 WalkGoodCheckin Out Your DeskPremium
join:2002-12-28
Patchogue, NY | Is turning off Javascript really necessary any more? Is turning off Javascript in your browswer REALLY necessary any more?
I have javascript enabled in my browser(s), but I know people who swear that they MUST turn off javascript or they will be hacked and/or they will get a virus. |
|
DelmarPip
join:2011-10-15
South Padre Island, TX | i heard that to try it turn it off then go to all your favorite websites like youtube or any site and see if it works if it does keep it turned off |
|
 JuggernautIrreverent or irrelevant?Premium
join:2006-09-05
Kelowna, BC
kudos:2 | reply to WalkGood
Use FireFox, and NoScript. Then, allow what you want, and need to see a site.
Control. It's a good thing.
--
Better to have it and not need it, then need it and not have it. |
|
 AVDRespice, Adspice, ProspicePremium
join:2003-02-06
Onion, NJ
kudos:1 | it is no more safer now than it ever was.
--
--Standard disclaimers apply.-- |
|
OZOPremium
join:2003-01-17
kudos:2 | reply to WalkGood
I don't think that JavaScript creates any kind of serious vulnerabilities. At the same time, I think the more people use protection against any kind of attacks (including JavaScript) - the better. It discourages some form writing new bad code. It's like, the more people use anti-spam filters, the less spam I may get... So. lets users make their computers more safe, I'll benefit from that 
Personally, I keep JavaScript on all the time with all web sites I visit and, BTW, without any antivirus programs, running on the background too. To avoid annoying ads, to block cross-site scripting and other tracking tricks I run Proxomitron sidki's filters. And that's all "protection" that I have and it's completely enough for me 
--
Keep it simple, it'll become complex by itself... |
|
 therube
join:2004-11-11
Randallstown, MD | > I don't think that JavaScript creates any kind of serious vulnerabilities.
There is nothing wrong with JavaScript.
It's not that JavaScript creates vulnerabilities, but rather that JavasScript is used by malware writers to facilitate their transmission of, malware. (Now they don't have to use JavaScript, just makes it much easier for them to code that way.)
So, use NoScript. Allow JavaScript where its needed. If not Allowed, it is blocked, everywhere else. Simple. (Not always so simple is knowing what is needed where. But over time, you get a feel. BTW, it is not needed here, for most all activities. Some may not care for it.) |
|
|
|
Mele20Premium
join:2001-06-05
Hilo, HI
kudos:4 | reply to WalkGood
I tried NoScript and the internet was crippled as was this site. I don't know what you mean by this site not needing JavaScript. EVERYTHING needs it ....seems like. Just use IE with notification permission turned on anytime active scripting is needed and you will see that you can't enjoy the internet without it as IE will constantly put up the question about allowing active scripting to run or not. I can't even open Outlook Express without TWICE telling IE that it ok to allow javascript.
I far prefer to use the Proxomitron. I have no idea how anyone could complain about Proxo being difficult to use but they think NoScript use is a piece of cake.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson |
|
| reply to WalkGood
walkgood, in my opinion, if you want your computer to be secure, yes, javascript must be disabled, but it is not practical to disable it universally, to have it disabled for every single website.. so, with "internet explorer", you have it disabled in IE's "internet zone" and "intranet zone" (ie you use high security-settings for IE's "internet zone" and "intranet zone" zone) and then add websites to IE's "trusted sites" zone as necessary, where "javascript" is not disabled..
with "firefox", you just use "firefox" with the "noscript" "addon" and then allow scripting for individual webpages as needed (which is similar to adding websites to IE's "trusted-sites" zone).. i use "firefox" with the "noscript" addon.. i only rarely ever use IE.. specifically, i use IE when installing "windows updates" and at a couple of websites where i need for "activex-controls" to run.. |
|
 Dude111An Awesome DudePremium
join:2003-08-04
USA
kudos:11 | reply to Mele20
quote:
I tried NoScript and the internet was crippled as was this site. I don't know what you mean by this site not needing JavaScript. EVERYTHING needs it
Well thankfully not everything Mele! -- I usually always have scripts DISABLED.... (Only 3 or 4 sites i use do i have to enable them (Email,etc))
I think its better having them disabled! (faster loading of pages,etc) |
|
| reply to WalkGood
Re: Is turning off Javascript really necessary any more? Are we talking about Java or Javascript. They are two very different animals. Java is used by websites. Java script is a html programing language. |
|
WalkGoodCheckin Out Your DeskPremium
join:2002-12-28
Patchogue, NY | said by Ken1943:Are we talking about Java or Javascript. They are two very different animals. Java is used by websites. Java script is a html programing language.
