It beats me why in so many forums folks never heard of this or Adblock Plus.

I use both this and Ad Block Plus simultaneously. That way, even if I do allow more of a malicious script by accident, the ad block plus may get it if it happens to be in a ad form. No Script takes awhile to get familiar with, but finally you can have some control over the internet and what you see again. For best results you should delete most of your cookies too.

"clickjacking" loll.!

Linux+noscript+tor= total immunity.

@RedSkiesAwaitUs What is TOR?

@RedSkiesAwaitUs HE SAID WHAT IS TOR, BITCH...???

@thetruthis9 For those who dont even know what Tor is, you shouldnt even bother with it. It is a series of proxies that hides you from tha internetz, put simply.

@thetruthis9 it's called a pm, nigga. also, it's called fucking google.

What I don't get is, if you temporarily allow the scripts that may be on a page, aren't you immediately vulnerable again?

@kamvol yes

Hab zwar fast nichts verstanden aber oke ♥

I don't get everything but okay^^

I found it made stumbleupon more reliable. Presumably it blocked badly written scripts that interfered with stumbleupon's page changes

if noscript had a vagina, i'd take it home from the bar, even if she was fat

somewhat erroneous statement from 1:44-1:52. even after selecting "Allow Scripts Globally (dangerous)" noscript still gives you Anti-XSS protection and the ability to selectively blacklist sites. NOT recommended, but still better than not having it all. -its in the FAQ on noscript.net if you dont believe us.

Watching porn without noscript is like fucking a hooker in brooklyn without a condom on. :)

@Naruto811911 hahahahahahaha

worked for several months , but after the latest Firefox upgrade it disappeared. Now I get Error 203 anytime I want to reinstall it.

What shall I do?

I hope it is not a Firefox attempt to make us more vulnerable to commercial intruders.

Dan ttdezo@yahoo.com

so is not allowing any scripts the default setting?

........what if they stick a virus on that link which is a clickjacking thing but you don't know because you don't have it yet?

@roverrider What if you walked into a room full of heat and smoke w/o some kind of protection because you didn't take the time to look through one of the heatproof windows & put your palm to the pane, so you didn't know about those things: You'd probably be overtaken by the experience of heat, stumbling, losing control & start coughing because of the smoke. NoScript acts as the kind of protection you should have had in the first place, but it does *not* extinguish the fire.

@roverrider Clicking anything *always* bares a certain remaining risk - even with NoScript. I'm not sure what link you're referring to by "that link", but the link to install NoScript on AMO (short for addons.mozilla.org) is safe to click. Most of those addons are actually safe to install & use - some just don't work, some need you to register somewhere on another site & you should avoid those, unless you plan on using it anyway (like del.icio.us or StumbleUpon or whatever, nai).

its very buggy but i like it.

The only bad thing about noscript is that it's only available for firefox.

@thomas61157 NotScripts is a substitute for NoScripts and works just as well, it's for Google Chrome/Chromium and Opera

avg blocks malicious websites anyway

@glennzone12 Riiiight.

I run NoScript and WOT. Before I allow any scripts, I always check the site's WOT rating to see if it's safe or not. :)

disabled AdBlockPlus so I disabled it. Taste of it's own medicine. BTW I thought they removed that feature, but I guess not...

Lasd

I cant be the only one here that finds running noscript incredibly tedious as you have to manually allow scripts for pretty much every site you visit, given that 90% probably run with scripts that are needed. More often than not I just click temp allow all scripts, which just defeats the point entirely. :(

@WonkyDoodle just allow all from the sites you use alot

@WonkyDoodle

Yeah let me know when you have to deal with that rootkit you got from a script that ran from searching Google images. BTW rootkits nowadays are undetectable even by Kaspersky AV, and once you get them the files they require to run usually get hidden, even in the registry, thus you can't delete them either. I'd rather deal with proactive security than get a rogue AV program shutting down my computer forever.

@ChemicalHAZARD2049 I'd rather nerds didnt talk to me, but what can ya do hey?

And I have a better AV than Kaspersky. Rated as the best.

I have no idea what a script is. I know only it is used for programming.

sadly firefox is heavy as phuck, and chrome doesnt have these features or they dont run as well

(ADBLOCK)

noscript is awesome

I love this thing.



Noscripts owns! It will block ads also. Those that run before a video although the video will run fine. One example are the vevo youtube videos. The ad is blocked and the video runs as if nothing was blocked.

@flipfloplogic

I think I noticed that those ads at southpark studio are also gone. I thought they were just being nice to me ;)

@flipfloplogic Did you have adblock plus installed too? That might be it

Funnily enough Noscript blocked the tutorial video for Noscript - LOL

Does anyone know if this noScript add on will block those fake virus warnings where you go to a site and it minimizes firefox to a small window and shows a fake infection screen saying that your system is infected? My avast AV didnt show any warnings and I ran malwarebytes after updating it and it only found a few legit progs I have that it thought were maleware which they wernt I got one of those the other day and I had to use task manager to close FF. Please reply thanks.

