Friday, June 29, 2007

Mozilla Firefox Extension "NoScript"

NoScript is another tool to keep malicious hackers from getting into your computer. You say how can this be?? Well, NoScript blocks all Javascript on websites. You have the option to Allow sites you deem secure, my recommendation is to bank sites only. However, some good sites may need Javascript enabled. Most of the time, you will get a little message "You have Javascript disabled." You can then allow it. Moreover, NoScript will disable all flash ads on untrusted sites. I know these ads can be annoying, so its nice to have that option. Furthermore, NoScript will block any Cross-Site scripting. What is Cross-Site Scripting?? Cross-site Scripting is a type of computer security vulnerability in web application that allow code injections by a malicious attacker. These attacks have been linked to powerful phishing attacks and browser exploits. Finally, NoScript can protect you from malicious Javascript vulnerabilities. There are many kinds of malware installed via malicious sites that inject the code via a Javascript vulnerability.

I don't want to bash Microsoft and IE7 because Microsoft has made great strides with IE 7. However, to prevent scripting in IE7 you have to Okay five or more prompts to allow scripts to run. This is not a very good option, how many of us will actually do this for every site. NoScript makes it easier because you select what to allow and forbid. Here are some screenshots.

No comments: