therube wrote:I really don't see why you're harping on this guy.
He's developed or modified extensions & offers them to you to use - for free. (And I assume they are legit.) (WHY? In the face of this evidence? -- TT)
And so he wants to make a buck or two while he's at it (or whatever a "hit count" is). Heaven forbid. And its not like other developers don't try to do the same (or worse).
Hey, you want to watch a Youtube video (on youtube.com)? Guess what, you need to enable JavaScript on two different domains to do so. I would be far more worried with youtube being hacked, then some relatively obscure netticat site out there.
So some of his thoughts on JavaScript are misguided. So be it. Hopefully we know better.
Yeah, hopefully WE do. But what about AverageUserLand? YouTube etc. don't produce add-ons for Fx (at least, I wouldn't install them if I did). This guy makes dozens of Fx add-ons, with vast access to your browser and your system, and such people need to be trustworthy. To tell AvgUser they're stupid for fearing JS -- well, if *you* don't fear it, why are you here? Why are you running NS at all? Go to IE and avoid the hassles of allow/ta/untrusted/plugin/ABE etc. He's misleading people and slurring Giorgio's thousands of hours of effort, you, me, and millions of NS users, and encouraging unsafe hex. If he's just some web site, that's his business, but I am uninstalling Better Privacy immediately and going back to manual deletion of LSO Flash Cookies.
Why are we harping on him? Uhhh... why are you defending this FIREFOX ADD-ON DEVELOPER?
Alan Baxter wrote:Please don't even joke about hacking someone's site here. It's not funny and reflects badly on the NoScript community.
This *approved AMO developer* is reflecting badly on the entire NS community. Perhaps you can convince him of the error of his ways. Some people don't learn unless it's shoved in their faces. Besides, I would never hack anyone's site, or suggest anyone do so. But I think my right of free speech entitles me to point anyone I choose to this thread. What they do is their own business. My expectation of their reactions, as in previous post, may or may not be valid. I certainly wouldn't suggest they maliciously damage the site. Merely pointing out 20 or 30 XSS holes might be enough to convince NC that he's wrong about JS. If they go beyond that, that is their own responsibility. I still don't understand why he's being defended here. HE (and his ilk) are the problem that WE are fighting.
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US at an expert level; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20 diehard