Subject: General Tech | November 24, 2017 - 08:39 PM | Scott Michaud
Tagged: noscript, mozilla
It turns out that Mozilla has enough hooks for a new version of NoScript, however. As such, NoScript 10.x has been released earlier this week. It allows you to disable scripts on a domain by domain basis until they are added to a white list, or given access via the add-on button.
Still, it’s available now.
Subject: General Tech | July 6, 2015 - 07:01 AM | Scott Michaud
This is like a five-year-old figuring out how to unlock a fireworks case full of paper crackers.
Regardless, there are two vulnerabilities, both of which have already been updated. Both of them take advantage of the whitelist functionality to ignore malicious code. By default, NoScript trusts a handful of domains, because blocking every script ever would break too much of the internet.