NoScript or uBlock Origin

Discussion in 'polls' started by Joxx, Sep 13, 2016.

?

NoScript or uBlock Origin

  1. NoScript

    11 vote(s)
    14.5%
  2. uBlock Origin

    65 vote(s)
    85.5%
  1. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    It slip past my mind repeatedly, I'm sure psychiatry has a definition for it, it had nothing to do with...
    ... stress plays up with one's mind, I'm not immune.
     
  2. gorhill

    gorhill Guest

    There is no dilemma as long as you have the choice to set a global or local rule equally easily.
     
  3. paulderdash

    paulderdash Registered Member

    Joined:
    Dec 27, 2013
    Posts:
    4,639
    Location:
    Under a bushel ...
    I used to use NS, Request Policy Continued and ABP, and even Ghostery in the past, but I find uBlock Origin medium mode + NoScript allow scripts globally is now the by far simplest solution for me.

    So uBlockO and NS ( (thanks @summerheat, it may not really be necessary - see post #70), not or, but with uBO doing the 'heavy lifting'; I find uBO interface to be very intuitive and usable.

    I used uMatrix in tandem as well for a while, but the extra level of granular control over and above uBlockO dynamic filtering is not worth the effort, for me anyway.
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    OK, I think I see what you meant now.
    I don't think anyone is not "recognized (recognizing) that Noscript doesn't have site-specific rules ". We all know that. Try to understand that even though that feature is desirable for you and "many" other users to use it, there might be some users that feel perfectly fine not using it and if it was available in NoScript would not use it either. In other words, it might be a nice feature but is not for everyone. :)

    Bo
     
    Last edited: Sep 21, 2016
  5. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Thanks for calling my attention to #70.
     
  6. quietman

    quietman Registered Member

    Joined:
    Dec 27, 2014
    Posts:
    511
    Location:
    Earth .... occasionally
    I was all set to vote " Both " , but that option wasn't available ..... the story of my life !

    @gorhill - you have done a superb job on clearly explaining the relevant details , particularly on site-specific blocking ,
    and yet we are now on page 5.

    There is absolutely nothing wrong with your writing -
    ...so the problem must lie elsewhere. :)

    .... and so it goes .
     
  7. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    Yes, and it may yet make me change my vote, thanks for your input and congrats on a great piece of software whether I use it or not.

    I sincerely hope to see you on page 50
     
  8. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    Some time ago I ditched adblockplus with "acceptable ads" thing. I knew there was "something" about NS but wasn't aware of that level of deception. Thanks for posting. I read the whole sorry thing. I still have NS installed but locked down so it won't update and I do NOT like the constant phone home attempts which I have blocked. As I learn uMatrix and uBO to my satisfaction I want to get rid of NS.

    I think it's a sad state of affairs when people have to learn coding to be confident about having some semblance of safety. In the real world this just isn't going to happen for the most part. I don't understand too much about coding but I certainly check prefs/settings, test to the best of my ability, and inspect traffic to the best of my ability.

    A little while ago there was something about NS and uM and/or uBO and a cookie issue. I haven't seen any updates about that. Hopefully someone can chime in.
     
  9. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,199
    Fixed in uB0 1.7.6 and uMatrix 0.9.3.6.
     
  10. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    [maybe, this belongs in the main uBlock Origin thread]
    uBlock Origin hard mode + NoScript Allow Scripts Globally

    Q: does uBlock Origin filter WebGL and or DirectX. I noticed (with no rules for website) here, with guim.co.uk noop (http://s13.postimg.org/c16r2rkpz/screenshot.png) >> NoScript block WebGL http://s13.postimg.org/6w5jl57s7/screenshot.png

    And https://en.wikipedia.org/wiki/WebGL notes Mozilla Firefox – WebGL has been enabled on all platforms that have a capable graphics card with updated drivers since version 4.0. Since 2013 Firefox also uses DirectX on the Windows platform via ANGLE.

    Since NS seems to block WebGL. I'm curious does uBO...and why might NS...?
    Note: I had to lookup WebGL and I'm recent to uBlockO. Be gentle....please.
     
    Last edited: Sep 22, 2016
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Websites can access the graphic card and do damage when the graphic card is not up to date. WebGL is disabled in sites where you don't allow JS to run and is blocked in sites where you allow scripts when you enable "Forbid WebGL" in Embeddings. Thats what that setting does. You can in Firefox disable WebGL completely by toggling webgl.disabled to true in about:config.

    Bo
     
  12. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Aha, so my > guim.co.uk noop < allowed some JS to run. And that JS woke up my NoScript "Forbid WebGL".
    And sans NoScript. WebGL would have been allowed (what ever that would do) by my allowing some JS to run.

    When I was just NoScript (pre-uBO) and I'd (by habit) temp allow, thinking sandbox will catch. NoScript would have "Forbid WebGL" and I'd be none the wiser/worse off. I guess.

    So, websites in browser sandbox can access my graphic card...?
    Okay.....wonder if I'll notice anything break.

    Edit: so, NS Embedding restrictions remain active even though I'm allowing scripts on untrusted sites. + for NoScript..?

    Q: does uBlock Origin filter WebGL and or DirectX..? I'm recent to uBlockO. Be gentle....please.
     
    Last edited: Sep 22, 2016
  13. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Yes, the restriction remains active when you allow scripts to run. If something break, you can click the placeholder to allow it, or, if you are like me and have it set for placeholders not to be displayed, you can hover the browser over "Blocked objects", and allow WebGL from there for that site.

    Bo
     
  14. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    wonder if I'll notice anything break with disabled to true in about:config

    So, uBlock Origin filters WebGL as any script. And WebGL may be 1st or 3rd..?
     
