Want to talk about NoScript? Post here. Topic is solved
Moderators: FranklinDM, Lootyhoof
-
- Astronaut
- Posts: 588
- Joined: 2015-06-01, 12:52
- Location: US Southeast
Re: Should NoScript be considered malware?
I hesitate to reply to the above post, because I don't want to give it any credibility.
Clearly prosecco, you don't know what malware is. And you clearly haven't followed the situation with NoScript and PaleMoon. Please get your facts straight before making such accusations.
Clearly prosecco, you don't know what malware is. And you clearly haven't followed the situation with NoScript and PaleMoon. Please get your facts straight before making such accusations.
Last edited by BenFenner on 2018-09-20, 14:48, edited 3 times in total.
Re: Should NoScript be considered malware?
It is not considered malware. No one has ever said that. It is however known to specifically cause issues with software it was not specifically designed to work with and for us a support nightmare.
Please don't try making threads about such nonsense again and please keep all noscript discussion in the noscript megathread.
{Moderator note: threads merged}
Please don't try making threads about such nonsense again and please keep all noscript discussion in the noscript megathread.
{Moderator note: threads merged}
Last edited by Moonchild on 2018-09-20, 14:34, edited 2 times in total.
Re: Should NoScript be considered malware?
In fact I posted this as its separate thread (Should NoScript be considered malware?), but apparently it was incorporated into this thread.prosecco wrote:viewtopic.php?f=46&t=17619
It seems to me the measures earnestly advised by Moonchild seem to suggest we are in fact dealing with a full-fledged malware.
It is a shame having to use this word for an extension which has proven needed and useful for years and which has been so well maintained, isn't it?
But the fact is (this is what I assume anyway, trusting Moonchild's assessment) NoScript seems to very often behave like malware, causing numerous problems.
Did its maintainer ever reply to Moonchild's post?
Last edited by prosecco on 2018-09-23, 15:17, edited 1 time in total.
Re: Should NoScript be considered malware?
Excuse me?BenFenner wrote:I hesitate to reply to the above post, because I don't want to give it any credibility.
Clearly prosecco, you don't know what malware is. And you clearly haven't followed the situation with NoScript and PaleMoon. Please get your facts straight before making such accusations.
No need to get hostile.
If you don't agree, provide arguments, state facts and data rather than use terms like "accusations".
I think I made perfectly clear why I was using the term "malware".
Re: Should NoScript be considered malware?
"No one has ever said that."New Tobin Paradigm wrote:It is not considered malware. No one has ever said that. It is however known to specifically cause issues with software it was not specifically designed to work with and for us a support nightmare.
Please don't try making threads about such nonsense again and please keep all noscript discussion in the noscript megathread.
{Moderator note: threads merged}
I never said or implied that anyone ever said NoScript is malware. Please respond to what I actually SAID.
And last but not least: I don"t need your putdowns. Keep your bickering for other people. I am just a Pale Moon user and a participant to this forum, not whatever it is you imagine I am.
In short, very disappointing reply, as usual!
Last edited by prosecco on 2018-09-23, 15:23, edited 1 time in total.
-
- Astronaut
- Posts: 655
- Joined: 2017-06-12, 13:27
- Location: How can you be in two places at once, when you're not anywhere at all?
Re: Want to talk about NoScript? Post here.
Though I guess some people won't share my exuberance, I'm happy to see that Giorgio Maone has apparently changed his mind about support for browsers besides Fx. He had previously announced that v. 5.1.7 would be the last for PM, Basilisk, and others, but I just got v. 5.1.9. of "NoScript Classic".
His website now says,
His website now says,
You can still download NoScript "Classic" (5.1.9) for Palemoon, Seamonkey, Waterfox and possibly other "vintage" (pre-Gecko 57) Firefox forks here: we'll do our best to provide security fixes as long as supporting browser still guarantee their own security updates.
"And you can believe me because I never lie - and I'm always right."
