I like using as few addons as possible, the lesser the better. Plugins are addons too. I love the looks of my Plugins tab. Bo
Bo, I notiiced you are using the classic theme restorer.Have you considered using pale moon if the older looking firefox is what you seek.? Thanks.
Yes, I like the old Firefox look but because I am using CTR and more important, the browser functions very much like old Firefox. Probably most of what I listed below is standard in Palemoon but this is what I do with Classic theme restorer. 1. To set tabs not on top. 2. To open bookmarks on the left side of the browser as a sidebar, with one click 3. To get the add on bar back 4. To place the bookmark star in the URL bar 5. To get rid of the Firefox orange button 6. To get rid of the Customize button 7. To get rid of Hello, Pocket and Reader (it can also be done in about:config) 8. To get rid of the X in tabs, so I don't close any by mistake 9. To eliminate X close on Add on bar 10. To set new tab to open as blank page On top of all that, Firefox works great with Sandboxie. I think Palemoon works great too but Firefox is the most important browser in this family of browsers and the one that is closely watched upon by SBIE support. I once installed PM but after a few hours, after not noticing anything special about it, I uninstalled it and went back to Firefox. Firefox is an excellent browser. I don't experience freezes, slowdowns or any kind of issue. Its the perfect browser for me. Bo
If we change out ABP for uBlock Origin and delete NoScript - then you're left with my extensions. We're quite similar you and I Happy New Year, Bo
You too, Swex. NoScript is never going anywhere. To me, its part of Firefox. And ABP, never had a reason to look for a replacement. Bo
Yes, and I share your view on the X amount of extensions. I like to keep the use of extensions to a minimum.
l finally removed NoScript from Firefox after some years. It broke pages too much and finally broke the Interweb ... so it had to go. I've replaced it with PrefBar (K-Meleon style). Which still leaves me with six extensions overall. I flirted with Ghostery but that went the way of NoScript. And Win 7:
I've been considering dumping NoScript. I keep it around for it's Anti-XSS protection, since I have set NoScript to Allow Scripts Globally it rarely bothers me. I also use uBlock Origin which handles scripts just fine. You're "I've replace it with PrefBar" had me scratching my head at first. Then it hit me, a replacement as in Add-on, not as in replacement for NoScript. LOL
To be honest, I only really use Firefox on Ubuntu where it is the default browser. I rarely use it on Windows although it is useful. My default browser on Win 7 is K-Meleon. As soon as I can figure out how to run KM on Ubuntu (probably with WINE) I'll use that. NoScript has an option to force HTTPS on a designated site. I experimented with implementing this and tried it on a British optical goods site that I actually had an account with. Their site refused to recognise my IP address (403 denial of access) on any browser and all of my computers (desktop, laptop and tablet), and I had to email their help facility, which I luckily had in my email address book. The site unblocked my IP and they think the server security thought I was trying to hack it or something and initiated an automatic response. They say a little knowledge is a dangerous thing, I had no idea I could break the Internet with a Firefox extension! I have control over JS with K-Meleon's privacy bar, which was actually the inspiration for PrefBar, so I thought why not lose NoScript and control JavaScript like I do in K-Meleon. I think the overall security risk is less in Linux anyway and I use Firefox mainly on Ubuntu. I'm pretty happy surfing in K-Meleon without NS though, so why do I need it in Firefox? I mean, NoScript is bloody irritating most of the time anyway lol! I feel better for not using it.
I know how beneficial NoScript is and wish I understood how to configure and use it properly. At this point I just become annoyed with it and eventually end up white listing everything, which I'm guessing is as good as not having it?! One day
Code: "extensions": [ { "name": "Classic Theme Restorer", "version": "1.4.8", "isActive": true, "id": "ClassicThemeRestorer@ArisT2Noia4dev" }, { "name": "Firefox Hello Beta", "version": "0.1", "isActive": true, "id": "loop@mozilla.org" }, { "name": "Stylish", "version": "2.0.6", "isActive": true, "id": "{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}" }, { "name": "uBlock Origin", "version": "1.6.4", "isActive": true, "id": "uBlock0@raymondhill.net" } ], How does one get rid of Firefox Hello Beta or inactivate it in v45?
