InformAction Forums

Hi,

seems latest Firefox needs Add-on signing and NoScript is not signed for firefox.
Seems to be a special signing procedure for any add-on for firefox.
Is it planned to be signed or what can i do?

thanks

NoScript is not signed

What version?
Where did you get it from?
How are you determining it is not signed?
What is the MD5 hash of the downloaded .xpi (or the .xpi in your /extensions/ directory)?

NoScript is signed, should be signed.

Its NoScript 2.6.9.6 - older version.
Was running fine in firefox (older version).
Shall i disinstall and re-install it on firefox?

Is it needed anyway - or does newest firefox provide same security?
It was always a bit annoying to adjust NoScript to your needs...

thanks

Whether you use an extension is up to you.
That you're using a 2-year old version of NoScript in a current browser... likewise.
(Currently) you can disable the signing requirement if you're intent on using that version.
But why not just update to the current NoScript if you're still going to use it.

NoScript versions that old are simply broken in current Firefox. That's why your old NoScript isn't signed and won't be.
If you want to use NoScript with a current Firefox and have it actually work, you need to update it: AMO or https://noscript.net/

richardNani wrote:Is it needed anyway - or does newest firefox provide same security?

Firefox has not and probably never will provide the level of security you get from NoScript. Some people don't do so well being more secure.

richardNani wrote:It was always a bit annoying to adjust NoScript to your needs...

Not for me. NoScript is pretty customizable though, maybe you're not using it in the way that's optimal for you personally?

Once you get this add on signing mess straightened out, feel free to ask for help making it less annoying if you want.

Thanks!
i have updated noScript to 2.9.0.11 and it works fine now!
I appreciate any hints on beeing more productive with NoScript!
My experience is, when you surfe a website that needs JavaScript e.g. you have to allow it - mostly i just do it
when i think i can trust the site. But you never know, even trusted sites can be hacked externally and have
malicious code! So i am not sure - what is the extra security here?
I think more than 60% of all sites use some kinds of script - so you nearly always have to allow if you want to use
its features....

You're welcome!

richardNani wrote:I appreciate any hints on beeing more productive with NoScript!
My experience is, when you surfe a website that needs JavaScript e.g. you have to allow it - mostly i just do it
when i think i can trust the site. But you never know, even trusted sites can be hacked externally and have
malicious code! So i am not sure - what is the extra security here?

Quite a lot actually.
FAQ 1.11
https://noscript.net/faq#compromised_trusted

Seems to me like you're doing it right - well, you're doing it pretty much same way as me. Some sites are just annoying in that even after spending more than 10 minutes tweaking stuff it still doesn't work But when getting annoyed, keep in mind, that in such case, NoScript is just the messenger.

Thanks for the info.
Good to hear that it seems i do everything right
But still i do feel i just decide by stomac which site or service to allow and which not.
On some sites you get a list of several "helper-tool-sites" you can individually allow or not.
It seems most of them are adware and collecting surfing behaviors in cookies you never wanted.
But in some cases they help showing visuals or other gimmicks of the site.
So i still dont feel really comfortable in what i am doing...

Maybe it would be a good idea to create a self-improving datapool of good-behavior infos on special
sites and such helper-tools and let NoScript make suggestions on base of that best-practice datapool?
Maybe such an option exists already and i am just not aware of it?

Thanks!

richardNani wrote:But still i do feel i just decide by stomac which site or service to allow and which not.

As for which sites to allow, that's really the only good way to do it IMO. As for which sites *not* to allow, this might help: viewtopic.php?p=75314#p75314

You can also middle-click (or Shift+click) the sites in the NoScript menu if you prefer to get information about them that way.