Known malicious scripts blocking

[emiller12345]

I was wondering if it would be possible to add an individual script blocking feature to block known malicious scripts, using a hash based checking system? Some site like facebook require js to be enabled to use, so noscript can't be as effectively used. I wonder if certain scripts can be blocked if they are known to be bad using a md5/sha1 check of just the script. Or is there already a tool available to check this?

[Giorgio Maone]

Or is there already a tool available to check this?

Most if not all the antivirus products which advertise a "web scanner" do exactly this.
The obvious weakness is that an unknown or any even slightly modified malicious script bypasses this protection, and JavaScript can be obfuscate in infinite ways.

[emiller12345]

Most if not all the antivirus products which advertise a "web scanner" do exactly this.

I should have specified "open source tools". IMO noscript is streamlined because it's open source.

[Tom T.]

Most if not all the antivirus products which advertise a "web scanner" do exactly this.

I should have specified "open source tools". IMO noscript is streamlined because it's open source.

I have been reasonably satisfied with Avira, which is not open-source, but is free for personal home use. They do support Ubuntu. I haven't noticed any performance hits that some users report with other AV products.

It's reasonably streamlined. The main program in my v8.2 is about 70 MB, of which about 50 MB are the virus definition files. (They've doubled in size since I got it in 2008. So many new viruses being written...) Also, there is a "Fail-Safe" folder, which is essentially a backup of the entire program. If disk space is at a premium, this 55 MB folder can be removed, but it doesn't consume any processor time or memory if just left there.

DISCLAIMER: I have no connection to the above product. There have been newer versions released, which I did not get. I can't speak to those versions. I can't control the product or your use of it, and therefore cannot take any responsibility or liability for your use of it, or the consequences of using it. This is not an official endorsement by this forum, its Admin/Developer, or anyone else. It is my own personal experience, offered in the hope that it may be of use. but comes with no guarantees or warranties, express or implied. IF YOU DO NOT AGREE TO THE ABOVE TERMS, DO NOT CONSIDER, HEED, OR USE THE ABOVE PERSONAL OPINION.

Edit: NoScript is streamlined because its developer doesn't believe in bloat. What's there is what's necessary to accomplish the task. Even if it weren't open-source, I would expect the same. Some open-source products *are* bloated. But I understand and share the concern about the tendency for proprietary products to introduce useless or counterproductive "features".