NoScript 10 + New Version Releases

Discussion in 'other software & services' started by Nanobot, Nov 14, 2017.

  1. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Hi Rasheed. What I am going to tell you is based on my experience using NoScript for 10 years, and what other users say about NoScript. People who learn how to use NoScript, users who become advanced users, find NoScript very easy to use and make it set and forget for the bulk of sites they visit on a daily and regular basis. This users dont have to interact with NoScript constantly. After a while using the program, the need to fine tune NoScript is minimum.

    On the other hand, users who call NoScript hard and say that it breaks the internet, they might not know it or realize it but the reason for that is because they haven't learned how to use NoScript. Thats the bottom line my friend, sorry, but that's the honest truth. Users must become advanced in order for NoScript to become easy. They have to set up the bulk of sites they visit daily to minimize fine tuning (as you call it).

    I can go weeks without having to interact with NoScript when I visit the bulk of sites that are in my bookmarks, only having to deal with the program when visiting new sites. And thats the way the program its supposed to work. As a NoScript user, thats exactly what I want.

    Bo
     
  2. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    After a while using NoScript, you become familiar with scripts, many of them you see them all over the internet, and the ones you haven't seen before, just by looking at their names, you can easily guess what they are or what they do. So, after a while, when you become familiar with scripts (which should happen, that's part of the process of becoming an advanced user) is easy to make educated guesses on whats required to allow when you land in new webpages (not bookmarked). Experience gives you this knowledge. Experience and knowledge makes the process of allowing whats required to get the content you want fast and easy.

    Bo
     
  3. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    No, it's not about learning how to use NoScript. My point is, you need to ask yourself why would you want to block all of these scripts? It's for security and speed, but there has to be a balance. It makes no sense to block first party scripts. Tools like uBlock and Ghostery will give you speed and security with almost no need for fine tuning. So the question is, what is the advantage that NoScript has?
     
  4. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    When I started using NoScript 10 years ago, there was nothing else that did what NoScript does. It has worked so well for me, there is no reason for me to try anything else. Or use any other content blocker alongside NoScript. Years ago (when I had not become an advanced user), I used Adblock plus along NoScript, but one day when I realized that ads could also be blocked by NoScript, I dropped ABP.

    Personally, my main reasons to use NoScript is for cleaning the internet, to load webpages faster, the browser and system runs easier. The computer runs smoother when using NoScript than without NoScript. But NoScript gives you also security.

    Read this. Ever since I started using NoScript, even before I became an advanced user, I have never ever seen anything that looks or smells like malware attempt to run while browsing. Thats the power of NoScript, Rasheed. Many a times here at this forum, I have credited NoScript for keeping me clean while browsing. Its not Sandboxie. For me, when browsing, Sandboxie is like a safety net, a safety net that never gets used.

    So, why should I try something else when I am using something that's proven to work. Also, I get satisfaction when I visit a website with 30 or 40 domains, and after a few seconds, I got what I want without allowing the whole page. Myself doing the blocking, without the need for using filters or lists. It feels good when you do it yourself. At least, I do.

    Bo
     
  5. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    Blocking Java scripts are indeed about security as far as I am concerned. Once know a sight is safe I can set it permenantly, but when ever I go to a new sight Java script is blocked. I like it that way
     
  6. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    And that's where the problem lies.
    If you mainly browse through bookmarks you'll spend some days tweaking NoScript and you only have to go back to its settings now and then when visiting new sites.
    But if, like me, apart from many bookmarks you search extensively, thus opening dozens or hundreds of new sites in a matter of hours, NoScript becomes a pain in the bottom. Under this specific scenario uBlock is the superior product.
    The argument NoScript vs uBlock comes down more to the user than the programs themselves, which are both top notch.
     
    Last edited: Apr 26, 2019
  7. summerheat

    summerheat Registered Member

    Joined:
    May 16, 2015
    Posts:
    2,199
    Well, even in the other scenario uBO is superior as you can block javascript per site as well. Or 3rd-party scripts only if you prefer that. With Dynamic Filtering in default-deny mode you can not only block scripts but any 3rd-party network requests which is an obvious advantage privacywise. And even if you have to noop a 3rd-party site the filterlists still come into effect and block ads/tracking which goes far beyond of what can be blocked by forbidding scripts alone.
     
  8. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Hi Joxx. Opening dozens or hundreds of new sites in a matter of hours sounds like an exaggeration but if you really do, for security (if you are not using Sandboxie ;)), that makes it even more important to block all scripts in new sites. And only allow whats required to get the content you want.

    Its likely, if you open at least 2400 new websites every day, you are going to meet malware somewhere along the line. Your browsing habit is the perfect scenario for using NoScript as is designed to be used.

    What I do when I visit new websites, is only allow whats required to get the content I want. In the vast majority of websites I visit, I dont have to allow nothing to get he content I want. Thats usually the case. But if I go to a new site, and I want to watch videos or see something thats blocked because it requires JS or something else, I allow it. Depending on how I feel at the moment, I might allow the page temporarily (makes things quicker and convenient) or I might trial and error allowing some of the scripts in NoScript menu until I get what I want. Using NoScript this way is no big deal, is easy to get used to and the way its supposed to be used.

    Note: I agree, both programs are great.

    Bo
     
  9. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I know you feel blocking JS per site is a great feature, and many other people do as well. But to me personally, honestly, the feature is not the end of the world. Of all my bookmarked sites, there are only about 5 websites where using that feature would make things more convenient for me. Not many. I know what they are and when I visit those websites, I temporarily allow this scripts that you really dont want to allow running everywhere but are required in a few websites that are important to me. Sorry, this feature is no big deal.

    Regarding blocking only 3rd party scripts. By default, NoScript blocks all scripts but if you want, for convenience, you can set NoScript to temporarily allow/set to Trusted Top level sites. So, if you want that, you can have it. I dont use that setting, but is there.

    Sin título.jpg

    I know you wont like what I am going to say and I said it before to you. You seen to have an urge to bash NoScript in every opportunity that comes along. You appear to me as always trying to convince people of the "superiority" of UBO over NoScript. IMO, you act that way because you yourself is not sure about that and your bashing of NoScript or attempting to convince people that is the better program, or trying to get people to switch programs, reinforces your belief that UBO is superior.

    Bo
     
  10. Joxx

    Joxx Registered Member

    Joined:
    Sep 5, 2012
    Posts:
    1,718
    It's not :) I give the expression "web search" its proper meaning.
    Under my scenario uBlock is the best balance of protection/usability given its more granular configurability.
     
  11. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    I dont have a problem with you feeling that way, I just wish you guys who prefer UBO, understand that some of us like NoScript better. To each is own.

    Bo
     
  12. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    OK, I get it, you simply like this approach, but what I'm saying is that NoScript will be pretty useless to the other 99% of the world. Almost nobody wants to spend time fine tuning stuff. Like I said, there is no need to block first party scripts, because browsers are already quite secure. Think of Chrome, Firefox and Edge. They aren't as easy to hack as browsers 10 years ago.
     
  13. imdb

    imdb Registered Member

    Joined:
    Nov 2, 2011
    Posts:
    4,208
    that's exactly the point. not everybody has 6 months to waste on a simple script blocking extension. most people don't, that's for sure.
     
  14. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    Yes, I like this approach but you still dont get it. When you use NoScript, one of your goals as a user should be to make the program set and forget, this is something thats achievable. Once you become an advanced user, is easy to make the program set and forget for the bulk of sites you visit daily and regularly. I can go hours or days without having to "fine tuning stuff". Only people who don't know NoScript have to constantly interact with the program. Bottom line: If you learn NoScript, you ll spend little time interacting with the program.

    Bo
     
  15. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    No I get it, but I don't want to spend time on this. And as others have already explained, you can perhaps make everything work on your most used sites, but what if you browse to new sites? My point is that the current approach of NoScript makes absolutely no sense. Just use uBlock for a week (as a test), you will see that pages will load just as fast, without breaking stuff.

    Exactly, I don't see the fun in that. Back in the days I used NoScript only for quickly blocking first party scripts on specific sites while still allowing scripts globally. With the new version, that's not even possible anymore. While with uBlock it is. NoScript only makes sense if you see every single website as a potential threat.
     
  16. Nanobot

    Nanobot Registered Member

    Joined:
    Jun 23, 2010
    Posts:
    473
    Location:
    Neo Tokyo
    No worries.
     
  17. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    That makes NoScript not for you. We all should use the program that is closest to fit our desires and needs. In my personal case, NoScript is the one. Is great to have choices. What I have a problem with is with some UBO users here at Wilders who expect and demand :D, NoScript users to switch, just because they think UBO is better. Even if UBO was actually better, that wouldn't make it right to be pushy and belittle NoScript or NoScript users.
    Rasheed, my NoScript is even more restricted than how NoScript comes by default. When you first install NoScript, frame, fetch and other are allowed by default in the Default preset. The entire universe of websites that you have never visited before or you haven't set up (white listed) falls in the Default category. This type of content is allowed by default supposedly to make things more convenient. And I disallow frame, fetch and Other. I allow nothing to run for websites that fall under Default.

    You probably read most of my Sandboxie posts, many times I have said that I dont give up usability or convenience for security. And I mean it. I feel the same way about NoScript. This should tell you how easy is to interact with NoScript when you visit unknown sites, even when your version of NoScript is more restricted than how it comes by default.

    Bo
     
  18. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
  19. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    I just went through configuring NoScript beta for Chrome for most of my regular sites but I closed Chrome then re-opened it and NoScript had vanished. Completely wasted my time on that machine.
     
  20. Krusty

    Krusty Registered Member

    Joined:
    Feb 3, 2012
    Posts:
    10,209
    Location:
    Among the gum trees
    Weird. I reinstalled NoScript into Chrome and my site settings were still intact.

    ... monitoring.
     
  21. Rasheed187

    Rasheed187 Registered Member

    Joined:
    Jul 10, 2004
    Posts:
    17,546
    Location:
    The Netherlands
    Well, that is not my intention. For me it's not about which extension is better, but I'm trying to explain that it hardly makes sense to use a tool like NoScript. It really isn't that easy to successfully hack browsers anymore, that's why you almost don't see them being targeted by exploit-kits. So for security, you don't need to block most scripts. I have tested NS on about 30 sites, and it broke functionality on about 25 of them, even with standard white-list, it doesn't make any sense.
     
  22. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada

    For once I agree with you :D I block ads and iframes only. This alone will prevent most website exploits, without the need to fine tune on a constant basis. Someone earlier mentioned blocking javascript for all site until he knows it's safe. How does one know a site is safe when javascript is blocked?

    But like you said, there is no need to block 1st-party scripts.
     
  23. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    6,144
    Location:
    Nicaragua
    My friend, I know that. You are not one of those users I was thinking about when I wrote that post. There is only 2, perhaps 3/4 that are like that, but they are very loud and make a lot of noise about how great UBO/UMatrix is and how terrible NoScript is, and why you are so stupid for not switching to magnificent SuperUbo.

    Anyway, NoScript is not for everyone but I am glad I discovered, and adopted it. I feel the same about it as I feel about Sandboxie. This two programs changed my internet experience radically for the best. The fact that I adopted this programs 10 years ago, never drop them or even look or thought about a replacement should tell you how easy is to use them and how effective they are.

    The one thing I like you to understand is that NoScript is actually a very easy program to use. I know is hard for you to understand, but making NoScript set and forget (to minimize interaction with the program) is something that's achievable, and something that most if not all users should try to achieve.

    In my personal view, based on my experience using NoScript and what other users (advanced or not) say about the program, I came to the (educated) conclusion that the people who think that you have to constantly fine tune or interact with NoScript are people who dont know enough about NoScript, people that haven't reach certain level of advancement. To make NoScript sort of set and forget, you have to become an advanced user. There is no way around that. You have to become familiar with scripts and scripts names and what they do. Time gives you the experience. It takes time to learn the program. After a while, you become familiar with scripts. I consider myself a dummy user, and I learned. Now, just by looking at the names I know what scripts do, If I go to a new site that the NoScript menu shows 30 or 40 domains, I dont get intimidated, I dont even blink. If I want to set that site up, is easy. It wasn't like that when I fisrt started using NoScript but it is that way now. Rasheed, try to get the message of this last paragraph. NoScript can be easy and almost set and forget (little interaction, fine tuning), even if it doesn't appear to you to be so. Best regards, my friend. Wish you the best.

    Bo
     
    Last edited: May 4, 2019
  24. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    4,064
    Location:
    Canada
    With all due respect, bo, there is a very good chance you are landing on new websites where your aggressive script blocking is blocking harmless and desired content without you even realizing it. This will most certainly be the case with most users utilizing aggressive blocking, even those using other blockers such as uBlock, since the majority of people surf a wide range of web sites. Unless one is surfing only a limited number of bookmarked sites the majority of the time, aggressive script blocking will result in constant user management of the blocker in an effort to allow harmless and necessary scripts to render desired content properly. And unless you have a photographic memory, no way in the world can one remember all the thousands of hostnames scattered across the Internet, especially when new ones are constantly popping up.

    BTW, exploit kits are far more likely to victimize users via outdated 3rd-party browser software such as Java, and Adobe Flash and Reader. Eliminate these historically vulnerable plugins, utilize less aggressive script blocking by filtering only iframes and ads, and one only has to keep the browser updated to avoid falling victim to these kits. Of course other security measures in place outside the browser will make these threats and others even less of a concern.

    With my "all due respect" comment again, this approach is boring at best. Some people want to see video content in sites as well as pictures that accompany the text.
     
    Last edited: May 4, 2019
  25. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,102
    Location:
    Hawaii
    What do you use to block the iframes?
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.