- TalkBack 3 of 5:
- Next »
- « Previous
- Thread View
- Flat View
- You are correct, it depends on the circumstances
-
Telling NoScript that you trust one site does not tell it to trust all scripts served through a site's Web page.
You are right. It would depend on if the javascript in question was linked from the trusted page (NoScript would block this) or if it was embedded into the page (NoScript wouldn't block it).
Seems to me that Firefox with NoScript meets that description
This I disagree with. NoScript actually disables the javascript engine for untrusted sources so the javascript doesn't run at all. Protected Mode (and AppArmor) allow the javascript to run but with greatly reduced permissions. NoScript doesn't trust any javascript, even if it is harmless. Protected Mode allows javascript to run but denies access to anything that the script shouldn't be messing with.
The disadvantage of NoScript is that it stops even legitimate javascript from running. Protected Mode (and AppArmor) allows legitimate javascript to run. Both fail the scenario where you get attacked by a "trusted site" but because NoScript disables even legitimate javascript, you are much more likely to turn NoScript off than Protected Mode for a certain site.
NoScript is like the gate of a gated community where there are no locks on the houses. Don't trust the mailman? Fine, you get no mail. Trust the mailman? Nothing stops him from walking into your house and stealing your stuff. Protected Mode is like a normal community. Anyone can put stuff in your mailbox but they can't get into your house.
I'll continue to use NoScript even if Firefox gets Protected Mode since they both live quite happily together! People in gated communities can still lock their doors.
- Posted by: NonZealot Posted on: 08/08/08 You are currently: a Guest | Members login | Terms of Use
It's why Protected Mode (and AppArmor) are better than NoScript
NonZealot | 08/07/08
|
 
It's why Protected Mode (and AppArmor) are better than NoScript
TimothyMcGowan | 08/08/08
|
You are correct, it depends on the circumstances
NonZealot | 08/08/08
|
|
RE: CNET's Clientside developer blog serving Adobe Flash exploits
jtwaldo | 08/08/08
|
|
RE: CNET's Clientside developer blog serving Adobe Flash exploits
Hates Idiots | 08/08/08
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
- Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
- Virtualization: Architectural Considerations And Other Evaluation Criteria VMware Of the many approaches to x86 systems virtualization available in the ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- The more you simplify, the more you save
-
When you transition from your existing Red Hat environment to SUSE Linux Enterprise from Novell, you can recognize dramatic cost savings, perhaps as much 50%
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer>>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
- Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