@coondogtheman1234

It will. Those are all script animation like Java and flash, and it will automatically be blocked unless you tell them not to. That's why a white list is so much better than a black list.

@Nabo00o

I downloaded this in response to the fake virus alert pages hoping it would block them b/c it happened to me at least 3 times in 2 days. it's like more and more sites are starting to do this. so far as of after the install of this add-on I havent gotten any of those. like the guy said in the vid you need to think about what's needed to display a web site. right now I have most everything blocked except google, youtube, facebook etc.

@coondogtheman1234

Great, yeah it is definitely one of the handiest tools on the internet i know about.

I used to use AddBlockPro before, but it worked on the principle of a black list, and all those smart commercials i added changed and new ones would take their place. There is not point in waisting time doing the wrong thing :D

@Nabo00o

I have AdBlockPlus as well I hope these 2 add-ons help keep my PC safe. the weird thing is that Vevo youtube videos won't play until I disable ABP. Someone below me here said that noscript can block ads but allow the video to play.

@coondogtheman1234

Yes it will, as long as you are being selective with the scripts running on the page. Some Flash like games on Facebook you'll need to allow separately and they are pretty easy to see what runs what. But as long as you don't allow willy nilly you'll stop scripts from running that conjure up those other windows, thus protecting from rogue AV, and better yet a rootkit that can hide a virus, even from genuine AV. Even Kaspersky can get fooled.

@ChemicalHAZARD2049

I never play games on facebook. and one day i'm gonna go on mine and remove all these little apps that ppl send. you know the ones that have to pull half your profile to work. gonna remove them all and put up a message saying not to send me any due to the risks of viruses. I don't go on FB much on my PC anymore I can get it on my PSP via the mobile version. I'm not taking any chances anymore ever since I was infected with that nasty virus.

He's using a mac, I bet he's made other videos talking about how "safe" they are.

no script and adblock plus is great for porn sites!

@thearaban lmfao!!!

As someone who thinks myself particularly savvy when it comes to the Internet (never having been hacked or having had a discernible virus in 17 years of browsing), I wasn't convinced by this add-on. By the end of this video, I was convinced.

Its a great idea and all but its very annoying.

what's wot?

If you use FireFox, then, be safe than sorry. Add No-Scripts to your Browser.  In fact I think FireFox should include No-Scripts as a standard feature rather than an Add-On.

wot is being scammed or is a scam

wot is killing off great real true honest sites of fact and rare RARE

truth on health and or usa law and the NWO ='s skull an bones new agenda of the bank to crash the usa and gov.

just check out all my friends to get up to date...on ALL THINGS THAT MATTER... like4one- mercury used to make you stupid&ill

the best thing ever invent. I can't believe Einstein didn't think of it.

to further avoid problems, create an user account with very few rights and use it. Whatever happens to the pc, nothing will be able to install itself changing any vital settings.

My name is Mike from LA Although there busizz4me.info

@danno321s NoScript is not "unworkable in practice" as you say. The longer you use it, the less you need to fiddle with it. It does take some time at first, but it's really not hard to deal with at all, only takes a couple of seconds for each new website you visit.

@brons2

Do you know of anything better than No Script? This guy says it provides a "modicum" of protection. What other things can you do to avoid drive by malware?

@ar4216 If you want to be on the safe side use Linux!

Firefox / Kaspersky Lab / No Script / AdBlock / Flash Block

^^ Decent security combination right there.

проститутки москвы

NoScript remembers your choices so frequently visited sites are no different after the initial decision on how much access u give the site to run scripts. Then when u visit an unfamiliar site, NoScript notifies you by blocking all scripts and leaving a status bar at the bottom of the screen.

It may seem "not as easy" to some but then those same people would probably be less savvy to be able to deal with an issue arising from a malicious script; so its false economy.

its better that ad block...

WTF !!! From the first webpage i opened which is this video it blocked youtube !!

@sb000sm Dude just right click on the small "S" on your browser and allow script for this page. It should work.

@thenewerag I KNOW dude..!!! and i did it but it sucks and it was easier without it !!

@sb000sm FUNNY!!! The intentions of NoScript are noble. Using it is a pain as I have become accustomed to surfing not break dancing. The real question is: can browser scripts do harm by hackers and by marketers. The later is in the eyes of the beholder. If they can do harm (e.g. read web browser history and bookmarks), they which can you trust? It is unworkable in practice. Just like browsers sandboxed web stuff from OS, now that so much is moving to the WEB, browsers must sandbox 2.

