I work for a computer helpdesk company that gives support to a lot of users in the states that don't quite know how to protect themselves on the internet and keep getting malware. I am trying to migrate people over to firefox and install adblock because its a simple way of blocking a lot of the stuff people click on but I was looking in more passive blocking programs like noscript.
My issue with no script is that it is a bit too aggressive for the common (i don't know how to right click or where my arrow keys are) user, I need something that someone can download, click a preferred whitelist that updates regularly of some of the more common sites (facebook, google, yahoo, msn, ebay...) and makes it so the user behind the scenes has no idea what is going on or is only prompted once in a while.
I totally understand that its against the scope of what the program is attempting to do but I think it would be a nice alternative to help people who could use the program but don't know anything about how the internet works.
Simple NoScript
Simple NoScript
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
Re: Simple NoScript
Hi Mur,
The use of NoScript in the default settings is not that difficult even for the n00b user. Just takes some time to adapt and a few extra mouse clicks now and then. The user have to be told what NoScript does (a tool to protect browser users against eventual suspicious and malicious script on a web page running to infect his computer). Best instruction is to keep NoScript active on the page and temporarily allow script on a page when the user needs to do that because of specific web page functionality he. she or it wants. I even would have the user use RequestPolicy add-on next to NoScript for total protection to allow only those requests temporarily for the main page roughly, for watching video on YouTube you have to allow "two to tango" with NoScript you temporarily allow both youtube.com and ytimg.com, else the video won't play. The user will have to get accustomed to these little issues, but later feel "security-naked" on the web without it in the browser, at least that is my feeling.
Keep up the good work, the more browser users that switch to using NS, the safer the Internet will become, because eventually many users will become aware of what it does under the browser hood,
luntrus
The use of NoScript in the default settings is not that difficult even for the n00b user. Just takes some time to adapt and a few extra mouse clicks now and then. The user have to be told what NoScript does (a tool to protect browser users against eventual suspicious and malicious script on a web page running to infect his computer). Best instruction is to keep NoScript active on the page and temporarily allow script on a page when the user needs to do that because of specific web page functionality he. she or it wants. I even would have the user use RequestPolicy add-on next to NoScript for total protection to allow only those requests temporarily for the main page roughly, for watching video on YouTube you have to allow "two to tango" with NoScript you temporarily allow both youtube.com and ytimg.com, else the video won't play. The user will have to get accustomed to these little issues, but later feel "security-naked" on the web without it in the browser, at least that is my feeling.
Keep up the good work, the more browser users that switch to using NS, the safer the Internet will become, because eventually many users will become aware of what it does under the browser hood,
luntrus
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.19) Gecko/2010062819 Firefox/3.0.19 Flock/2.6.1
Re: Simple NoScript
I understand that it might not be that hard to learn but I am dealing with people who don't understand anything about the internet, will just allow everything or block everything. They will never understand how to use this or wish to go this in depth.
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
Re: Simple NoScript
Hi Mur,
I can understand your dilemma. Most common users cannot work a computer and a browser as such, and they feel lost, because the reality differs greatly from what they were set out to believe, that is that they could use a computer out of the box, can use a browser safely with default settings, that going onto the Internet is just for fun and they are not aware of the fact that every 3.6 seconds a reputable trusted site can become hacked by exploits abused by cybercrime and co and infect their computer. They are not aware that they have to fully patch and update both their OS and all third party software and applications. Some think using a firewall and av is a "drag" and slow down the system that is about to become a malware ridden box anyway, only good to be used as a door stopper or before that like millions else their machine was owned by a bot herder to be used for malware spreading and spam launching purposes grand scale.
All that is quite understandable as you see how in a couple of decades the population has been dumbed down, I am over 60, but I envy those that are ten years the older of me, because their education was even much more solid than mine was, especially general education. Now people can be made to believe all things whether a mixture of true facts and myth go hand in hand, and as an individual they are lost completely to make up their own minds, and led by years and years of corporation and other propaganda make them react as they do.
I am at the avast user forum as "polonus" and did over 10.000 security related postings there. I know the reactions of newbies and victims as a certain site becomes flagged for malware, they immediately go into denial, then they will disable the avast shields to protect them from silent downloads etc., so the av solution does not alarm anymore, if persistent they want to change for another solution that detects less but is better according to their n00b insight, and what is also typical that if you post anything about windows problems and rightly start to criticize MS for the issues sketched above, mainly Americans react as being "wasp stung", some almost see it as an attack onto their nation. All the circumstances mentioned above will make it hard to convince the "sheeple" users of anything else than what they were led to believe, only we the security savvy and aware of the real position of website security on the Internet know better. It will be an immense task to convince users to realize differently,
luntrus
I can understand your dilemma. Most common users cannot work a computer and a browser as such, and they feel lost, because the reality differs greatly from what they were set out to believe, that is that they could use a computer out of the box, can use a browser safely with default settings, that going onto the Internet is just for fun and they are not aware of the fact that every 3.6 seconds a reputable trusted site can become hacked by exploits abused by cybercrime and co and infect their computer. They are not aware that they have to fully patch and update both their OS and all third party software and applications. Some think using a firewall and av is a "drag" and slow down the system that is about to become a malware ridden box anyway, only good to be used as a door stopper or before that like millions else their machine was owned by a bot herder to be used for malware spreading and spam launching purposes grand scale.
All that is quite understandable as you see how in a couple of decades the population has been dumbed down, I am over 60, but I envy those that are ten years the older of me, because their education was even much more solid than mine was, especially general education. Now people can be made to believe all things whether a mixture of true facts and myth go hand in hand, and as an individual they are lost completely to make up their own minds, and led by years and years of corporation and other propaganda make them react as they do.
I am at the avast user forum as "polonus" and did over 10.000 security related postings there. I know the reactions of newbies and victims as a certain site becomes flagged for malware, they immediately go into denial, then they will disable the avast shields to protect them from silent downloads etc., so the av solution does not alarm anymore, if persistent they want to change for another solution that detects less but is better according to their n00b insight, and what is also typical that if you post anything about windows problems and rightly start to criticize MS for the issues sketched above, mainly Americans react as being "wasp stung", some almost see it as an attack onto their nation. All the circumstances mentioned above will make it hard to convince the "sheeple" users of anything else than what they were led to believe, only we the security savvy and aware of the real position of website security on the Internet know better. It will be an immense task to convince users to realize differently,
luntrus
Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.19) Gecko/2010062819 Firefox/3.0.19 Flock/2.6.1