Mozilla dropping Tiger suport / implications for NoScript?

[kukla]

Very bad news this. I'm wondering if Tiger users will be still be able to count on NoScript when this happens. At least, this will mean some measure of security.

Will NoScript in future updated iterations remain compatible or does this doom Noscript as well? Hopefully....

http://arstechnica.com/apple/news/2010/ ... elease.ars

[Giorgio Maone]

Currently NoScript supports Firefox 1.5 and above.
Support for Firefox 2.0.x and below will be probably dropped in NoScript 2.x, but you will still be able to use previous NoScript versions.
Anyway, as far as I can tell, Tiger support will be dropped in Firefox 3.7, so even NoScript 2.x will support it for a long time (as long as it supports Firefox 3.6).

[kukla]

Hi Georgio, good to know NoScript will still be around for Tiger users when this happens. Thanks for all the good work. NoScript is really a must.

Would you care to offer an opinion about just how unsafe an unsupported Firefox will be? Will NoScript take up most of the slack and keep Firefox, even unsupported, more or less safe from exploits, including ones which might target the OS--now also unsupported by Apple.

Another way of asking this would be will it be safer to stick with Firefox, even unsupported, using NoScript, than to switch to a supported browser (Camino, Opera, Safari) without NoScript?

[Giorgio Maone]

would be will it be safer to stick with Firefox, even unsupported, using NoScript, than to switch to a supported browser (Camino, Opera, Safari) without NoScript?

It's really hard to answer: none of those browsers have XSS filters or Clickjacking protection, for instance, even though Opera can control script and plugin activation through the so-called "Site preferences". On the other hand, if an attacker manages to use a known exploit on a trusted site or trick you into allowing his evil site, you're fried.
However Mozilla is currently supporting Fx 3.0.x (which is two versions old), and won't probably drop this support until Fx 3.7 is out, so I'd say you've plenty of time to change your update your primary internet box to some more recent hardware.

[recovering OS X addict]

@kukla
Some extra thoughts. No offence intended to any company or individual
The advantage of Fx/NS is not only the unique passive protections that Giorgio lists in his reply, but also the *immediate* response that Giorgio makes to new vulnerabilities in Firefox. No other browser has this unique firewall-like support.
Many apps besides Firefox stop legacy support for OS X much sooner than for other systems.
If you value the unique firewall that NS gives a person on the web, either be prepared to upgrade (and pay) whether you need new bells and whistles for your mac or not, or ditch the controlling and aggressive marketing cycle of apple - who are really in the hardware muppet business, even though OS X is a wonderful flexible desktop environment.

[dhouwn]

How about getting Linux? Current versions of the Linux-distributions Debian, Fedora and Yellow Dog Linux are all available for PowerPC-based systems.