NoScript FTW !
Twitter is sitting on an amateur configuration blunder that makes it trivial for attackers to take control of user accounts, a researcher said Friday. The error resides in an Adobe Flash object hosted on the microblogging site, said Mike Bailey, a senior security analyst with penetration testing firm Foreground Security. …
Yes, but in most of the cases you whitelist sites you go most often and then just add new ones as you crawl there. It's not optimal, I agree, but heck, that's how it works.
I'd be happy to see a managed list (something like Adblock subscription list) with whitelisted domains. If somebody's paranoid, they can always disable it and go the old school way.
As a side-note I have noticed Google, being the devious b*stards they are, hosting JQuery scripts, which many sites rely on for "glitzy" functionality, from their analytics domain. I'm sure you can see the problem* with that.
* Actually, its not so much of a problem as, for instance, sites that use a Google hosted JQuery "lightbox" scripts often just fallback to opening the image in a new window/tab so you don't actually need to allow Google Analytics for many sites to remain functional... if a little "old-school"! Google are just being evil by trying to "force" people to allow analytics!!
This post has been deleted by its author
Where's your creativity? Where's your seizure-inducing colours? And the all-important line 40 to stop it from halting with the "scroll?" prompt when the screen gets full!
20 LET x = INT(RND * 7) : LET y = INT(RND * 7) : LET z = INT(RND * 7)
30 PAPER x : INK y : BORDER z
40 POKE 23692, 255
50 PRINT "Dixons is crap ";
60 GOTO 20
And they called it a mis-spent youth....
This post has been deleted by a moderator
Go back and re-read the article. It's other websites as well, Twitter was just an example. Although I agree it's an over-hyped service.
Does remind me why I stick with FF despite it being a blundering memory hog these days (3.6 is a minor improvement). Still waiting on noscript-a-like support on other browsers (adblock+ and flashblock would be nice as well, but we can't have everything).
Actually the memory issue tends to be related to No-Script - as much as I love the blocking add-on, I do find I purge my whitelist every 12 months or so for a performance boost.
Under vanilla operation FF runs about 20-30 meg,....currently with my NoScript whitelist it runs at 76. (whitelist contains about 280 entries)
I know Opera has the ability to do much of this stuff, but it's not at the same UI level.
In short, I acknowledge Opera has the ability, but it lacks the ease of use in this area.
I do use Opera on occasion, same as I use Chrome and, if forced, IE. I just prefer the security package I currently have set up with FF for most browsing. Personal choice and all that. ;o)
AdBlock: Right click on a page, select 'Block Content'. Click on the things on the page you want to block. Click on 'Done' in the 'Information Bar' at the top of the page.
Personalised Site Preferences: Set your defaults in the options as you normally would, then right click on a page and select 'Edit Site Preferences' to customise for the site you're on.
Personally, I find the Firefox UI to be quite horrible. Opera, admittedly, isn't much better in places, but at least it doesn't make me want to gouge my eyes out every time I see it.
Given that Opera is free again, I really don't know why people still use Firefox. It really is garbage.
And then the web site still may not work with Opera. I think the main current gap is in support for dynamic thingies of some sort.
But the problem isn't "Opera isn't safe from this".
has it's off days and cannot be relied upon, unfortunately.
I have come across a problem where NoScript installed in Firefox using a strange foriegn language, not English. Consequently, not much can be understood of the message content when it stops a script. Making it absolutely useless on my children's PC.
Er, even the program writer has been unable to fathom out this one. Any takers ?
And as for Firefox, you penguin heads might know why I cannot see the media player controls on my Myspace account. Flash Block isn't stopping the adds from playing, just the control panel ? NoScript would appear
superfluous at this time.
PS I'm using Ubuntu 9.04 and SeaMonkey is very wonkey too. Hence the use of Epiphany and Opera, the only browsers that actually work under my version of Linux. Sheesh !
Out of the twenty two replies at the time of writing not one comment has addressed even vaguely the actual content of the article, with the possible exception of the first sentence from Phillip Webster. All I can see is the usual Twitter is crap, Twitter users are twats, they should use adblock plus turbo with go faster stripes type comments. I'm no stranger to asinine comments but once something has been said is there a need to repeat it. Please Ms.Moderator bring back the automatic response option.
I can't contribute anything because I'm not knowledgeable enough but I wish those who are equally less gifted would STFU and let those who are actually say something constructive.
Biting the hand that feeds IT © 1998–2021