It may be outside the mainstream, but so is our interest in-- and understanding
of-- security and privacy issues. Judging by the millions who download
these tools, I am not alone in wanting to block scripts and tracking.
I'll save my "security researchers using social media (outside of pentesting)
makes no sense" rant for another time.
----
On Sep 9, 2013 11:56 AM, Al Billings <alb...@openbuddha.com> wrote:
I suggest your use of the net is well outside the mainstream, even
amongst security folks. Some of us actually use social networking, for example,
or don't want ugly, half broken websites simply because we fear a JavaScript
zero day.
Al
--
Al Billings
http://makehacklearn.org
On Monday, September 9, 2013 at 8:37 PM, Shelley wrote:
>>Like it or not, to fully use websites at this point, you
generally need things like Javascript and CSS.
I disagree. Not only do I want the protection from .js vulnerabilites and
tracking when I browse, I just want the text. Not a bunch of useless
social media buttons and blinking ads. I block it all and very rarely
make an exception, and I don't at all mind that I'm getting a bland page with
not much more than text. I prefer it.
>>The reason that most folks, even security folks like the ones I work
with, don't run with NoScript on all the time is that it breaks the net as
experienced.
Most of my fellow security-conscious friends and colleagues block scripts by
default as well. Breaking things to make them work the way we want them
to is what we do; this is no different.
-Shelley
----
On Sep 9, 2013 9:50 AM, Al Billings <alb...@openbuddha.com> wrote:
Have fun tilting that windmill, Mr. Quixote.
Like it or not, to fully use websites at this point, you generally need things
like Javascript and CSS. The reason that most folks, even security folks like
the ones I work with, don't run with NoScript on all the time is that it breaks
the net as experienced.
-- Al Billingshttp://www.openbuddha.comhttp://makehacklearn.org
On Monday, September 9, 2013 at 5:43 PM, Leif Ryge wrote:
Ok, well as long as we're talking about that FP javascript
overlay: if you sawit, that means you run JavaScript by default, which means
you're vulnerable toa larger number of the arbitrary-code-execution bugs in
your web browser (ofwhich there are undoubtedly many more which are not yet
fixed, given thefrequency with which new ones are discovered [1,2]). In my
opinion, if you'reusing Firefox, you should really be using NoScript. [3]
-- Liberationtech is a public list whose archives are searchable on Google.
Violations of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
--
Liberationtech is a public list whose archives are searchable on Google.
Violations of list guidelines will get you moderated:
https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe,
change to digest, or change password by emailing moderator at
compa...@stanford.edu.