The best advice I can give you about learning and understanding NoScript is not to try to learn it all in one day or one month. Take your time learning the program. If you use the program, even without understanding it, after a while, all its gonna start making sense. It might take a year, but one day its gonna Click. But let me show you how easy it is to figure out sites, what to white list and what to black list and how to do it. Many sites are like Wilders. So, when you come to Wilders, when you look at the NoScript menu, you only see one domain that loads scripts here. And the name of the domain in wilderssecurity.com. Its pretty obvious that that is one domain that you want to white list. This is the kind of domain you want to white list. You ll be surprised but many sites are exactly like that. And figuring out what to do in many sites that you visit regularly are as easy to figure out as Wilders. Then, you also have sites like http://tinypic.com/. I suggest you use tiny pic for practice. If you go to tinypic right this moment and look at the NoScript menu. You ll see the 9 domains that are listed in the picture below. Now, try to upload a picture. If you don't allow any scripts at tiny pic, you wont be able to upload pictures. So, if this was the first time I go to tiny pic, when I look at the NoScript menu, I do a little trial and error and the first domain that I ll temporarily allow would be tinypic.com. Its pretty obvious that I should try that. I mean, I am at tinypic, lets allow tinypic and see what happens. And guess what? Thats the only domain out of the 9 that load scripts there that is required for uploading pictures. So in the end, since I regularly use tinypic for uploading pictures, I white list tinypic and black list the rest of domains that show up in the NoScript menu. Then you have sites that are a little harder but still, after a while, they become easy to figure out. Look at this other picture. Thats from a site where you can stream basketball, football, sports. Sites like this are nasty. Its very easy to get infected visiting sites like that one. But with NoScript, Adblock plus and Sandboxie, they are tamed, they become totally harmless. In my personal case, since I visit this sites on a regular basis, figuring this sites to the max, its really worth it for me. Again, a little trial and error and you ll get the site done like in the picture. If you visit the site without using NoScript, you ll have 12 domains loading scripts. In my case, only the three that are required for me to watch games there are allowed. Nothing else. Seven of the 12 domains are black listed and they are bad. In sites like that is very easy to get hit with fake scanners, or get offers to install this or install that, malware. By using NoScript, nothing. Sites like that become Disney World. So, no need to hurry doing the learning, take your time with NoScript. Its really worth it. And if you are using Sandboxie, even better. You can practice learning NoScript while running sandboxed. Bo
Vasa, I think you are using Classic theme restorer, Right? You can eliminate Hello in Classic theme restorers Advanced settings, Uncheck "Calling and conversation / Loop" I haven't updated to Firefox 45, but this works in 44.0.2. Bo
Hi Bo, I already have that unchecked. I also have: loop.enabled;false loop.textChat.enabled;false and loop.browserSharing.showInfoBar;false No big deal though.
if only life were that simple, always offering us 2-3 simple choices to select from. but it isn't. and same as life, the internet is unpredictable too. nothing goes as planned. even legit/trusted sites such as microsoft.com might get compromised at times. trial & error leaves users on their own to decide and that makes the software in question obsolete in the first place. one mistake, and there goes the whole concept of security. it's not worth to have that crippled daily browsing experience if you'll be on your own to decide what's to allow and not. today, websites do not host all the interactive/multimedia content on their servers/one server. all the content is compartmentalized to be hosted & provided by different CDN's (content delivery network). so most of the time it's much harder than that to guess what to allow and not.
The HSTS preload list is small and doesn't include a great many of the financial, health, etc sites where someone would want to assure HTTPS. Although sites are better about using HTTPS these days, it would still be wise to force HTTPS where you can. If not NoScript's force HTTPS feature, then HTTPS Everywhere or something else.
After my experience I wouldn't recommend NoScript's force HTTPS feature. The extension HTTPS Everywhere seems to be fine (on Chrome, I don't know about Firefox). In fact, after five or six years of using NoScript on Firefox I don't regret uninstalling it.
Hi Vasa. You got me curious so instead of waiting for a couple of days to update, I upgraded Firefox to version 45. I can tell you that in my W7, Hello remains gone after the upgrade. I also tested a new Firefox profile and without changing any settings, I installed Classic theme restorer, and disabled Hello. After restarting the browser, Hello was gone. Bo
I gave real world examples of how to do things with NoScript. In my honest personal opinion, most sites are very easy to figure. You can, when you go to a new site, a site you are not going to bookmark, try using it without allowing any scripts. Most of the time, you dont have to allow any scripts in the new site to do what you went there for. That is my usual case. But if there is a video there that you want to watch and you are not going to use the site regularly, then you can temporarily allow the site. Thats the reason for this setting to be available. A really tough site to figure when you are a beginner would be something like huffingtonpost. I don't use huffington but sometime ago, I helped a friend figure the site out and was easy. I mean, when you go there and look at the NoScript menu, it is kind of intimidating when you see the long list of domains and if you start temporarily allowing the site, you end up with 40 and more domains loading scripts there. It looks difficult but is not. People here at Wilders like to talk about using common sense, well, then use it, if you do, you can quickly figure out the 2 or 3 domains that are required to watch videos in that site and then you do the same for pictures. And when you move from huffington UK to huffington France or USA, you allow a couple extra domains. In the end, you, end up not only safer but with a clean internet. To you, NoScript breaks the internet, to me, NoScript cleans the internet and makes it enjoyable. Using or not using NoScript to me is like night and day. I enjoy the internet as much as I do thanks to NoScript. I want you to know. I have been using NoScript for a little over 7 years. Same time as Sandboxie. To this day during this 7 years, while browsing, I havent seen anything that looks like malware. Never. That is due to NoScript blocking silently. I have never during this years deleted a sandbox before being ready to finish the browsing session because I suspect malware infecting the session. Never. Thats the power of NoScript. Bo
I don't think you can attribute that all necessarily to NoScript though Bo. It seems to me that you have very secure browsing habits and would be unlikely to get infected regardless of the browser you are using. I'm not doubting NS's efficacy, but in Windows for the past six years or so I've either been in K-Meleon or Maxthon mostly, and I've not been infected in Win 7 ever. I did once, in 2008, contract a trojan from a flash ad in a Russian site on my old Vista laptop. I was running SeaMonkey at the time and that trojan was the reason I downloaded NoScript in the first place. SUPERantiSpyware removed it after the Google filter (I was using SeaMonkey's Google translator) informed me malware had passed onto my computer. Just the option to toggle JS off would be easier for many people.
