Beoardielingen foar NoScript Security Suite
NoScript Security Suite troch Giorgio Maone
Wurdearringen foar Firefox-brûker 13553842
Wurdearring: 2 fan 5
troch Firefox-brûker 13553842, 8 jierren lynGeorgio wrote:
> Unfortunately I cannot do the impossible (recreating legacy NoScript on the new, much more limiting WebExtension platform)
> just because "people" ask for the impossible. And I've the duty to provide the best security NoScript
BUT maybe it is not so much about recreating the old thing, than understanding what the problem with the new thing is. First you need to accept that the current approach is simply not intuitive. As a dev (I am one myself, so I had this problem myself) its hard to understand when that happens, because for you its as familiar as a part of your body, but it is obviously a mistery for everbody else.
Also, about your "duty": Its true what you said, but: if many people now dont use NoScript at all, because they do not get it anymore, you decreased web security by a lot.
So:
- Simpler is better. Simpler might be less safer, but if the alternative is not using it at all, it's still better. Way better.
- get rid of the slider. It looks mhm good(?), but its not recognizable as one.
- there is way to much clickable stuff, one does not get what is a button, what a link and whatnot...
- make it simpler: hide everything exept: domain name, status icon and -depending on the status- two buttons for each entry.
- clear design, dont change font size and font color at any time
- No xss-popups. In fact, never, ever use popups.
Instead:
- a simple list of domains like before, each with a status icon in front of it: your blue "S", for allowed, same with a little clock for temporarily allowd, red crossed "S" for disallowed
- depending on the current status of an entry, two buttons:
- if currently allowed: "disallow" and "temp. disallow"
- if currently disallowed: "allow" and "temp. allow"
- these buttons need to be different than the status icon. I would use red X and green hook/check, each with and without a little clock.
- dont make anything but the buttons clickable! not the text, not the status icon.
Thats it.
You can add a (clearly seperated from the other buttons, clearly different graphic) button behind each list entry to hide all the detailed settings, for the expert. Everybody else gets the simple list.
At the very buttom of the list go -clearly separated - three entries: "temp allow all" and "save permissions for this site" and "deactivate noscript".
No problem to do that in html. And believe me, people will love you again. :)
If you would like me to make a mockup of what Ive just desrcibed, just say so and tell me where to send it.
And btw.: You dont owe us anything. People have no right being rude to you about something you gave us for free. But maybe see their ill-advised passion as a testament to how important NoScript is to us. That is something I think, even if you must hate the internet right now.
I thank you for the old NoScript and that it helped increase my security. But I won't use the current one. So I would thank you again if you make it simple and easy to use again.
> Unfortunately I cannot do the impossible (recreating legacy NoScript on the new, much more limiting WebExtension platform)
> just because "people" ask for the impossible. And I've the duty to provide the best security NoScript
BUT maybe it is not so much about recreating the old thing, than understanding what the problem with the new thing is. First you need to accept that the current approach is simply not intuitive. As a dev (I am one myself, so I had this problem myself) its hard to understand when that happens, because for you its as familiar as a part of your body, but it is obviously a mistery for everbody else.
Also, about your "duty": Its true what you said, but: if many people now dont use NoScript at all, because they do not get it anymore, you decreased web security by a lot.
So:
- Simpler is better. Simpler might be less safer, but if the alternative is not using it at all, it's still better. Way better.
- get rid of the slider. It looks mhm good(?), but its not recognizable as one.
- there is way to much clickable stuff, one does not get what is a button, what a link and whatnot...
- make it simpler: hide everything exept: domain name, status icon and -depending on the status- two buttons for each entry.
- clear design, dont change font size and font color at any time
- No xss-popups. In fact, never, ever use popups.
Instead:
- a simple list of domains like before, each with a status icon in front of it: your blue "S", for allowed, same with a little clock for temporarily allowd, red crossed "S" for disallowed
- depending on the current status of an entry, two buttons:
- if currently allowed: "disallow" and "temp. disallow"
- if currently disallowed: "allow" and "temp. allow"
- these buttons need to be different than the status icon. I would use red X and green hook/check, each with and without a little clock.
- dont make anything but the buttons clickable! not the text, not the status icon.
Thats it.
You can add a (clearly seperated from the other buttons, clearly different graphic) button behind each list entry to hide all the detailed settings, for the expert. Everybody else gets the simple list.
At the very buttom of the list go -clearly separated - three entries: "temp allow all" and "save permissions for this site" and "deactivate noscript".
No problem to do that in html. And believe me, people will love you again. :)
If you would like me to make a mockup of what Ive just desrcibed, just say so and tell me where to send it.
And btw.: You dont owe us anything. People have no right being rude to you about something you gave us for free. But maybe see their ill-advised passion as a testament to how important NoScript is to us. That is something I think, even if you must hate the internet right now.
I thank you for the old NoScript and that it helped increase my security. But I won't use the current one. So I would thank you again if you make it simple and easy to use again.
2.399 beoardielingen
- Wurdearring: 5 fan 5troch Firefox-brûker 19469020, 15 dagen lyn
- Wurdearring: 5 fan 5troch Firefox-brûker 14500718, 17 dagen lyn
- Wurdearring: 5 fan 5troch Firefox-brûker 19459487, 18 dagen lynI'm notified every time WebGL is blocked on each page load. There's no way to disable these notifications and it's very irritating.
