Critical Firefox 3.5 bug discovered

Dear Guest, I posted this link earlier but it might be worth it for you to at least visit the home page of the add-on. http://noscript.net/ The best, (or worst (viewpoint dependent, obviously)), thing that could happen is that you may find you were right all along. In any event, at least you'll have a clear view of what the author of the software is trying to accomplish.

BTW, at the moment these scripts could be running on my machine. Perhaps it's that I'm a curmudgeon, but I don't feel even the slightest inclination to allow these "organizations". to invade my space...!

Google analytics; plus; "com.com", "contera.com" , "quantserve.com" , "googleapis.com" , and last but by no means least; "doubleclick.net" . Which as we all know is an obnoxious tracking cookie.

Oops, almost forgot, Techspot too, but you know that's white listed.

The only perhaps objectionable side effect, is that you must hand type the emoticons, since they are powered by "googleapis". Still, with the google thing running, it also renders it impossible the re-edit the title field. So, it's absolutely not all downside there either.

I'm a different guest, and I'll confess to ignorance regarding the details of the browser's working. That said, I did try to use an extension like noscript in the past (though I believe it was a different one) and I eventually ended up removing the script suppression. I have found that Flashblock and AdBlock do a pretty good job of removing ads without causing the problems I was seeing when I suppressed all scripts.
In my case the problem was that useful web pages frequently did not display some of their intended content because they used scripts, but I could not reliably tell when I was missing content that I wanted.
Perhaps you are smarter or more observant than I am. I was not able to reliably determine when the script blocking removed too much of the web page's content. IOW, I could not reliably tell when I needed to put pages on the 'white list'. I ended up missing too much useful information.
I understand that there are risks to running scripts, but there are risks to not running them. On the whole I think that careful selection of web sites that I choose to visit and the files I choose to download are at least as important as the security programs I choose to run on my PC.
I don't recall ever seeing any malware on my PC, and about the only warnings from my AV program came when I deliberately tested it with the EICAR.com testing program so I guess that my approach has worked thus far.
Bill Osler

This extension is aimed at preventing cross site scripting as much as the site visited. This is maybe the most relevant part of it.

"No Script" will, (and has for me in the past), create problems with other add-ons. I found that "Flash Block", created a conflict that prevented "shop local", ( in Best Buy's Sunday ad) from loading. Well, since "No Script" blocks Flash anyway, that came out.
.
I suppose I could propose that it's easier to manage one extension rather than more, so I will.

You could be correct that content could be blocked that you wanted. The flip side of which I suppose is the old adage that, "if you've never had it, you won't miss".

Truly content rich sites like "nbc.com", do require quite a few approvals.

Anyway, I'm here @TS with only the primary site approved, in peaceful bliss, having a nice chat. As you admit. and I'll cop to as well, I don't understand the browser's inner workins' either. But, I feel more secure with No Scrip in place. So, with No Script running, FF's delete private data and cookies on exit, and a quick run with CCleaner after exiting the browser, I feel pretty good about a successful "getaway".

Opera works dandy, I use it all the time!

It leaves more sludge on exit that FF. This is, I suppose that I don't have it configured correctly.

It crashes on protracted downloads, but then I'm using an Emachine. By "crash" in this case, I mean that the browser becomes nonfunctional. But yes, the download does come to a successful conclusion. This is with version 9.25, I haven't tried this with 9.64.

I still am put out by "Vibrance" rollovers, abundantly so! "No Script" kills these, every time. If there was an extension that did so in Opera, I would probably use the browser more than I do.

Another fine thread. On a personal note, 'guest' users should have identifiable information to the website (not the users) to be able to distinguish between one or the other.
Anyway, what would the difference be between the above mentioned 'no script' and the windows 'hosts' file (which I believe is editable and possibly similar) Maybe?
I am by the way, a proud user of Firefox...:slurp:

I'm not exactly certain of the absolute difference in specific function between No Script and the Windows hosts file. I'm also not sure of the difference between the function of "Combo Fix" and the Hosts file either. Just thought I'd throw that in there. SpyBot SD16 also places a massive amount of entries into the hosts file. I may be showing my ignorance here, but I thought the hosts file was to prevent hostile redirects.

No Script stops pretty much ALL cross site scripting. I don't know if you use this extension but, if you don't, why not install it for a bit of a trial. It creates a button to approve or deny, all scripts running on a page. If you have trouble a a specific site you can approve all scripts on a page. I still turn then on one at a time until I get all of what I want, and none of what I don't.

Why not give it a shot, if you don't already use it? A picture is worth a thousand words, at least so they say. If you don't like it, take it back out! It won't do any damage, and it's easy to get rid of.

If the extension only got rid of those stinking Vibrance roll-overs that turn a page into a veritable mine field, wouldn't that be enough?

Actually, since you were the one to recommend it, I already have instaled it on my desktop PC lastnight, and have now just installed it on my notebook.
So far, I like it, it may have slowed it down a bit,
but it's much nicer surfing now. :approve:Thanks!

I haven't played with it yet,I'm in the learning stage, but the HOSTS file can be manipulated to block malicious sites or ad servers. You list the name of the Web site you want to block. With it is listed the IP number 127.0.0.1. That is the number of your computer. Doing this has the effect of short-circuiting the request. The request just dies.