I am hoping this helps to block those random fake anti virus programs that force me to do a system restore. Arrggh! Criminals. This sounds like it will work! Thanks.

@remygraham Those are easily fixed... and to be honest, those are my favorite viruses to remove. They're so ridiculously easy compared to some viruses, that you -have- to love them.

I recommend that the next time you are infected by one of these rogue antivirus programs, you figure out how to remove it yourself without a system restore. It's amazingly simple and "beating the virus" has a satisfactory feel to it =P. If all else fails, you can go back to the restore.

@Flippyxtrne

Try removing a rootkit that will hide all files associated with it. Even in the registry, it's keys won't show up so you can't delete them. Even safe mode isn't safe. I've already dealt with a rootkit that reinstalled even after System Restore, thankfully not on my system, but nonetheless made the computer unsalvageable and resulted in a DOD nuking and reformatting.

I have been using NoScript for a very long time. I am an almost intermediate user, but I do know I don't want a bunch of junk on my pc that I don't need. NoScript is also terrific for keeping ads from running. It takes some time to learn what works, so if you don't have any patience, you won't want this - a mistake. Once you recognize the names of the unnecessary scripts (especially the flash(y) ones, you can block them from that site permanently for a more relaxing browse and fewer cookies.

NoScript is something that everyone should have, I wouldn't browse the internet without it

@prisontv You should learn how to use correct punctuation right before you put up a comment.

@prisontv You should learn how to use correct grammar and punctuation right before you put up a comment.

@prisontv I have sites I disable it on because they get paid for the ads and need it to keep them running.

he sounds like hank green, seriously!

I use noscript but always have "Scripts Globally Enabled" selected. It does block some kind of attacks such as clickjacking and other attacks such as attacks on the your router & probably other things as well. I feel much safer with it installed and it on this "least safe" setting. Truth is if you had noscript installed even on this setting, your browser would have stopped allowing clickjacking WAY before the patches came to the browser. Giorgio Maone is REALLY on top of security!

This guy obviously doesn't know Javascript. Javscript isn't intrinsically dangerous. It's absolutely required for the functionality of most modern websites. Draconian whitelist blocking of javascript is for the tinfoil hat wearers who run ancient browsers on insecure operating systems.

@fubberz

NoScript primary aim is preventing malicious JavaScript from running in ANY browser capable of executing JavaScript.

PC World choose NoScript as one of the 100 Best Products of 2006.

In 2008, NoScript won About.com's "Best Security Add-On" editorial award[

In 2010, NoScript has been "The Reader's Choice Awards" winner in the "Best Privacy/Security Add-On" category at About.com

So, yes, the guy obviously knows a little bit about JavaScript ...

@RackNineInc

Upon re-reading this, I realize that it doesn't convey the meaning I intended too.

I'll try again. NoScript primary aim is preventing malicious JavaScript code from running in Firefox, Flock, Seamonkey and other mozilla-based browsers.

NoScript does not prevent malicious JavaScript code from running on non-mozilla-based browsers capable of executing JavaScript code..

And yes, malicious JavaScript code can be executed on any JavaScript-enabled browser, no matter how "modern".

@RackNineInc It shouldn't be possible to write malicious code as a feature of the language, but only as the result of an implementation flaw. If this wasn't the case then it wouldn't be possible to safely browse without a detailed audit of all (possibly obfuscated) code. Most users won't be able to make informed decisions in maintaining their whitelists. Trusting the security practices site-owners isn't good enough. As the web becomes more JS-dependent, this "dumb" solution will be unfeasible.

@fubberz

Most modern websites do require javascript for their functionality, but not all javascript from that website may be from that website. Those unknown scripts could be malicious and if they run without authorization in the guise of a credible source, then be ready to combat the ill effects of a compromised system. Remember what happened to Ask? Yeah.

I can't see the video! I think it's being blocked or something!

NoScript rocks, been using it for years, or at least it seems.

Get SpywareBlaster (freeware) too, it just blocks websites that are used for nothing more than to host malware and never hosts actual content so you won't miss out on a single website, only lowers your chance of getting malware.

Check out SandBoxie, with a few altered settings you can make it wipe out everything when you exit the browser, including virus's and everything you downloaded, browser history and so on.

I think the question is how does this effect my ability to search porn? :D

Some sites I allow but things like googleanalytics and googleresearch mess it up and I cant view the page, it just redirects me to scorecashcardcom or something similiar. Its very frustating.

0:20 misplaced modifier "A lot of these attacks work by injecting scripts in web pages that you don't even know are there" should be "A lot of these attacks work by injecting scripts that you don't even know are there into web pages you are viewing."

great for paranoid kids

@igrenade

Great for people who are smart about their browsing and protecting their investment in their computers. Malicious code is getting sneakier and harder to remove.