Javascript is what I am asking about. |
|
 ZZZZZZZPremium
join:2001-05-27
PARADISE
kudos:1
 ·Shaw
| reply to Mele20
quote:
I tried NoScript and the internet was crippled as was this site.
Are you kidding me?
I've had javascript disabled for years on all my browsers and the only ''crippling'' it's done is block all the crap on the internet.
Noscript controls it beautifully [if you know what you're doing]..
--
~~Go Lions....back to back Cups!!~~ |
|
 sivranOpera convertPremium
join:2003-09-15
Arlington, TX
kudos:1 | reply to WalkGood
I haven't bothered disabling javascript globally in a long time, except for sites that annoy me. |
|
WalkGoodCheckin Out Your DeskPremium
join:2002-12-28
Patchogue, NY | reply to ZZZZZZZ
said by ZZZZZZZ:
I've had javascript disabled for years on all my browsers and the only ''crippling'' it's done is block all the crap on the internet.
Noscript controls it beautifully [if you know what you're doing]..
I have no experience with "Noscript" and 99% of the time I use Firefox. Can you give some pointers on any settings with Noscript? |
|
1 edit | said by WalkGood:I have no experience with "Noscript".. Can you give some pointers on any settings with Noscript? i suggest that you just install "noscript" and use it and, through using it, figure out which settings you want to use.. that is what i did..
noscript's settings-options are pretty simple and intuitive..
i think that it is possible to use some "complex" custom settings with "noscript" but i haven't tried doing anything like that.. |
|
 DigitalXeronThere is a lack of sanity
join:2003-12-17
Hamilton, ON | reply to therube
Re: Is turning off Javascript really necessary any more? said by therube:> I don't think that JavaScript creates any kind of serious vulnerabilities.
There is nothing wrong with JavaScript.
It's not that JavaScript creates vulnerabilities, but rather that JavasScript is used by malware writers to facilitate their transmission of, malware. (Now they don't have to use JavaScript, just makes it much easier for them to code that way.)
While Javascript as a language doesn't generate vulnerabilities, its implementation in most cases does. The need of browser extensions and modules to secure it is a sign of this. Still none of those modules provide access to explicitly disable specific features of javascript because the JS interpreting engine is often a monolithic component of the browser where you either allow a domain/site to run it or you don't. Firewalls are largely useless against javascript security issues because any actions javascript does is under the context of the browser.
A significant example of this is that in the majority of implementations, there's no way to say, prevent javascript from calling out and making connections (think: XMLHTTPRequest) or outright preventing window creation/opening functions from working (popups still plauge some sites and use tricks to bypass popup blockers) while keeping it enabled. Javascript is gaining more and more power to essentially create applications within the browser itself and its becoming a near impossibility to avoid. I think Javascript needs a lot finer grain control than it has in most instances because I see eventually javascript gaining native level access to the computer it runs on as "apps" gain traction.
--
--Kradorex Xeron
[an error occurred while processing this signature] |
|
ZZZZZZZPremium
join:2001-05-27
PARADISE
kudos:1 Reviews:
·Shaw
| reply to WalkGood
quote:
I have no experience with "Noscript" and 99% of the time I use Firefox. Can you give some pointers on any settings with Noscript?
Noscript blocks all scripts on sites,so you can leave javascript enabled [although I don't] and then just click on the Noscript icon to temporarily allow any site you trust and wish to see that content.
Certain sites like facebook and Cnn ,have so many 3rd party scripts ,that it's a joke.
--
~~Go Lions....back to back Cups!!~~ |
|
sivranOpera convertPremium
join:2003-09-15
Arlington, TX
kudos:1 | You can also set it to automatically allow first party sites, which reduces the amount of reloading you have to do.
--
Think Outside the Fox. |
|
quatrixPremium
join:2005-02-11
South FL
kudos:2 | reply to WalkGood
said by WalkGood:... but I know people who swear that they MUST turn off javascript or they will be hacked and/or they will get a virus. They're wrong and misinformed. NoScript is also worthless snake oil for the paranoid. |
|
