Is NoScript really that necessary for Firefox besides your current internet security?

Discussion in 'polls' started by encus, Mar 27, 2013.

?

Is NoScript really that necessary for firefox besides your current internet security?

  1. Yes.

    57 vote(s)
    52.8%
  2. No.

    46 vote(s)
    42.6%
  3. I have no idea.

    5 vote(s)
    4.6%
  1. encus

    encus Registered Member

    Joined:
    Nov 2, 2009
    Posts:
    535
    Please also give the reason of your answer.

    Thank you.
     
  2. Daveski17

    Daveski17 Registered Member

    Joined:
    Nov 11, 2008
    Posts:
    8,029
    Location:
    Lloegyr
    I think that due to a lack of tab sandboxing NS is a good basic security precaution. It can also be used in combination with RequestPolicy for even more control over scripts. Plus, it has advantages in that you can block things like Facebook widgets running on & so improve page loading times. So yes, for me anyway, it is necessary.
     
  3. gambla

    gambla Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    161
    Location:
    Frankfurt, Germany
    I think yes, cause it's preventing any scripts to run and though download any payload instantly, even any payload that could bypass sandboxie. Afaik there's malware around that can do this. Of course NS is just one security layer of many.
     
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i would say yes because i have no internet security.

    i also like that it cuts down drastically on the bandwidth-sucking marketing/tracking sludge. :thumb:
     
  5. noone_particular

    noone_particular Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    3,798
    IMO, some means of scripting control and web content filtering is necessary. It doesn't necessarily have to be NoScript.
     
  6. mattdocs12345

    mattdocs12345 Registered Member

    Joined:
    Mar 23, 2013
    Posts:
    1,785
    Location:
    US
    no script not only for security but also to increase browsing speed on slow CPU computers.
     
  7. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    Yes it is necessary. It not only offers great protection but also 'cuts down sludges'.
     
  8. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Yes, because the only other "Internet" security I have is a router and Windows firewall with advanced security, plus the security options in Firefox enabled. I consider NS an enormous security benefit.
     
  9. virtumonde

    virtumonde Registered Member

    Joined:
    Jan 18, 2008
    Posts:
    501
    Depends what you used the internet for.
    I voted no,i need to see all page contents, but considering the high number of javascript annoyances out there i understand why many users find it useful.
     
  10. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    "Necessary"? No. Invaluable to kill tracking, 3rd party BS and more? Heck yes. It may annoy you to no end when it comes to that one site you visit on occasion that has to have 5 or 6 scripts allowed and you aren't sure which ones they are. But after that painful moment, you're golden. I do however wish there was better pop-up control for scripts. Even with NoScript, ABP and Firefox pop-ups blocked, damned if some websites still don't throw them at me.
     
  11. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    If you whitelist a number of sites in NoScript because you need to see all content on there, things like NoScript don't help if any of those sites become compromised. This is why a layered approach is needed.
     
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    I don't think so. I used to be a regular user but I found it to be too much work. I have not been infected by anything in the last 8 years, so I feel it is overkill, for myself anyway.
     
  13. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    I see about one popup a year. The only sites where I get popups are sites, like the old Megaupload, where you might get a popup when allowing the page in order to be able to download something. Other than in those sites, I don't get any.

    Bo
     
  14. Giorgio Maone

    Giorgio Maone Developer

    Joined:
    Mar 13, 2007
    Posts:
    27
  15. ght1

    ght1 Guest

  16. niki

    niki Registered Member

    Joined:
    Jun 9, 2010
    Posts:
    363
    Yes, absolutely. I don't surf without it. Many thanks to the developer!! :thumb:
     
  17. The Red Moon

    The Red Moon Registered Member

    Joined:
    May 17, 2012
    Posts:
    3,872
    Another great use of noscript is the ability to stop the automatic running of some flash videos in websites.
     
  18. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    No, I could live without it. I don't use NoScript for security reasons anyway.
     
  19. Techwiz

    Techwiz Registered Member

    Joined:
    Jan 5, 2012
    Posts:
    539
    Location:
    United States
    Security is about covering your bases against potential attack vectors. Sure your could run your browser in a sandbox or run a virtual machine, but these types of applications are geared at protecting your system. But what about protecting your web browsing? The attack might not be to compromise your system. It might simply be to steal your login with a malicious iframe. I find it hilarious when people hide behind arguments like these:

    "Well I have an application that blocks the execution or the download of malware on my system."

    "But I practice good habits when surfing the internet and I'm very careful about what I click on, download, and install to my system."

    Well that is funny, because most of the people I know that proclaim to do these things still can't spot a phishing site and e-mail. They click on "security pop-ups" without the slightest thought of whether its real. Probably the only valid arguments against using add-ons are:

    (1) the add-on itself is malicious. This wouldn't be valid for No-Script or Request Policy as far as I known.

    (2) But what if the site you visit is compromised, and the add-on allows trusted scripts that are now malicious. Shouldn't you be more concerned about logging into a hijacked website? Honestly, regardless of what it just downloaded to your computer. You've just given it your pay-pal information.

    (3) The add-on conflicts with something else. Well then you need to figure out what's more important. Using last-pass to manage your password, which could be swapped out for another manager like key pass ;) or dropping No-Script. Even then, it's likely there is a suitable configuration to make the two compatible.

    Some people think security becomes irrelevant when it becomes a head ache to manage. I don't share your opinion, but I'll respect it. Don't use the add-on if your don't honestly want to. I don't think the learning curve is that steep for no-script. It's fairly easy to figure out which scripts to allow for a website and which scripts to ignore. You can even white-list if you don't want to click allow everyday. So yes, No-Script is an absolute for me. I would suggest it to anyone that wants more than a passive security setup.
     
  20. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
    Let me ask one thing, can't these extra protections ("unrelated to script blocking") get implemented in Firefox?

    If they can, why such thing still didn't happen?

    Genuinely curious.
     
  21. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    Necessity is the mother of invention. NoScript is one example.

    If one uses Firefox, I would recommend them install NoScript....even if it's in "Allow Scripts Globally" mode.

    P.S. Of course, as always, different folks have different needs.
     
  22. hogndog

    hogndog Registered Member

    Joined:
    Jun 9, 2007
    Posts:
    628
    Location:
    In His Service
    The big complaint I'm hearing from folks that have tried No Script is that bothersome nag screen constantly popping up and staying up, i hated it too until i found the adjustment in the options window. You can set it to dismiss by going to Options > Notifications > Then set it and forget it. Otherwise your missing out on one of the best tools for your toolbox.. IMO :)

    Mines set to 5 seconds.. That and we don't have to allow everyone of those sites to have access to our machines, why should we?

    Hogndog
     
  23. bo elam

    bo elam Registered Member

    Joined:
    Jun 15, 2010
    Posts:
    3,770
    Location:
    Nicaragua
    The message can be set not to be displayed, that's how I have it.:)

    Bo
     
  24. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Likewise, the primary use is non-security related.
    Mrk
     
  25. Alhaitham

    Alhaitham Registered Member

    Joined:
    May 18, 2013
    Posts:
    173
    Location:
    Egypt
    yes, it is
     
Loading...