This happens to be my best Add-on, guess its the reason why i would never leave firefox for now. Most infected site are script hijacker either through java, xss or plugins. This is where No-Script( a highly regarded security add-on) comes in, by keeping you safe if better managed and updated regularly.
According to the creator (Giorgio Maone), it was first created in 2005 within three hours to disable JavaScript, Flash, Java, and other active content i.e plug-ins.
Among the web-based attacks NoScript prevents — even with scripting enabled — are:
- XSS: “Injection Checker” prevents malicious web pages from injecting their scripts inside other sites.
- Clickjacking: The ClearClick feature is the only effective client-side protection against this attack so far.
- CSRF: The ABE module intercepts by default any cross-zone HTTP payload.
- MITM: NoScript can make sure HTTPS is used if it is available, preventing this type of attack.
NoScript helps by showing the script sources a web page attempts
to load, letting you control them individually — even trusted websites
may link third-party scripts which may not deserve the same level of
trust. Also, if you don’t know who a certain script belongs to or if you
can’t figure out the script’s role, middle click or shift click the NoScript menu entry to obtain information about it.But if you are contemplating uninstalling NoScript, it is better to use the Allow scripts globally command.
Maone has released NoScript for Firefox Mobile
in 2011, offering Android users a safer browsing experience.
No-Script can be downloaded either b searching from the add-on search on Firefox or click noscript.
No comments:
Post a Comment