(Asserted by George Leroy Tirebiter* and my wife; only the latter is telling the truth.)
*Firesign Theater version
(Asserted by George Leroy Tirebiter* and my wife; only the latter is telling the truth.)
*Firesign Theater version
-
- Knows the dark side
- Posts: 4279
- Joined: 2015-10-06, 16:59
- Location: Los Angeles CA USA
Re: Want to talk about NoScript? Post here.
^ Just updated to v. 5.1.9 -- thanks for the heads-up! (Oh -- and that's good news about NS support continuing)
Last edited by Pallid Planetoid on 2018-10-06, 02:32, edited 1 time in total.
Current Pale Moon(x86) Release | WIN10 | I5 CPU, 1.7 GHz, 6GB RAM, 500GB HD[20GB SSD]
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising
-
- Lunatic
- Posts: 279
- Joined: 2016-07-18, 21:12
Re: Want to talk about NoScript? Post here.
Thanks JoeyG for this news.JoeyG wrote:Though I guess some people won't share my exuberance, I'm happy to see that Giorgio Maone has apparently changed his mind about support for browsers besides Fx. He had previously announced that v. 5.1.7 would be the last for PM, Basilisk, and others, but I just got v. 5.1.9. of "NoScript Classic".
His website now says,You can still download NoScript "Classic" (5.1.9) for Palemoon, Seamonkey, Waterfox and possibly other "vintage" (pre-Gecko 57) Firefox forks here: we'll do our best to provide security fixes as long as supporting browser still guarantee their own security updates.
and
thanks Giorgio Maone of course.
but
what's happened here
https://forums.informaction.com/viewtop ... 66a70b804b
Diversity is key.
Those who forget the past are doomed to repeat it.
Those who forget the past are doomed to repeat it.
-
- Themeist
- Posts: 1569
- Joined: 2012-02-09, 23:35
- Location: United Kingdom
Re: Want to talk about NoScript? Post here.
It's exactly as it appears.Nightbird wrote:what's happened here
-
- Astronaut
- Posts: 655
- Joined: 2017-06-12, 13:27
- Location: How can you be in two places at once, when you're not anywhere at all?
Re: Want to talk about NoScript? Post here.
The PM folks were consistent, which I think is fine.Nightbird wrote:... but what's happened here ...
By the way, I've just made a (small ) donation to Giorgio for his ongoing support for the PM browser family. I think it would be nice if other people could do the same.
Of course a donation to PM every now and again is also a good idea.
Last edited by JoeyG on 2018-10-08, 16:56, edited 1 time in total.
"And you can believe me because I never lie - and I'm always right."
(Asserted by George Leroy Tirebiter* and my wife; only the latter is telling the truth.)
*Firesign Theater version
(Asserted by George Leroy Tirebiter* and my wife; only the latter is telling the truth.)
*Firesign Theater version
Re: Want to talk about NoScript? Post here.
Hard to say, since it came on gradually, but I think I first noticed it as a definite trend in the oughts. I think it might be something in the water, or maybe just the drugs, I dunno. And the, ahem . . . funny thing is, there are probably people who will read this and totally not get the humor, and others who will totally not get the seriousness.ketmar wrote: . . . since when humanity started to loosing ability to get harmless (yet maybe somewhat edgy) jokes?
Anyway, may I ask about uMatrix compared to NS and some others here, since uMatrix has been touted here? NS has always been a total %$#@W to set up and get running right, and once you break it you pretty much have to retrieve your backup profile you made before installing it, so I'd welcome a better way.
Can NoScript fans point to anything it can do that uMatrix can't?
How does uMatrix compare to the other extensions with similar names, particularly uBlock Origin? Can they all do the same things?
Last edited by Lew Rockwell Fan on 2018-10-09, 05:20, edited 1 time in total.
-
- Moon Magic practitioner
- Posts: 2986
- Joined: 2015-09-26, 04:51
- Location: U.S.
