WalkGoodCheckin out where you are! Premium Member join:2002-12-28 Patchogue, NY |
WalkGood
Premium Member
2012-Aug-22 10:25 pm
Is turning off Javascript really necessary any more?Is turning off Javascript in your browswer REALLY necessary any more?
I have javascript enabled in my browser(s), but I know people who swear that they MUST turn off javascript or they will be hacked and/or they will get a virus. |
|
91862239 (banned) join:2011-10-15 Brownsville, TX |
91862239 (banned)
Member
2012-Aug-22 10:36 pm
i heard that to try it turn it off then go to all your favorite websites like youtube or any site and see if it works if it does keep it turned off |
|
JuggernautIrreverent or irrelevant? Premium Member join:2006-09-05 Kelowna, BC
3 recommendations |
to WalkGood
Use FireFox, and NoScript. Then, allow what you want, and need to see a site.
Control. It's a good thing. |
|
AVDRespice, Adspice, Prospice Premium Member join:2003-02-06 Onion, NJ
2 recommendations |
AVD
Premium Member
2012-Aug-22 11:09 pm
it is no more safer now than it ever was. |
|
OZO Premium Member join:2003-01-17 |
to WalkGood
I don't think that JavaScript creates any kind of serious vulnerabilities. At the same time, I think the more people use protection against any kind of attacks (including JavaScript) - the better. It discourages some form writing new bad code. It's like, the more people use anti-spam filters, the less spam I may get... So. lets users make their computers more safe, I'll benefit from that Personally, I keep JavaScript on all the time with all web sites I visit and, BTW, without any antivirus programs, running on the background too. To avoid annoying ads, to block cross-site scripting and other tracking tricks I run Proxomitron sidki's filters. And that's all "protection" that I have and it's completely enough for me |
|
therube join:2004-11-11 Randallstown, MD |
therube
Member
2012-Aug-22 11:56 pm
> I don't think that JavaScript creates any kind of serious vulnerabilities.
There is nothing wrong with JavaScript.
It's not that JavaScript creates vulnerabilities, but rather that JavasScript is used by malware writers to facilitate their transmission of, malware. (Now they don't have to use JavaScript, just makes it much easier for them to code that way.)
So, use NoScript. Allow JavaScript where its needed. If not Allowed, it is blocked, everywhere else. Simple. (Not always so simple is knowing what is needed where. But over time, you get a feel. BTW, it is not needed here, for most all activities. Some may not care for it.) |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI
1 recommendation |
to WalkGood
I tried NoScript and the internet was crippled as was this site. I don't know what you mean by this site not needing JavaScript. EVERYTHING needs it ....seems like. Just use IE with notification permission turned on anytime active scripting is needed and you will see that you can't enjoy the internet without it as IE will constantly put up the question about allowing active scripting to run or not. I can't even open Outlook Express without TWICE telling IE that it ok to allow javascript.
I far prefer to use the Proxomitron. I have no idea how anyone could complain about Proxo being difficult to use but they think NoScript use is a piece of cake. |
|
|
to WalkGood
walkgood, in my opinion, if you want your computer to be secure, yes, javascript must be disabled, but it is not practical to disable it universally, to have it disabled for every single website.. so, with "internet explorer", you have it disabled in IE's "internet zone" and "intranet zone" (ie you use high security-settings for IE's "internet zone" and "intranet zone" zone) and then add websites to IE's "trusted sites" zone as necessary, where "javascript" is not disabled..
with "firefox", you just use "firefox" with the "noscript" "addon" and then allow scripting for individual webpages as needed (which is similar to adding websites to IE's "trusted-sites" zone).. i use "firefox" with the "noscript" addon.. i only rarely ever use IE.. specifically, i use IE when installing "windows updates" and at a couple of websites where i need for "activex-controls" to run.. |
|
19579823 (banned)An Awesome Dude join:2003-08-04 |
to Mele20
quote: I tried NoScript and the internet was crippled as was this site. I don't know what you mean by this site not needing JavaScript. EVERYTHING needs it
Well thankfully not everything Mele! -- I usually always have scripts DISABLED.... (Only 3 or 4 sites i use do i have to enable them (Email,etc)) I think its better having them disabled! (faster loading of pages,etc) |
|
2 recommendations |
to WalkGood
Re: Is turning off Javascript really necessary any more?Are we talking about Java or Javascript. They are two very different animals. Java is used by websites. Java script is a html programing language. |
|
WalkGoodCheckin out where you are! Premium Member join:2002-12-28 Patchogue, NY |
WalkGood
Premium Member
2012-Aug-23 9:42 am
said by Ken1943:Are we talking about Java or Javascript. They are two very different animals. Java is used by websites. Java script is a html programing language. Javascript is what I am asking about. |
|
ZZZZZZZ Premium Member join:2001-05-27 PARADISE
1 recommendation |
to Mele20
quote: I tried NoScript and the internet was crippled as was this site.
