Browsing Security with NoScript

While working (or actually just playing around) with the infamous SQL injection attacks seen around lately I think it should be worth mentioning that being a developer browser and your own PCs security security is also important  or as important as securing your web servers and databases. [more]

Since the some (most) of the variants of it involves a javascript file which in turn creates an iframe which communicates with another server to serve whatever malicious things they want to happen in the background (I didn't really bother knowing what it was doing rather just how to help get rid or prevent them) I think it is worth mentioning that simply opening those compromised pages could break your own browser or machine too and even make you a accomplice in their deeds. Since it's not uncommon for developers to be developing using admin accounts we are more susceptible than typical non power users **. That's where NoScript for Firefox comes in. Lot of reviews and arguments versus Firefox and IE security but I find it hard to block javascripts in IE and besides I've been very satisfied with Firefox NoScript (though my doors are never open).

For those of you who haven't heard NoScript before it's a Firefox add-in which allows you to allow, deny permanently or temporarily javascripts/java/flash among other objects for web sites that you open. And could be found in the following link : NoScript homepage. It's developed by Giorgio Maone which if I may say is doing a good job in continually improving this stuff. (getting new releases very often).

So there, do yourself and the world a favor and read about your browser's security and at least know how to filter javascript. Every browser that is a little more secured is a step towards a safer web.

** yes i know, no-admin and least privilege stuff – but let's face it, not
everyone had been succesful in completely following those. I'm guilty of this but yes I'm getting there plus not to mention what's my purchased Acronis True Image is for 🙂 Hopefully more post on this topic next
time.


Posted

in

,

by

Tags: