New Bundle Version 1.3.10

Scott Bennett bennett at cs.niu.edu
Fri Nov 12 10:01:11 UTC 2010 

     On Tue, 02 Nov 2010 09:33:23 -0500 Joe Btfsplk <joebtfsplk at gmx.com>
wrote:
>On 11/2/2010 3:01 AM, Scott Bennett wrote:
>>       On Wed, 27 Oct 2010 10:22:07 +0000 Erinn Clark<erinn at torproject.org>
>> wrote:
>>> NoScript
>>> - majority of options are disabled
>>       Erinn, I'm not sure what you meant there.  Did you mean that NoScript
>> disables the majority of Firefox options?  Or that the majority of NoScript
>> options is disabled in this version of the bundle?
>Not sure what was meant, but would it make * any * sense to include 
>NoScript & then disable most functionality of it?
>
>On 11/2/2010 3:01 AM, Scott Bennett wrote:
>>       FWIW, I'd like to recommend also using QuickJava, which allows toggling
>> of Java and JavaScript individually.  In other words, allowing scripts in
>> NoScript allows one still to disable Java while leaving JavaScript enabled
>> if one so desires.
>Huh?  It's early in AM, but which are you advocating - or both?

      I'm advocating installing both NoScript and QuickJava.

>>    If scripts are disabled in NoScript, then clicking on
>> the QuickJava buttons has no effect.
>Others can weigh in on this:  In past, I've had conflicts running 
>QuickJava & Torbutton.  One prob was once toggled Torbutton off, & shut 
>down Tor, QuickJava didn't properly toggle plugins unless restarted 
>Firefox - * at minimum. *  Been a while, but may have had to uninstall / 
>reinstall QuickJava to restore functions.  Plan on trying it again.
>>    I, for one, *never* want Java enabled
>> for anything, but in a very few cases, I do allow JavaScript to run.
>How do you get pages to work correctly - such as clicking links to d/l 
>files, if only allow JS on "very few" pages?  Seems to me, more trusted 
>sites than not require some JS to use the sites.  I'm curious, since you 
>said "very few," not "on trusted sites."

     There are "very few" that are "trusted sites".

>>       Okay.  You might want to look through all the stuff on the NoScript
>> web pages to get a better understanding of the extensive list of pretty awful
>> leakages and attacks that NoScript can block.
>Back to QuickJava & NoScript:  Aren't they overlapping - possibly 
>conflicts of using both?

     I haven't encountered any.  However, I have noticed a couple of weird
situations where NoScript alone did not stop the unwanted appearance of
windows with dotted (i.e., nonfunctioning) "close" buttons, whereas also
having JavaScript disabled in QuickJava eliminated those.
     In any case, NoScript does not, AFAIK, allow the user to disable Java
or JavaScript selectively, only both or neither.  Adding QuickJava allows
the user to enable/disable each individually.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

More information about the tor-talk mailing list