Wednesday, 21 April 2010
NoScript - a Powerful Ally
LABELS: Security Products
Last week, I wrote a small intro article on a Firefox Add-on, or Plug-in, called NoScript.
That article showed a YouTube video of Tom Merritt from cnet, discussing NoScript. For background to this post, perhaps you'd like to see the video first.
When you see the NoScript site, it's enough to scare the daylights out of you - better still, scare the life out of Spammers, Malware attackers, Cross-site Scripting attackers, Click-jackers, etc. That would be great! I love it!
NoScript looks complicated, but if I can use it efficiently, anyone else can, too. My friend, Nitecruzr, got me started with it over a year ago, and I have felt a lot safer ever since. I am not an expert on NoScript. I use it, yes, but at a level I understand and feel comfortable with. I rely on NoScript to do the hard work for me.
The video of Tom will show you probably more than I know about NoScript - BUT, it doesn't cover everything that I like about NoScript. Let me explain.
I now use a security software package called McAfee Site Advisor. If I am unsure of the integrity of a site, I add the URL of the site into McAfee SA, and do a search of the site. McAfee gives me a Report. It's another Plug-in. In that post, I have displayed a couple of images of search reports - Good and Bad. I surf to the site if it's good, disgard it if it's bad.
Nitecruzr has always suggested to me to have a 'Layered Security' on my blog. Part of that layered approach to security is the programs you use, like a good AV Program, like avast, or anti-malware programs like AdAware and Spybot S + D. They both appear to be the same, but they aren't. It's the same with McAfee SA and NoScript.
Apart from the basic up-front protection of automatically alerting me to possible problems, NoScript also gives me a Report. If you look at the next image of a site-security report request on my Home Page blog, Roberto's Blogs dot net, you'll see a blue S in the Status Bar, between the Firebug icon and the McAfee SA icon and search box.
If I click on that blue 'S', hold the < SHIFT > key down while clicking on the name of the blog, in this case it says - Forbid robertosblogs.net, then search parameters are displayed.
This image shows the three search parameters I can view. I just select each and every one for a detailed report on the site-security.
Another reason for using Firefox as your Browser? I think so. NoScript works for all Mozilla-based Browsers.
NoScript auto-updates, too.