@ChemicalHAZARD2049

way to reply to a 10 months old comment.

if one's smart about their browsing then one doesn't need any sort of protection online.

@igrenade You're not safe even when you're smart. Unless smart means you're using NoScrpit.

@Mromson

never heard of noscrpit

@igrenade Very funny, haha.

Have fun running all those scripts. I'm not gonna bother with imbeciles.

@Mromson

aww little kid's crying, how cute.

NoScirpt = One of the Best Add-ons for Firefox

i love this its great to block popups

I am sure glad that I downloaded this scrip patch. It blocks everything that is script related. I either have to allow the site that I know is good and if that is not enough it still tells me that a fraction of the script is still there. Then I state that allow scripts all this page and viola everything starts to function on the page. Maybe I have to constantly do this but it's well worth it.

Hey, i allow scripts globally! For these reasons:

I only want to block ad scripts with this program and it works like magic :)

And maybe click-jacking; that sounds scary 8O

Didn't realize how important blocking scripts were, I'll think about it.

NoScript is very good, I never visit the Internet without it!

aDD oN NoScript para Firefox, permite navegação segura em toda a web. Pena que não há vídeos em portugues. Mas vale como um tutorial de imagens.

Thanks CNET.

Lustato



JavaScript and Flash are so ubiquitous these days, I find NoScript to be an overly-paranoid tool that hampers and inconveniences your browsing experience.

So I've disabled potential Javascript exploits, but I've also disabled most functionality of modern websites in the process. It's like making cars safer to drive by taking the wheels off.

@coreAtheist For anyone who takes this comment seriously, this person doesn't know what they are talking about. Javascript based attacks in the browser are a chief way to infest computers with viruses and spyware, all done stealth without the user ever knowing about it. This person with this kind of attitude about security sounds like a prime candidate for that. NoScript has an Options button on the bottom right hand of your browser, click it and enable features per site as you choose.

@ZionismBitestheDust The best thing about this Ad-On is that it enables web surfing as it is SUPPOSE to be, as the user chooses. As a web developer I know that web surfing is suppose to be all about the end user who is visiting the web page, not the makers of the web page dictating to that user what the experience is and what sorts of things are run on their computer. With No Script that experience is back in the hands of the end user, choose what scripts run on your browser.

i use it, very handy

And of course Noscript speeds up the interwebs by blocking all the junk. Kind of like adblockplus.

@TheCrypticPie i run both :P

What I've discovered is that some of the sites won't function without enabling things like google-analytics for example. It is an insidious way to access some sites. I'm sure it is related to the site's efforts to monetize its' offerings. It is the price we pay for "free" internet. We exchange "privacy" for access.

@zpoint I haven't ever seen a site that needs google analytics enabled to run. google apis, but not analytics. What was the name of the site(s)?

How do you know which script permissions to give? Google-analytics, listserve, teesoft, etc. What are these sites, why do I need them, and how do I vet them before I give them even temporary permission?

@zpoint A web search will reveal most of these, but the point is that if your favourite site works fine without scripts, then don't enable any, and if it doesn't, just enable permissions for that domain.

I use NoScript with Globally-Allowed scripts and then I just block scripts on sites that are annoying. Not as secure, but makes surfing the web a helluva lot more convenient.

have i ever told you people I LOVE YOU!!! well whoever you are I LOVE YOU!!!! this software ROCKS!!!

Internet Explorer 1.0 FTW

(obviously I'm not serious)

All I gotta say is.. With regular surfing, I was finding and cleaning like 10 traces of Spyware-related crap a week... And running no script I havent had a trace in months now haha. Good stuff here

Opera/Firefox ftw!

thank god for noscript adblock and wot

@coldroll6 don't you mean InformAction and Mozilla?

firefox > everything else, just an opinion b4 all u internet arguing pricks start going MY OPINION IS FINAL AND YOU SUXORS

amen...hahha

whhaaa???

lol noob

why would you use IE? that stuff is worse than FF.

@GamingElf IE9 does better with HTML5 Rendering than any browser (as of the year 2010)

lots of fun with viruses and hackers and with google in your livingroom...

@midbluegreen true

useful. I got it and will try it out.

love noscript, it blocks one of the worst malware of all time. GOOGLE!

Seems really annoying having to constantly have to allow scripts......

@Sharif699 You build up a list of common websites fairly quickly, and then it only becomes a problem when there's a new site that you want to access. Plus, you get the feeling of superiority when that rickroll site crashes someone's browser, and yours blocks it

i heard that some infections dont need scrips to run

i dont remember exactly

iframe clickjacking?

but that requires you to actually take action on it and click it. Which would be your own stupidity.

yeah but they use another image over it or something

so it looks like your clicking something on a well known site

but underneeth your actully clicking on say a link to a virus or something

Thanks Merit! =D

thanks mr.man!