Are you kidding me? I've had javascript disabled for years on all my browsers and the only ''crippling'' it's done is block all the crap on the internet. Noscript controls it beautifully [if you know what you're doing].. |
|
sivranVive Vivaldi Premium Member join:2003-09-15 Irving, TX
1 recommendation |
to WalkGood
I haven't bothered disabling javascript globally in a long time, except for sites that annoy me. |
|
WalkGoodCheckin out where you are! Premium Member join:2002-12-28 Patchogue, NY |
to ZZZZZZZ
said by ZZZZZZZ:
I've had javascript disabled for years on all my browsers and the only ''crippling'' it's done is block all the crap on the internet.
Noscript controls it beautifully [if you know what you're doing]..
I have no experience with "Noscript" and 99% of the time I use Firefox. Can you give some pointers on any settings with Noscript? |
|
1 edit |
said by WalkGood:I have no experience with "Noscript".. Can you give some pointers on any settings with Noscript? i suggest that you just install "noscript" and use it and, through using it, figure out which settings you want to use.. that is what i did.. noscript's settings-options are pretty simple and intuitive.. i think that it is possible to use some "complex" custom settings with "noscript" but i haven't tried doing anything like that.. |
|
your moderator at work
hidden :
|
DigitalXeronThere is a lack of sanity join:2003-12-17 Hamilton, ON |
to therube
Re: Is turning off Javascript really necessary any more?said by therube:> I don't think that JavaScript creates any kind of serious vulnerabilities.
There is nothing wrong with JavaScript.
It's not that JavaScript creates vulnerabilities, but rather that JavasScript is used by malware writers to facilitate their transmission of, malware. (Now they don't have to use JavaScript, just makes it much easier for them to code that way.) While Javascript as a language doesn't generate vulnerabilities, its implementation in most cases does. The need of browser extensions and modules to secure it is a sign of this. Still none of those modules provide access to explicitly disable specific features of javascript because the JS interpreting engine is often a monolithic component of the browser where you either allow a domain/site to run it or you don't. Firewalls are largely useless against javascript security issues because any actions javascript does is under the context of the browser. A significant example of this is that in the majority of implementations, there's no way to say, prevent javascript from calling out and making connections (think: XMLHTTPRequest) or outright preventing window creation/opening functions from working (popups still plauge some sites and use tricks to bypass popup blockers) while keeping it enabled. Javascript is gaining more and more power to essentially create applications within the browser itself and its becoming a near impossibility to avoid. I think Javascript needs a lot finer grain control than it has in most instances because I see eventually javascript gaining native level access to the computer it runs on as "apps" gain traction. |
|
ZZZZZZZ Premium Member join:2001-05-27 PARADISE |
to WalkGood
quote: I have no experience with "Noscript" and 99% of the time I use Firefox. Can you give some pointers on any settings with Noscript?
Noscript blocks all scripts on sites,so you can leave javascript enabled [although I don't] and then just click on the Noscript icon to temporarily allow any site you trust and wish to see that content. Certain sites like facebook and Cnn ,have so many 3rd party scripts ,that it's a joke. |
|
sivranVive Vivaldi Premium Member join:2003-09-15 Irving, TX |
sivran
Premium Member
2012-Aug-23 3:17 pm
You can also set it to automatically allow first party sites, which reduces the amount of reloading you have to do. |
|
ctggzg Premium Member join:2005-02-11 USA |
to WalkGood
said by WalkGood:... but I know people who swear that they MUST turn off javascript or they will be hacked and/or they will get a virus. They're wrong and misinformed. NoScript is also worthless snake oil for the paranoid. |
|
JuggernautIrreverent or irrelevant? Premium Member join:2006-09-05 Kelowna, BC |
I would disagree, as will many others here. |
|
ZZZZZZZ Premium Member join:2001-05-27 PARADISE |
to ctggzg
quote: They're wrong and misinformed. NoScript is also worthless snake oil for the paranoid.
