I had the same reaction, but persevered with it, stared at it until I worked it out and decided it was really quite usable. Not that hard :) I still use it.
While I agree the change in UI was disruptive, it shows more info and in a more accessible way than before. (At least once one takes the time to learn it.)
If a simpler interface is preferred then it's already possible to blacklist JS in Chrome and enable it per-site by clicking to the left of the page address for the access privileges.
is ANYONE on here talking about the massive problem with the major browsers forcing http-auditing into browsers??????????????????????????????????????????????
In my opinion NoScript is the single most powerful security tool for the home user. It's a shame they've rendered it nearly unusable with the new UI. I don't know why it's a trend with developers these days to turn readable menus into oversimplified buttons/icons. I have to rely on tooltips just to work my Gmail and that's ridiculous.
True, but that's what the whitelist is for. Browsers are so complex these days that visiting a website you've never heard of before may as well be you running a random executable. Will your browsers security hold up if the website is hostile? Probably, in the same way the security features of your OS and/or anti-malware software will probably keep you safe from a random malicious executable.
I have ran malware on known sites due to faulty ads and some Java 0-day about 5 years ago. I never enabled Java in my browser again. I do wonder if having used NoScript would of saved me since it does block Java applets too.
The problem is that if you suffer from information-addiction, like most people nowadays do, the whitelist quickly becomes filled with every website out there.
I've actually had the opposite problem, I have yet to make a habit of saving my noscript (now umatrix) settings, so any time-saving of eliminating slow scripts is wasted refreshing it three times trying to figure out which cdn is the important one; and trying to selectively enable the scripts of a video streaming site is even worse. Still worth having it though, especially when you go to traditionally sketchy download sites and see it have a cleaner UI than the apple homepage with just a single download button.
> I have to rely on tooltips just to work my Gmail and that's ridiculous.
Pick a better mail service that doensn't 'require' JavaScript? You're complaining about a thing that lets users control what sites are allowed to run and you're trying to use one of the most JS-heavy sites on the internet...
The parent commenter was comparing the bad UI of NoScript to the bad UI of Gmail. Seems fair comparison to me if the UIs are similar. What does JavaScript have to do with it? People are quite capable of creating bad UIs with or without JavaScript.
29 comments
[ 3.4 ms ] story [ 80.1 ms ] threadMaybe Microsoft does and push it upstream?
I can't remember how many time I have disabled restrictions globally and always forgot to turn it off because the icon says nothing.
It really is simple to figure out, if you can't, maybe you need an easier plugin that just toggles JS in general.
If a simpler interface is preferred then it's already possible to blacklist JS in Chrome and enable it per-site by clicking to the left of the page address for the access privileges.
Imagine sudo giving root access to anyone. That’s how severe the vulnerability was.
This means there is a severe problem with the dev cycle of this software.
https://gist.github.com/x0rz/8198e8e22b1f70fddb9c815c1232b79...
Unfortunately, it is also a great tool for breaking websites ...
Noscript can collect the information as to the most common settings for each website (say youtube) and apply them automatically.
Would save the whole "temp allow" -> "refresh" whack a mole game :)
> I have to rely on tooltips just to work my Gmail and that's ridiculous.
Pick a better mail service that doensn't 'require' JavaScript? You're complaining about a thing that lets users control what sites are allowed to run and you're trying to use one of the most JS-heavy sites on the internet...
Um, the article is about NoScript.. which (drumroll) allows users to manage Javascript on a per-website and/or per-source basis.