Should JavaScript be blocked while browsing?

D

Deepak

B3D Yoddha
Veteran
I was reading this article...

http://news.yahoo.com/s/pcworld/20051205/tc_pcworld/123771

JavaScript helps you make great use of the Web; but in the wrong hands, it lets the Web make use of you. PC World's own Dennis O'Reilly gives solid advice for blocking JavaScript in both Microsoft Internet Explorer and Firefox. His prescribed Firefox fix, NoScript, adds so many security options it's worth going over them here in more detail.
Click to expand...

*****

Why should JS be blocked? What harm could it do?
 
JavaScript is like ActiveX, only less so, in that it can run programs from the site you're visiting on your computer. JScript (IE) is much more important to disable, as it runs through the Windows Scripting Host, and has (potential) access to the System object. JavaScript (FF) really runs in a sandbox, and so is much more secure.

Then again, disabling ActiveX in IE is a must (if you can run an online virusscanner without installing software yourself, you can distribute online virii just as easy), but when you disable JScript / JavaScript, many websites don't work anymore.

The moral of the story: just use FireFox or Opera and don't worry about it.
 
If you are browsing questionable sites I suggest you block JS.
Believe me, I'm using FF and I deem it necessary.
 
look at this:

If you click something like that and it starts scanning right away, you're using IE without XP SP2. If they all ask you to download a file, you're reasonably safe.

If such an advertizing can start scanning your computer and make changes without you downloading and starting an application, anyone who wants to can do whatever they like with your computer when you accidentally browse a page that contains it. You don't even have to click it.
 
DiGuru if you have extensive experience browsing picture sites I can guarantee you those kind of spyware traps aren't the only ones.
Javascript is an offender even on FF.
I've had adware/spyware in my cookies as well few times.

I know also limit cookies and it pops up everytime when a site requests a cookie.
 
K.I.L.E.R said:
If you are browsing questionable sites I suggest you block JS.
Believe me, I'm using FF and I deem it necessary.
Click to expand...
Most of the time you just need to disable things like popups, writing to status bar, raising, lowering and resizing windows etc. This will get rid of most irritating things done with JS.

Generally, though, JavaScript should be safe when run within a browser as it's in a "sandbox" and shouldn't be able to do anything really nasty. However, if I wouldn't trust IE in this regard, though generally on reputable sites you are fine.
 
DG I have also disabled those things as well.
When I browse B3D I turn JS on.
When I browse my other sites I make sure I disable just about everything.
 
K.I.L.E.R said:
DiGuru if you have extensive experience browsing picture sites I can guarantee you those kind of spyware traps aren't the only ones.
Javascript is an offender even on FF.
I've had adware/spyware in my cookies as well few times.

I know also limit cookies and it pops up everytime when a site requests a cookie.
Click to expand...
Yes, it was just an easy example. But there are very few (if any, outside some lab) things that can do more than a semi browser hijack when you're using FF/Opera, while there are very many that can do all kinds of nasty stuff with IE even when you're using XP SP 2. That your virusscanner or malwarescanner sees a threat doesn't mean that it can activate itself.
 
Until MS comes out with a fix for The Flaw of Doom for Internet Explorer, don't use it.

Firefox 1.5 + fasterfox (extension) is better in almost every way anyway.

Cheers
Gubbi
 
You must log in or register to reply here.
Back
Top