|
|
Vasudevan Deepak Kumar wrote: MadHatter ¢ wrote:
switched off the noscript
How?
dont know... probably my 3 yr old son playing on the computer.
/bb|[^b]{2}/
|
|
|
|
|
I set it up so JavaScript/JScript/ECMAScript can only do certain things. For instance, it doesn't get to "Raise or lower windows". Of course, that's only in Firefox. In IE, I allow it for every site, but again, only limited control (no scripting of ActiveX controls, whatever). Trusted Sites get a bit more control. For instance, I let GMail do pretty much anything so I get all the AJAX goodness. I think most browsers allow some extent of granularity in controlling JavaScript behavior.
Do most people even know what that means? Of course not. They either blithely leave it at the default settings, or they hear a news report about JavaScript evil and turn it all off.
Of course, all of us good web monkeys are gracefully degrading our web sites so the user doesn't need it enabled, right?
|
|
|
|
|
|
I stoppped using "Trusting" software a long time ago. Since I moved to firefox last year I have not had a single virus, adware, spyware, or trojan and I don't even have a virus scanner.
(No comments about the stupidity of not having a virus scanner; there are logical reasons beyond the comprehension of most)
"Until the day of his death, no man can be sure of his courage" -- Jean Anouilh
|
|
|
|
|
Ennis Ray Lynch, Jr. wrote: (No comments about the stupidity of not having a virus scanner; there are logical reasons beyond the comprehension of most)
Like what?
Jeremy Falcon
|
|
|
|
|
I actually have Clam. When I develop I don't like my memory being scanned as it seems to slow me down. Plus I just don't like the way McAfee products attempt to control my machine and install themselves so thoroughly destroying performance that it is like a virus itself.
"Until the day of his death, no man can be sure of his courage" -- Jean Anouilh
|
|
|
|
|
Ennis Ray Lynch, Jr. wrote: McAfee products attempt to control my machine and install themselves so thoroughly destroying performance that it is like a virus itself.
Grim (aka Toby) MCDBA, MCSD, MCP+SB
SELECT * FROM users WHERE clue IS NOT NULL
GO
(0 row(s) affected)
|
|
|
|
|
|
Agree, I guess that's one of the reasons 78% (so far) has JS enabled.
Often JS is used in the menu, and how to browse a website without that menu.
|
|
|
|
|
|
A matter of principle if you will
But ECMAScript is OK.
My programming blahblahblah blog. If you ever find anything useful here, please let me know to remove it.
|
|
|
|
|
|
That's one of the reasons for which I switched over to tea.
|
|
|
|
|
Haha, I like bali better...
I have javascript enabled all the time, just need to run something like windows defender to prevent any website from installing spyware through javascript.
WM.
What about weapons of mass-construction?
|
|
|
|
|
|
There is no 100% security. If you are that paranoic you better cut off your internet connection because you never know what will attack you through any tcp/ip port, crashing entirely your firewall and hacking your computer. You should scrap your email client as well and start telnetting to your server to read your mails using the console - this is really secure you know.
No Firewall is 100% safe, no antivirus software is 100% safe and crippling your browser because of paranoia won't help you that much - there are other alternative ways of hacking into your computer.
Regards,
Nikolay
|
|
|
|
|
Nikolay,
This applies to normal human life as well. There can not be a hundred per cent perfection. There is always a scope for improvement and development. And this applies to Security Components like AVs and Firewall software too.
nsimeonov wrote: If you are that paranoic you better cut off your internet connection because you never know what will attack you through any tcp/ip port, crashing entirely your firewall and hacking your computer. You should scrap your email client as well and start telnetting to your server to read your mails using the console - this is really secure you know.
Even though, you totally put yourself in a closed shell, there can just another loophole. Insert a CD or a Floppy in the system with a virus infection and the viruses will play haywire on your system. With the perspective of 'security cut down accesspoints', now, you should cut off access to Floppy/CD too. ;P
Vasudevan Deepak Kumar
Personal Homepage
namespace LavanyaDeepak Personal Weblog The World of Deepak and Lavanya ViewPoint 24x7
|
|
|
|
|
A true ayatollah's speaking
|
|
|
|
|
In IE: Yes but only for trusted sites
In FF: Yes, I've never had the need to disable JS
I've pretty much switched entirely over to using FF, with a good hosts file, FlashBlock, and user.css rules to get rid of most of the ads/bad cookies.
--Mike--
Visual C++ MVP
LINKS~! Ericahist | PimpFish | CP SearchBar v3.0 | C++ Forum FAQ
VB > soccer
|
|
|
|
|
I've actually started using FireFox for almost everything. I run the NoScript extension, so JavaScript is off by default for every site until I explicitly go in and add it to the safe list.
Right now, for instance, I have codeproject.com enabled, but it's blocking 2mdn.net, questionmarket.com, and doubleclick.net. All of which have content on this page somewhere.
Unfortunately, I have to leave all the Java crap turned on in IE for the Intranet and corporate extranet. I even had to install the JRE just so I can use our timesheet applet to request vacation time. *sigh*
Grim (aka Toby) MCDBA, MCSD, MCP+SB
SELECT * FROM users WHERE clue IS NOT NULL
GO
(0 row(s) affected)
-- modified at 9:06 Tuesday 20th June, 2006
|
|
|
|