posted: Fri May 10, 2013 11:54 am
by therube
First thought was that NoScript is a "tech" product.
And it will work for those that already know what it is & does, so no sense preaching to them.
And it will not work for those that are clueless because it will break the web for them.
And then you have the paranoids. Not sure what to say about them ;-).

Thinking again, if it were marketed as a "security" product, security for your browser, that would give it more appeal. A person does not need to know or care what "script" is, but they do know they need "protection" & NoScript being a "security" product, provides protection.

Likewise, damn, I'm tired of see all those advertisements! So I seek out something to block ads, ah Adblock, wow, thanks :-).

With an ad blocker, an ad, generally unwanted, is either there or not.
A person can see the change that has taken place.

With NoScript, things are not as clear cut. So that makes it more difficult to "sell". Oh, I'm more secure, but it's kind of like I don't know it, because there is no outward sign that anything is happening - other then "knowing" that I am safer.

And then there is the other aspect, that blockers, well, block. Content is blocked & for better or worse, some will not want that. And with blocking, there are needs to also unblock (Allow) & that is not going to be clear or straight forward for many.

Even with SeaMonkey, many (enough) run into problems because typically Norton A/V incorrectly flags parts of the SeaMonkey install as malware, breaking SeaMonkey. Eventually they correct the false positive, but it is not timely & on every release the reports come out.

Now I image that Norton has an "ignore" mechanism, but "people" do not know of such things. They only know that SeaMonkey does not work properly. Oh, if Norton flagged it, it must be bad.

Re: Marketing NoScript

Posted: Fri May 10, 2013 4:58 pm
by GµårÐïåñ
It WAS number 1 and then some "things" happened and it dropped a bit, but that's history now.

Re: Marketing NoScript

Posted: Fri May 10, 2013 8:02 pm
by Giorgio Maone
Thrawn wrote:Maybe NoScript's name could be extended to something that better describes it, like 'NoScript Security Suite'
I like this one. Let's try it for a bit, thank you :)

Re: Marketing NoScript

Posted: Thu Aug 29, 2013 1:01 am
by Thrawn
Well, it might be unrelated, but NoScript Security Suite has moved up from #6 to #4.

Woot!