InformAction Forums

I looked up "googlehammer" on Google and clicked on the hit for http:/www.googlehammer.com/ and NoScript failed to stop the JS there from executing, rendering FF unusable. I had to kill it a couple times from Task Manager before I could get a "recover session" window that let me disable that site's tab from reloading. (I didn't want to lose my other tabs from the session.)

Here's a direct link to the JS:

http:/www.googlehammer.com/main.js

The site's scripts do not execute unless googlehammer.com is allowed. Make sure you uncheck
NoScript Options > General > Temporarily allow top-level sites by default

By the way, please don't post any more clickable links to malicious web sites.

It's not checked, and that site isn't in the whitelist. Hence I don't understand why it ran.

Neither do I. The site did not run for me with NoScript's default settings until I allowed googlehammer.com. (And allowed the other sites on the page too, but I don't know if the other sites were necessary.)

Export your whitelist and/or your NoScript settings -- for safekeeping -- and reset the NoScript Options.

By the way, I'm running these tests with Firefox inside Sandboxie so any malicious scripts can't damage my system.

I have confirmed what Alan has said and when visiting the site, it doesn't run squat unless allowed, so not sure where you are opening yourself up but its not the default behavior. Take a closer look and if you still feel its something that needs to be looked into, we'll take another crack at it (no pun intended).

BTW, for me the first thing and only thing I see is this:

Loading Marketing Plugin.

Google Hammer is your marketing resource for the right way to thrust yourself into Internet Marketing. After you experience the thrill of marketing the Google Hammer way, you'll wonder how you ever managed without it.

I see three items in the NoScript menu:

googlehammer.com
jquery.com
getclicky.com

Is it possible you are allowing one of these and that's where its finding a backdoor into your profile? Otherwise, I see no way that NoScript is at fault here and allowing anything. Furthermore, since it seems to be trying to launch and install a plugin, you might have already allowed that and that's how its bypassing it, check your plugin list. And unlike my dedicated colleague here, I ran it on my main system with no precautions (except for NoScript, RequestPolicy (which wasn't needed) and Adblock Plus (for a bit more fine tuning)), so it clearly shows the application is doing its job (confirmed on a profile with NS ONLY).

I see both jquery and getclicky in the whitelist, so I just removed those.

SpareSimian wrote:I see both jquery and getclicky in the whitelist, so I just removed those.

Ok, read up on ABE and use some USER rules to limit their scope in your profile, or use domain specific blocking using ABP which I don't recommend but you can try at your own risk. Good luck.

What's your extensions list?

Is there a way to just export the addon list? Meanwhile, I'll just transcribe the list. Currently enabled:

AddThis 3.1.1
BetterPrivacy 1.48.3
ChatZilla 0.9.86
Facebook Toolbar 1.6
Flashblock 1.5.14.2
HTTPS-Everywhere 0.9.4
Java Console 6.0.23
Microsoft .NET Framework Assistant 0.0.0
NoScript 2.0.9.8
Personas 1.6.1
SQLite Manager 0.6.8
TinEye Reverse Image Search 1.0

I have a bunch more in disabled state. I'd switched to Chrome for awhile because FF was getting really slow but got tired of pop-unders, so switched back to FF and disabled about 2/3 of my addons. That seemed to help.

SpareSimian wrote:Is there a way to just export the addon list?

Enter about:support into the URL bar.

SpareSimian wrote:Is there a way to just export the addon list?

As already stated @dhouwn, you can use the built in support system but if you are weary of sharing TOO MUCH, then there are reliable addons that allow you to format and customize the scope of them and will output them for you as well. Just another option, although personally I have to say about:support is quite sufficient and pretty efficient in doing it for you.