pirlouy wrote:Tom T. wrote:I tend to visit mostly the same sites, except when doing user support.
I think a lot of users (including me) go on new sites everyday for any reason... Of course, there are favorite sites you go more often, but it's impossible to say you visit the same sites everyday.
I''m sorry that the language was not clear. "Tend to" = "generally, usually, much of the time". E-mail. online bank and other financial institutions, some news sources (not allowing scripting there, *usually*)... Never said the same sites every day; sorry if it was misunderstood that way. New sites get configured when I go there for the first time. Temp-allow unless I think it'll be a regular one.
Tom T. wrote:So the image blocks are already in the Fx list, and not a big deal.
pirlouy wrote:...For you.
For me, it's not usable.
Perhaps. There are only four entries in the Fx Image Exceptions at the moment:
Code: Select all
login.yahoo.com mail.yahoo.com us.bc.yahoo.com ying.com
because as said, I find them distracting and annoying.
Tom T. wrote:Why not? NS+RP is actually *recommended* by both developers, Giorgio and Justin Samuel of RP. (Justin says so on his page - NS and RP don't compete, but work together beautifully.)
pirlouy wrote:For me, there should be only one extension which modifies content settings of webpages. For performance reason,
If anything, you get a gain in performance from each. Less scripting loading and fewer images loading = faster loading.
avoiding collision
What collision? If you are at goodsite.com, and NS blocks script called from evil.com, and RP blocks images from evil.com, that's not a collision. No harm is done. If anything, it's *redundancy*, which provides an added measure of safety.
It was Giorgio who recommended RP to me in the first place. I've never encountered any "collision issue" or anything else that broke a page.
easier for users
Agreed that there is one more tool to use. I don't use the default whitelists in RP at all, but you certainly may. Note that they are localized, at your option, plus "international", and prompt you to choose upon install. You can always change later.
pirlouy wrote:No, RequestPolicy and Noscript are not complementary for me, since they both have common settings (it's also the case with AB+).
The settings are doing different things. In essence, you're asking Giorgio to add RP to NS. I *like* being able to see images without script running (news site?) or allow script without images loading (e-mail.)
There's always a trade-off: Security+privacy versus convenience. If everyone were honest, we wouldn't need to carry around these bulky key chains. No need to lock your home, car, etc. But there are dishonest people in the world. So we take reasonable, though somewhat less convenient, measures to protect ourselves.
pirlouy wrote:For now, I don't use AB+ because it's not adapted to "power users",
I don't use it because it's unnecessary. With NS + RP, I almost never see ads anyway.
it's impossible to whitelist easily or temporarily, and Wladimir is not interested. AB+ is nice if you use a filterset, else it's quite limited.
Agree. I used to use the old AdBlock (Original), which was user-based, not subscription- based, but it was not supported past Fx 2.
pirlouy wrote:RequestPolicy is my preferred solution, but it lacks the ability to block embed content (thanks to a placeholder).
Noscript, despite a lot of options, can't block all contents of a not trusted site (images for example), but it is very good at blocking embed content (which is not the case of Flashblock for example).
Which is exactly why to use both. *Try it*, and if you have questions, we'll try to answer them, though of course those that are specific to RP should be asked there. But if it's a settings question for a given site or sample of sites, involving both tools, I don't think anyone would mind if you posted here.
pirlouy wrote:Giorgio does surely not want to receive lessons of dumb users like me, but I'll try to open a thread of what bothers me...
There are no dumb questions. We ask only that you take a little time to browse through the
NoScript FAQ and
NoScript "Features" Page page, to learn more about this great tool. And for a specific problem, search the forum to see if it's already been addressed. After that, ask away!
pirlouy wrote: Plus it is supposed to have other security tools I don't really understand (need ?) but I believe it.
Absolutely. Again, the FAQ and Features page should explain, but if you don't understand ... well, that's why we're here.
Tom T. wrote:ETA: You might wish to consider using a HOSTS file service that blocks the entire connection
pirlouy wrote:This is like AB+, it's not easily usable, since you can't temporarily unblock,
Most of the sites in there, you don't want to unblock, believe me. Ads, adware, tracking cookies, spyware...
and more generally I'm not interested in Hosts solution, especially because like filter list, it's impossible to keep these list updated: Internet changes every minutes !
Very true. But the same 16,000 sites (at the moment) still need to be blocked always, plus whatever are added in the monthly updates.
When new sites emerge, NS's default-deny policy protects you, until you decide whether the site should be trusted.
btw, do you care to list some sites that are Untrusted, but whose images come through and offend you? Why are you visiting the Untrusted site -- which is *not* the same as a default-denied site?
pirlouy wrote:Thanks for your answer !
You're welcome. I wish you'd try NS+RP. Earlier, you said it was "ideal, but not recommended". Later, it was that you preferred not to have both, even though it *is* recommended. (I too can do without ABP, although some swear by it.) So here's another recommendation. Try it, and say what you don't like.
In any event, I really don't see the need, or likelihood, of an auto-block of still images on Untrusted sites. My Untrusted list is only two lines long, and consists mostly of data-miners and some ad agencies. Why would I want to see images from them, or visit their sites?