Re: Want to talk about NoScript? Post here.
Lew Rockwell Fan wrote:anything it can do that uMatrix can't?
Specific protection against cross-site scripting attacks and clickjacking.
"Similar names" - same developer.Lew Rockwell Fan wrote:How does uMatrix compare to the other extensions with similar names, particularly uBlock Origin?
Starting with a personal view: Nothing, no amount of posted opinion, can replace just installing these extensions and spending time using them and reading the wikis.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
uMatrix (uM wiki; most recent xul version, 1.1.4, or see thread on building from newer source):
It blocks or allows categories of requests (cookie | css | image | media | script | XHR | frame) on sites that you designate.
What it has that uBO lacks:
Some cookie management function; and it has some privacy settings that uBO lacks.
Also, v1.1.4 (and earlier) can spoof headers and user agents. Note: UA spoofing was removed in v1.1.14 based on the assessment that this task would be better performed by a dedicated extension.
uBlock Origin (uBO wiki; current xul version, 1.16.4.4):
It's both an adblocker and general purpose "wide-spectrum" blocker (see overview of what it blocks here).
The more general blocking function requires being in advanced mode.
Two things uBO has that uM doesn't: 1) cosmetic filtering (same as ABP-family element hiding function); 2) ability to block or allow individual requests - so eg., scripts from site.B are blocked on site.A, but you can still allow some specific script from site.B even though the others are blocked.
Off-topic:
This thing you quoted is from five months ago (whoever wants to see it in context, see pg 7 of this thread) -
(it concerned some users' reactions to some language in the release notes for PM 27.9.2, released 2018-05-18).
I'm kind of perplexed about what this quote has to do with anything else in your post. Just sayin'.
Lew Rockwell Fan wrote:Hard to say...ketmar wrote: . . . since when humanity started to loosing ability to get harmless (yet maybe somewhat edgy) jokes?
This thing you quoted is from five months ago (whoever wants to see it in context, see pg 7 of this thread) -
(it concerned some users' reactions to some language in the release notes for PM 27.9.2, released 2018-05-18).
I'm kind of perplexed about what this quote has to do with anything else in your post. Just sayin'.
-
- Knows the dark side
- Posts: 4279
- Joined: 2015-10-06, 16:59
- Location: Los Angeles CA USA
Re: Want to talk about NoScript? Post here.
^ Follow-up:
Besides the 2 protections referenced above, NoScript also provides ABE protection ("Application Boundaries Enforcer" that protects against CSRF [Cross-site request forgery] and internet-to-intranet attacks) a level of security that some financial sites notoriously ignore and something I personally use among the other two security protections mentioned. And besides these protections there are dozens of parameters that can be set to restrict website structural functions (i.e. website embedding etc.) via NS's multiple options settings windows as well. All functions that other security add-ons mentioned here do not offer as far as I'm aware.coffeebreak wrote:Lew Rockwell Fan wrote:anything it can do that uMatrix can't?
Specific protection against cross-site scripting attacks and clickjacking.
Last edited by Pallid Planetoid on 2018-10-09, 15:28, edited 1 time in total.
Current Pale Moon(x86) Release | WIN10 | I5 CPU, 1.7 GHz, 6GB RAM, 500GB HD[20GB SSD]
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising
-
- Moon Magic practitioner
- Posts: 2860
- Joined: 2012-06-28, 01:20
Re: Want to talk about NoScript? Post here.
The ABE feature broke quite a few websites for me, which is why I finally dumped NoScript.
-
- Knows the dark side
- Posts: 4279
- Joined: 2015-10-06, 16:59
- Location: Los Angeles CA USA
Re: Want to talk about NoScript? Post here.
