On 11/29/15, Paul in Houston, TX <Paul@houston.texas> wrote: > Lee wrote: >> Hi, >> >> On 11/28/15, Paul in Houston, TX <Paul@houston.texas> wrote: <.. snip bits about flash ..> >> +1 for turning javascript off. But way too many sites don't work if >> JS is turned off. It's kind of a pain getting the permissions set >> right, but using noscript & request policy continued is the best >> mitigation I've found for enabling JS. >> >> Anyone have other suggestions for staying (relatively) safe with JS >> enabled? > > I use both Quick JS toggle and Yes Script for blacklisting.
Thanks for the info. Blacklisting is what A/V programs do & they leave much to be desired -- an opinion the Yse Script author shares: "Unlike NoScript, YesScript does absolutely nothing to improve your security. " We differ on "... Firefox is secure enough by default and that blocking all scripts by default is paranoia. " Maybe he hasn't read things like https://blog.avast.com/2015/08/20/infected-ad-networks-hit-popular-websites/ This week security researchers discovered booby-trapped advertisements on popular websites including eBay, The Drudge Report, weather.com, and AOL. The ads, some of which can be initiated by a drive-by attack without the user’s knowledge or even any action, infected computers with adware or locked them down with ransomware. > Did not like No Script. I hear ya - but the alternatives if you do enable JS aren't all that great. Regards, Lee _______________________________________________ support-seamonkey mailing list support-seamonkey@lists.mozilla.org https://lists.mozilla.org/listinfo/support-seamonkey