lol............ya right buddy. |
|
|
KearnstdSpace Elf Premium Member join:2002-01-22 Mullica Hill, NJ |
to WalkGood
I only turn it off if a website uses it to disable a feature. Sometimes I am out surfing the net and see a picture that would make an awesome desktop... but the site has right click disable. turn off Javascript and problem solved. turn it back on and get back to surfing. |
|
OZO Premium Member join:2003-01-17 |
OZO
Premium Member
2012-Aug-23 6:26 pm
That's actually a good example, when turning off JavaScript could be useful. IMO, web sites should never block context menu in user browsers.
Just in case if you don't want to turn JavaScipt off in such case you may open site in IE and then copy image file from its cache. Remember, everything you see in your computer is already here, downloaded. Just take it and use as you need... |
|
therube join:2004-11-11 Randallstown, MD |
to ctggzg
said by "quatrix" : They're wrong and misinformed. NoScript is also worthless snake oil for the paranoid.
OK. (Enough said.) |
|
|
to ctggzg
said by ctggzg:said by WalkGood:... but I know people who swear that they MUST turn off javascript or they will be hacked and/or they will get a virus. They're wrong and misinformed. NoScript is also worthless snake oil for the paranoid. Knowledge is also food for the ignorant, so judging from your statement - dig in! |
|
therube join:2004-11-11 Randallstown, MD
2 recommendations |
to DigitalXeron
All code has vulnerabilities. But that does not mean that a particular code is needed everywhere or all the time. Since code can be exploited, anything you can do to limit code, will help to make you safer. Flash is basically required these days. It is not needed all the time nor is it needed everywhere. So if you can block Flash, & only enable it when you actually need it, you are safer. Java (for some, myself included), may not be needed at all. For others, they do require it. Again it is not needed all the time nor is it needed everywhere. So if you can block Java, & only enable it when you actually need it, you are safer. (Better yet, in my case, don't even install it.) JavaScript is (basically) required these days. Disable it entirely, & sooner rather then later, you're likely going to need to enable it. But if you can limit its usage, you are better off. And when you have something that can provide more granular control then a simple on/off switch, you are both safer & able to control your browsing experience more effectively & efficiently. NoScript can do that. (Among many other things.) |
|
Mele20 Premium Member join:2001-06-05 Hilo, HI |
Mele20
Premium Member
2012-Aug-23 8:12 pm
said by therube:But if you can limit its usage, you are better off. And when you have something that can provide more granular control then a simple on/off switch, you are both safer & able to control your browsing experience more effectively & efficiently. NoScript can do that. (Among many other things.) So can the Proxomitron and with a heck of a lot less problems. As I have said many times, why anyone would claim NoScript is the answer when Proxo is available with the latest Sidki filters from December 2011, I can't understand. It sometimes will block something, and it is not perfect, but a lot easier to use than NoScript, plus, it works on all browsers...you are not limited to Fx or Opera with its builtin "noscript". |
|
therube join:2004-11-11 Randallstown, MD |
quote: But if you can limit its usage, you are better off.
quote: So can the Proxomitron
Whatever means works for you. If NoScript isn't your cup of tea, & Proxomitron can do similar, then by all means. And in IE (which I'm not familiar with) you can use that "trusted zone" (or something or the other), but I would think that to not really be feasible. But if you're glotten for punishment ... |
|
ZZZZZZZ Premium Member join:2001-05-27 PARADISE |
to Mele20
Proxomitron is what 10 yrs old and as the author has passed away,it doesn't look like they'll be any further developement. All it does is the same thing a Hosts file does...........and or a *pac file. Noscript blocks flash,java and any number of other options. It's a shame you couldn't understand how to learn how to use it........it probably would only have taken 5 minutes. |
|