Understanding CRDF threats; what is safe?

[tap]

Okay, I'm completely new to NS and monitoring scripts, so please be patient with me!
When visiting a website today I began checking the security/safety of a script (quantserve). Upon checking CRDF, [http://threatcenter.crdf.fr/] I noticed a extremely long list where every single item had a spinning symbol-- whether it was 30 mins ago or 6 days ago--every item had spinning wheels.

After reading the FAQ on CRDF and not finding answers as to whether this site was finding malware, or simply checking for malware constantly (and thus, the spinning wheels), I contacted the host site for my website and they told me that "their site" was safe. In addition, they told me that Quantserve (the script in question) provided tracking cookies and that I should contact NS about understanding what CRDF is checking and doing with the spinning wheels. So I ask: Is CRDF finding malware, or simply checking for it? Do I need to be concerned, or should I allow the script, quantserve?

On another note with a similar question:
I must say, you deep knowledgeable techies may know your stuff, but unless one is a deep-level computer geek, we newbies are left with our heads spinning. I'm 'trying' to use NS and am often baffled if I should or should not allow scripts. Yes-- I check them by (shift-clicking the name) but I have found that many sites use Flash-- and you all seem to believe that Flash is NOT safe. How do we then see and use the sites we need or want to without enabling Flash? Con--fus--ing!!!

And is there a list of "safe" scripts that one may refer to?
Thanks for your time, help, and patience with a newbie!!

[barbaz]

Sorry but I don't understand either your question about quantserve or your question about spinning wheels on the CRDF site.

Is your CRDF/spinning wheel question, that NoScript causes some spinning wheels on CRDF to never go away, and disabling NoScript (Tools > Add-ons Manager > NoScript > Disable > Yes, remove ALL protections) makes the site work as expected, but how to get it working with NS?
Or are you asking something like "what is the CRDF site and what does it do, specifically what's up with the spinning wheels"?

Is your quantserve question just whether you "should" Allow it in general, or have you found a site that requires quantserve to be Allowed in order to work?

Or are you asking something totally different from what I listed in either or both cases?

Please clarify.

I'm 'trying' to use NS and am often baffled if I should or should not allow scripts. Yes-- I check them by (shift-clicking the name) but I have found that many sites use Flash-- and you all seem to believe that Flash is NOT safe. How do we then see and use the sites we need or want to without enabling Flash? Con--fus--ing!!!

Yes, Flash is unsafe - it gets exploited a lot. What I think is confusing you is that you are making the following incorrect assumptions:
1) there is a universal right & wrong answer to that question that applies across the board to everyone & all sites, and
2) if a software is 'unsafe', then there are no circumstances under which it's OK to use it.

Whether you allow Flash on a specific site is up to you - as in, do you trust *that* site not to try to use Flash as a way to take over your computer, steal sensitive data, or do other things you don't want it to do? If so, and if you want to view Flash content, you Allow it. Otherwise, leave it blocked.

If you don't know how to decide whether a site is trustworthy, see FAQ 1.11

And is there a list of "safe" scripts that one may refer to?

No, and unfortunately it's technically impossible to construct such a list because everyone has a different idea of what constitutes "safe".

[Thrawn]

JavaScript and Flash are unsafe in the same way that guns are unsafe. It all depends on who is carrying them and what they're used for.

And bear in mind that a site doesn't actually have to be malicious in order to misuse its privileges. Sometimes, it just has to be careless, and some other site will exploit it.

[tap]

Thanks for your reply. My question about CRDF spinning wheels is more like: "what is the CRDF site and what does it do, specifically what's up with the spinning wheels"?
My guess is that the spinning wheels indicate that the site is ‘still’ checking for malware, viruses, etc., however, my concern was why it is taking so long— the spinning wheels were still spinning when some threats had a ‘check time’ of 6 hrs (unlike some that say 1 or 2 hours) — plus it has pages and pages of threats listed with spinning wheels going non-stop.
Are 217+ pages of threats (being checked by CRDF) all concerning just the script quantserve OR are those for ALL threats worldwide which have been checked for MANY websites?

