A Consuming Experience

If you use Firefox, for your own online safety you should install NoScript. This review of the free NoScript extension for Fox (NoScript homepage) explains why I think that.

NoScript is an extension or add-on for Fox which automatically blocks Javascript and Java from running in Fox. As bad guys could use hidden Javascript or Java on web sites that you visit to infect your computer with all sorts of nasties, NoScript is A Very Good Thing. I've been using it for a month or two now, myself.

I should have installed it much earlier, but foolishly I'd mistakenly got the impression that it killed all Javascript indiscriminately, and because many of the sites I visit won't work without Javascript I just didn't look into NoScript properly until relatively recently. As I mentioned, I was wrong.

As it turns out, NoScript does stop good as well as bad Javascript dead in its tracks - but, you can still access the sites you know are "good" or "safe" yet require Javascript to work, like Gmail, because you get a warning line popping up above your status bar when you visit any site that has Javascript or Java, and then via the NoScript options you can positively choose to Allow (or Temporarily allow) script originating from a particular site to run in Fox:


If you trust the site and click the option to allow scripts from it, you won't see the warning again on future visits to the site. So, you only have to allow a trusted site once - it's really not much hassle for the much better security and protection you'll enjoy.

Why do I think installing NoScript is a no-brainer if you're a Firefox user?

It's not just because I'm the ultra-cautious "safe computing safe sex safe everything!" type who runs anti-virus checker, anti-adware (like Ad-Aware which you can get in Google Pack - ) and anti-spyware software (like Spybot) at least once a week, and an online virus scanner like NOD32's Eset at least once a month. I really think there's no excuse not to be safe when there are so many excellent free computer security tools out there.

The bad guys have moved on: viruses were initially spread by opening infected files on floppy disk or in email attachments, then your PC could be attacked if you were simply online, connected to the internet, without a firewall. Now, your system can become compromised even if you have a firewall and anti-virus, anti-spyware etc software on your computer, just by your going to some dodgy website or clicking on certain suspect links.

You need protection for your browser. And, as is usually the case with computer security and internet security generally, you have to look after yourself - you can't just rely on software or hardware suppliers or ISPs etc to do it for you (though some of them may have to at some point, if the UK government takes up the House of Lords' recommendations in their interesting August 2007 report on Personal Internet Security following their investigation).

Generally, Firefox is thought to be safer than Internet Explorer (), but even Firefox has its vulnerabilities.

There are various potential Firefox security holes or risks which NoScript, and in some cases only NoScript, can stop - e.g. cross site scripting or XSS dangers, or the QuickTime security hole in Firefox.

NoScript provides the necessary defence for many potential Firefox exploits, in my view striking the perfect balance between security and usability / functionality - and it's free.

So if you have Fox and you don't already have it, go ahead and try NoScript, you've nothing to lose (how to install Firefox extensions).

However, I'm still waiting for a workable solution for Internet Explorer. It's certainly not Haute Secure toolbar, in my opinion!

Labels: browsers, Firefox, reviews, security

Email this post to a friend | Edit | New