Edit: updated to 5 stars as it can be disabled after all but the setting isn't described very clearly.Antwurd ûntwikkeler
18 dagen lyn pleatstYou should not get any notification. Just a little placeholder inside the page, to be able to enable it back. And you can disable it by unchecking "NoScript Options>Appearance>Show synthetic placeholders for invisible capability probes" - Wurdearring: 5 fan 5troch Cello, 24 dagen lynit's 5-stars, because it's little time and effort to manage and also Edward Snowden said that noscript is the best protection in the whole internet...(after some Firefox update, noscript does seem to block internet in Firefox,,, but I'm sure there will be a workaround in the next edition ... buona vacanza)
- Wurdearring: 1 fan 5troch Firefox-brûker 19223232, ien moanne lynok its a good security 4 ur browser but now the web is so slow that i cant even play a game on poki 💀💀
- Wurdearring: 5 fan 5troch Tony Klaus, ien moanne lyn
- Wurdearring: 5 fan 5troch Firefox-brûker 19311874, ien moanne lyn
- Wurdearring: 2 fan 5troch Michael Rabinovsky, ien moanne lynNo Script is an incredibly useful add-on. In the past, I'd have given it five stars; it now gets only two (see issues below). All in all, I'd say it's still better to have it than not, but that's only because there is no better alternative, and there is no difference between having to completely disable it on a page versus not having it at all.
First of all, it would have gotten three due to the issues I list further down, but it gets two because of a major functionality problem that makes it obnoxious to use, and by its admission, not private in private windows.
In the past, when you set it to trust top-level domains, it would automatically set them to temp trusted; however, for whatever reason, it now sets them to "custom," for me, which functions the same as untrusted, and changing it doesn't even refresh the page for you.
The default setting handling is a huge inconvenience, but that is not where the problems end. You cannot restore previous functionality by manually setting the top-level domain to temp trust. To enable scripts on the page, you must set it to trust, which makes it permanently trusted, and keeps a log of every page you visit in private windows. If you try to change it to temp trust and refresh the page, it goes back to "custom."
Besides that, the description for the extension is outdated. Not only does it still mention Flash, but it also claims no loss of functionality when you need it, which is not true. In most cases, enabling some scripts will return the functionality you need, but there are several reasons why that's not always the case.
Sometimes, certain scripts you need will be on sub-domains of the top-level domain, and they need to be enabled separately; however, NoScript doesn't show them because it thinks they are part of the main domain, so you have no way to make the site work without completely disabling the addon for the page.
In other instances, sites won't load all the scripts until they load some other domains. For example, a CDN containing vital scripts might not appear on the list because it's called after an analytics script has run. There is no way to know that unless you enable each script on the list, one by one. The domain doesn't need to be related; it's just something about how the page loads. - Wurdearring: 1 fan 5troch Angel, ien moanne lynEsta vaina debería tener un modo automático para aquellos que no saben de programación.
- Wurdearring: 5 fan 5troch whatever, ien moanne lyn
- Wurdearring: 5 fan 5troch HunterMirror, ien moanne lynHe notado en las demás reseñas, que las personas no parecen comprender el propósito de este addon. La idea es que bloquee los scripts, si una página se rompe por ello, es algo perfectamente esperable, no es culpa de la extensión perse, sino de quien desarrolló dicha página web, queda a tu criterio si lo quieres añadir a la lista blanca o no. Lo realmente triste y reprochable, es más bien que hoy en día hayan tantas páginas que quieran que actives los scripts si o si para poder usarlos, incluso páginas que no los necesitan para nada.
El abuso de los scripts y la manía de convertir las páginas web en "aplicaciones", es lo que ha causado que ahora usar el navegador implique un consumo cada vez mayor de RAM, sin contar los riesgos de seguridad innecesarios del uso de scripts, tanto para el usuario como para el webmaster/desarrollador. Así que por mi parte, prefiero que se rompan las páginas que sean, no les voy a activar los scripts si no son páginas que hagan un uso inteligente y justo de ellas. - Wurdearring: 5 fan 5troch k4mmi, ien moanne lyn
- Wurdearring: 5 fan 5troch Firefox-brûker 19265671, ien moanne lynIt give me the power to control every script on every sites.
- Wurdearring: 5 fan 5troch Firefox-brûker 18710229, 2 moannen lynThis add-on works as intended and has saved me from a lot of potential problems and annoying website antics.
- Wurdearring: 3 fan 5troch Air, 2 moannen lynVery useful on a computer, however, enabling it by default on a mobile phone will block many important features, including but not limited to any AI features and video browsing
- Wurdearring: 2 fan 5troch Firefox-brûker 19157064, 2 moannen lynCompletely breaks reddit on mobile, site becomes unusable. I only got it for help blocking reddits creepy tracking bs on this browser.
- Wurdearring: 1 fan 5troch Cory Sanin, 2 moannen lynOne star for SidebarUtil.tab.js
Disruptive as hell and for what? Why do you need to know if I have a sidebar open? I don't even know what a sidebar is. Remove this nonsense. - Wurdearring: 5 fan 5troch Firefox-brûker 19145735, 2 moannen lyn
- Wurdearring: 5 fan 5troch And?, 2 moannen lyn
- Wurdearring: 5 fan 5troch A Tea Daze, 2 moannen lyn
- Wurdearring: 5 fan 5troch srzlt, 3 moannen lyn
- Wurdearring: 5 fan 5troch jordan9543, 3 moannen lyn
- Wurdearring: 5 fan 5troch vit55555, 3 moannen lyn