Quantserve’s safety was something I was questioning since it had a bad scorecard on WOT. When I checked quantserve using CRDF it showed pages upon pages of threats with a few indicating malware and trojans — although, viewing the “more info” concerning those threats it said “threats unconfirmed”. SO, if what they find is unconfirmed, am I to believe that quantserve is safe OR unsafe?

ALSO. . . I understand that I can shift-click on any script in the NS menu to get further information as far as its safety is concerned. But how can I know what each of the listed scripts actually DO, CONTROL, or AFFECT on a website or web page in order to know whether I should go ahead and allow it or not permit it? To further explain. . .

I use Statcounter on my website, so when I see a script for Statcounter I figure it’s needed in order for stats to be collected by Statcounter. However, when scripts like cedexis or marinsm or doubleclick (and SO many more unknowns) appear I have NO idea what they affect on the website I’m visiting…. photos, ads, text, being capable of clicking buttons or links, ability to enter data in a form, etc. If I temporarily allow a script(s) and yet do not know what they actually affect on the website, then how do I know whether it’s even needed, or whether it’s simply junk being added that’s not needed and will only slow my browsing and use of a website? UNDERSTANDING what scripts do would certainly help me make more educated decisions when deciding whether to allow scripts!

Some scripts which I permit CLEARLY change web pages. (I can see that when the page has a large blank space until I allow a particular script—then like magic, some graphic image appears). But not all scripts make changes which are that noticeable.
Thanks again for any help.

[barbaz]

Thanks for your reply. My question about CRDF spinning wheels is more like: "what is the CRDF site and what does it do, specifically what's up with the spinning wheels"?

I think that just means they haven't finished analyzing that threat yet - if I view the alt-text of the spinning wheel it says "Repport in creation..."
The "spinning-wheeled" report I looked at said something about threat unconfirmed, maybe it's just waiting to be confirmed...

Are 217+ pages of threats (being checked by CRDF) all concerning just the script quantserve OR are those for ALL threats worldwide which have been checked for MANY websites?

/me thinks it's nothing to do with quantserve, that it's a list of ALL threats they're analyzing or whatever... and nothing to do with a website even, seems to me it's something to do with some antivirus/antimalware app(s).

Quantserve’s safety was something I was questioning since it had a bad scorecard on WOT.

quantserve is a tracker, which is not exactly a popular type of site... I'm not sure how "safe" it is but personally I never want to Allow something like that. I dislike most online tracking, so for me it goes straight to the Untrusted list & I move on with my life.
But YMMV of course.. if you want to be tracked, by all means Allow it...

ALSO. . . I understand that I can shift-click on any script in the NS menu to get further information as far as its safety is concerned. But how can I know what each of the listed scripts actually DO, CONTROL, or AFFECT on a website or web page in order to know whether I should go ahead and allow it or not permit it?

At some level it's just trial & error... (read on)

I use Statcounter on my website, so when I see a script for Statcounter I figure it’s needed in order for stats to be collected by Statcounter. However, when scripts like cedexis or marinsm or doubleclick (and SO many more unknowns) appear I have NO idea what they affect on the website I’m visiting…. photos, ads, text, being capable of clicking buttons or links, ability to enter data in a form, etc. If I temporarily allow a script(s) and yet do not know what they actually affect on the website, then how do I know whether it’s even needed, or whether it’s simply junk being added that’s not needed and will only slow my browsing and use of a website? UNDERSTANDING what scripts do would certainly help me make more educated decisions when deciding whether to allow scripts!

Best way to do this is decide based on whether the site works for you without that script Allowed. With only what you've already Allowed, can you do what you want on the site / view the part(s) of the site you want? If so, you're done; if not & if you think the problem could be that some JS is missing, then you need to go back & Allow more site(s).

See the NoScript Quick Start Guide for more info.

[tap]

Okay, thanks— that was all helpful; I appreciate your responses to my questions.
Have a good one!

[barbaz]

you're welcome