There's a browser safer than Firefox...
Flash and other
to be executed only by trusted web sites of your choice (e.g. your online bank).
...it is Firefox, with NoScript!
NoScript's unique whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known, such as Meltdown or Spectre, and even not known yet!) with no loss of functionality...
on the NoScript status bar icon (look at the picture), or
using the contextual menu, for easier operation in popup statusbar-less windows.
Watch the "Block scripts in Firefox" video by cnet.
Staying safe has never been so easy!
Experts will agree: Firefox is really safer with NoScript!
V. 10.6.1 - Quantum Security for everyone!
Main good news
- Fixed resetting options works just once per session.
- Unified code base with the Beta Chromium versions (10.6 and above).
- Improved main UI responsiveness and accessibility.
- Cascading top document's restrictions to subdocuments is now an option in the General section and defaults to true on the Tor Browser only.
- "Scan uploads for potential cross-site attacks" and "Ask confirmation for cross-site POST requests which could not be scanned" options: in Tor Browser default false and true, respectively, as a work-around for Mozilla bug 1532530.
- "Override Tor Browser Security Level preset" option offers more flexibility to NoScript+Tor power users.
- More effective "disable restrictions for this tab" feature.
- Improved Tor Browser 8 integration.
- Several new and updated translation, thanks to the Localization Lab / OTF NoScript Transifex project.
- Switched all the beta (both Quantum and Classic) and just the Classic stable updates to be announced and served from secure.informaction.com, because AMO doesn't support beta channels anymore. If you're using any beta or a Classic release (i.e. NoScript 5.x) you need to install latest build at least once from the noscript.net website.
- Improved XSS Filter.
Experts do agree...
03/18/2008, "Consider switching to the Firefox Web browser with the NoScript plug-in. NoScript selectively, and non-intrusively, blocks all scripts, plug-ins, and other code on Web pages that could be used to attack your system during visits" (Rich Mogull on TidBITS, Should Mac Users Run Antivirus Software?).
03/16/2007, SANS Internet Storm Center, the authoritative source
of computer security related wisdom, runs a front-page
diary entry by William Stearns just to say "Please, use NoScript" :)
Actually, NoScript has been recommended several times by SANS, but it's nice to see it mentioned in a dedicated issue, rather than as a work-around for specific exploits in the wild. Many thanks, SANS!
05/31/2006, PC World's The 100 Best Products of the Year list features NoScript at #52!
Many thanks to PC World, of course, for grokking NoScript so much, and to IceDogg who kindly reported these news...
In the press...
- CNET News: "Giorgio Maone's NoScript script-blocking plug-in is the one-and-only Firefox add-on I consider mandatory." (March 9, 2009, Dennis O'Reilly, Get a new PC ready for everyday use)
- Forbes: "The real key to defeating malware isn't antivirus but approaches like Firefox's NoScript plug-in, which blocks Web pages from running potentially malicious programs" (Dec 11, 2008, Andy Greenberg, Filter The Virus Filters).
- PC World: Internet Explorer 7 Still Not Safe Enough because it doesn't act like "NoScript [...] an elegant solution to the problem of malicious scripting" (cite bite)
- New York Times: "[...] NoScript, a plug-in utility, can limit the ability of remote programs to run potentially damaging programs on your PC", (Jan 7, 2007, John Markoff, Tips for Protecting the Home Computer).
- PC World's Ten Steps Security features using NoScript as step #6. (cite bite)
- The Washington Post security blog compares MSIE "advanced" security features (like so called "Zones") to Firefox ones and recommends NoScript adoption as the safest and most usable approach. (cite bite)