Chrome has sandbox which suppose to protect it from driveby attacks. Do you still use ScriptNo or equivalent if so why?
i tried it but i stopped using it because it's erratic. and it hasn't been update since mid-February. there's a whole thread about ScriptNHo here: https://www.wilderssecurity.com/showthread.php?t=312164
No I don't use Scriptno. I have disabled Javascript globally and manually enable it for sites that I trust. Not a big problem, but of course I wish there was a "temporarily allow" option in Chrome. I briefly tried Scriptno, but didn't like it.
Do you mean an option under chrome://chrome/settings/content? Otherwise, if you run Chromium/Chrome in Incognito Mode, then if you globally disable JavaScript, every time you need to allow it, just click the JavaScript icon in the address bar, and the whitelist will only be valid for as long as the session is running; once you close Chromium/Chrome, JavaScript is disabled again for that specific website.
Yes, but there's also a tiny "button" adjacent to the address bar where I can choose to allow it by using a single click (if scripts have been blocked globally). Thanks for the tip Moonblood, I almost never use incognito mode but will reconsider it.
No, it is extremely bothersome and scripts need to be enabled pretty much on every webpage anyway. I am fine with adblock, flashblock and ghostery.
No I use admuncher premium and removed all the addons on all the browsers. except last pass and xmarks. Firefox never felt better ! cant believe that ABP was using all the memory !
No. Scripting being allowed is all but non-negotiable these days, even many third-party ones. If that is the case, I certainly don't want to have to whitelist every page I go to, security or not. If I understand Chrome security correctly, scripts are rather limited in what they can do anyway, as far as any shenanigans . I'm also under Sandboxie for the time being.
Not right now, but mostly because I find the interface awkward compared to Noscript. I may try it again though. (Chrome has click-to-play, and IIRC is supposed to be decent vs. XSS attacks. The sandbox on Linux is also supposed to be quite good. That said, I've never seen it put to the test.)
I'm not convinced that ScriptNo will work when I need it to so I don't use it. If NoScript came out I may or may not consider using it on Chrome.