Rulesets need to be created to use (fix) trusted sites that you visit on a regular basis that break the rules: The important thing is that while specific rulesets might be needed to use websites you feel you can trust and use on a regular basis -- you remain protected as far as any website you might visit that you are not familiar with that could be a potential security threat. Unfortunately, staying protected is never convenient!helloimustbegoing wrote:The ABE feature broke quite a few websites for me, which is why I finally dumped NoScript.
You do not have the required permissions to view the files attached to this post.
Current Pale Moon(x86) Release | WIN10 | I5 CPU, 1.7 GHz, 6GB RAM, 500GB HD[20GB SSD]
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising
Formerly user Pale Moon Rising - to provide context involving embedded reply threads.
Good judgment comes from experience and a lot of that comes from bad judgment. - Will Rogers
Knowing Pale Moon is indisputably #1 is defined by knowing the totality of browsers. - Pale Moon Rising
-
- Board Warrior
- Posts: 1651
- Joined: 2018-06-08, 17:02
Re: Want to talk about NoScript? Post here.
By default, there is only 1 ABE rule enabled.The ABE feature broke quite a few websites for me, which is why I finally dumped NoScript.
So if ABE breaks websites for you, then it was your doing that did the breaking.
If NoScript was to complicated, too confusing, too much trouble... that's different, but it was not ABE.
-
- Moon Magic practitioner
- Posts: 2860
- Joined: 2012-06-28, 01:20
Re: Want to talk about NoScript? Post here.
Then it was something else that broke it, and it was not my doing. All I know is that even when I enabled all scripts, some sites still wouldn't work. I had to totally disable NS to get those sites working. And I used a "stock" install. The only one thing I did was add a clearclick exception for my son's online school website (which was not one of the sites that broke). There's a reason why MC did what he did in regards to NoScript.
EDIT
And it wasn't too confusing for me. I had used it for years with no troubles, until recently.
EDIT
And it wasn't too confusing for me. I had used it for years with no troubles, until recently.
Last edited by ron_1 on 2018-10-10, 02:32, edited 1 time in total.
-
- Board Warrior
- Posts: 1651
- Joined: 2018-06-08, 17:02
Re: Want to talk about NoScript? Post here.
Enabled or not, will generally have no affect on a site behaving correctly or not.clearclick
Some sites can be a bear to figure out what they need.even when I enabled all scripts, some sites still wouldn't work
Sometimes when Allow Globally doesn't work, there is some other blocker in the equation, like an ad blocker, that ends up being the actual culprit. (Possible that the ad blocker blocks things before they're seen by NoScript, so NoScript never sees them, so Allow Global has no affect, as the blocking, that which is negatively affecting the site, is being done elsewhere.
Ran into that just today, https://forums.informaction.com/viewtop ... =7&t=25247. At least that's the way it played out on my end, FF 62, NoScript 10. [SeaMonkey 2.45 & NoScript 5 reacted differently, easier to get things working.])
-
- Astronaut
- Posts: 650
- Joined: 2017-08-14, 23:43
Re: Want to talk about NoScript? Post here.
An amusing feature of NS is that when you "allow all", other scripts (not included in the previous "allow all") try to come in. And are blocked.helloimustbegoing wrote:All I know is that even when I enabled all scripts, some sites still wouldn't work.
I well recall my happy years with NS, where sometimes it would take 3 "allows" + 3 page refreshes before a site would work.
Now, with uMatrix, I simply do not miss that "functionality". One click to allow, one click to refresh, done.
Do I miss NS's ABE etc? No. They were only ever false positives.
-
- Moon Magic practitioner
- Posts: 2860
- Joined: 2012-06-28, 01:20
Re: Want to talk about NoScript? Post here.
Yes I was aware of that. When I wrote I allowed all scripts, that's what I meant, repeatedly clicking allow all until there was no more "allow all."doofy wrote:
An amusing feature of NS is that when you "allow all", other scripts (not included in the previous "allow all") try to come in.
Last edited by ron_1 on 2018-10-10, 03:19, edited 1 time in total.