  15. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    In my personal case use, I never have. :)

    That is so despite doing the change in about:config and forbidding WebGL in NoScript. HTH, bjm.

    Bo
     
  16. bjm_

    bjm_ Registered Member

    Joined:
    May 22, 2009
    Posts:
    4,453
    Location:
    .
    Okay, so WebGL block/disabled may be non-issue. Thanks
    Funny how new extension (for me) sparks new thinking.
     
  17. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,171
    What phone home attempts have you seen? Based on a quick review...

    Automatic, enabled by default, can be disabled:
    • Display the release notes on updates - UI checkbox & pref noscript.firstRunRedirection, opens https://noscript.net/...
    • Detect WAN IP and treat as LOCAL - UI checkbox & pref noscript.ABE.wanIpAsLocal, plus noscript.ABE.wanIpCheckURL, opens https://secure.informaction.com/...
    On demand:
    • Site Info - pref noscript.siteInfoProvider, opens https://noscript.net/...
    • ClearClick Report button - POST to https://noscript.net/...
    • ClearClick More Info button - opens https://noscript.net/...
    • Donate - opens https://secure.informaction.com/...
    • ABE Help - opens https://noscript.net/...
    • XSS FAQ - opens https://noscript.net/...
    • HTTPS FAQ - opens https://noscript.net/...
    I've trimmed full URLs to minimize bot traffic. The two requests I'd point out are the Site Info and ClearClick Report button, as both can reveal information about the site you are on. I didn't spot any unique identifiers being passed, and didn't explicitly check the code to see if steps were taken to block cookies (which aren't required AFAIK).

    Am I missing anything or does anything need to be corrected?
     
    Last edited: Sep 22, 2016
  18. Reality

    Reality Registered Member

    Joined:
    Aug 25, 2013
    Posts:
    1,198
    @TheWindBringeth
    I'd hardly think I'd be in a position to correct you :).

    I have not understood some of the settings in NS, and one of those is that detect WAN ip setting. I'm on version 2.6.9.22 and all I have is a check box to allow for updates and a little question mark next to ABE.
    I don't have the buttons you describe above, or settings to access FAQs.

    I mostly restart the browser with each site I go to (as a means to segregate browsing) and I get numerous callouts to hackademix.... approx 8 each time. I filtered some firewall results and in the last few hours there's 60 entries. I think this is way over the top. There are no lists I need for NS (that I'm aware of) and I just fail to see the reason for calling out at every browser start. Of the 4 domains spoken of in your link (noscript.net, flashgot.net, informaction.com and hackademix.net) I get call outs to the last 2. Informaction I found in uBO

    Edit: a second look and I do have those 2 FAQs. I guess some areas of NS I find are a little cluttered.

    FW log of hackademix.png
     
    Last edited: Sep 24, 2016
  19. colorado13

    colorado13 Registered Member

    Joined:
    Apr 16, 2005
    Posts:
    117
    Location:
    Orihuela, Spain
    Vote Noscript:thumb:
     
  20. TheWindBringeth

    TheWindBringeth Registered Member

    Joined:
    Feb 29, 2012
    Posts:
    2,171
    I am sure there are contexts in which you are! So please do speak up if/when you question something I've said. I would appreciate that :)

    This may help: https://hackademix.net/2010/07/28/abe-patrols-the-routes-to-your-routers/.
     
  21. Compu KTed

    Compu KTed Registered Member

    Joined:
    Dec 18, 2013
    Posts:
    1,411
    The WAN IP address query is described in the "Privacy Policy" of NoScript.
    It protects against DNS rebinding of attacks that targets your router's external (WAN) IP address.
    NoScript queries the secure.informaction.com/ipecho web service.

    The feature is enabled by default, but can be disabled by unchecking this box in NoScript.
    NoScript Options|Advanced|ABE|WAN IP ∈ LOCAL

    DNS Rebinding info:
    https://en.wikipedia.org/wiki/DNS_rebinding

    When I did use ' NoScript ' I changed several of the default settings.
     
  22. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    830
    Location:
    Ireland
    uBlock Origin.

    In my currently most used Firefox profile I recently uninstalled Decentraleyes and continue to use uBlock Origin and uMatrix. I considered removing uBlock Origin but I would miss the cosmetic filtering and I have privacy filters enabled which I might start to miss too.

    I have another profile that uses Decentraleyes and uBlock Origin and another profile that uses just uMatrix.

    One advantage NoScript has over uBlock Origin and uMatrix is that anything in the <noscript> tag of a webpage will be loaded when javascript is blocked by NoScript but it will not be loaded when javascript is blocked by either of the other two.

    <noscript> tags will get loaded even if blocking javascript with uBlock Origin or uMatrix, if you toggle the Firefox about:config preference javascript.enabled. I have the QuickJS add-on installed to easily toggle this preference for the very rare websites I want to use it with.

    An example of when loading <noscript> tags are useful is with Google Images. Without them loaded, Google Images does not show any results. With them loaded, results are shown with basic functionality.
     
  23. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,210
    Location:
    Among the gum trees
    Trialling uBlock Origin as an adblocker, but will keep using NoScript - so can't vote.
     
  24. kael1

    kael1 Registered Member

    Joined:
    May 7, 2013
    Posts:
    8
    just voted uBlock Origin
     
  25. ProTruckDriver

    ProTruckDriver Registered Member

    Joined:
    Sep 18, 2008
    Posts:
    1,444
    Location:
    "An Apple a Day, Keeps Microsoft Away"
    uBlock Origin ;)
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.