[CentOS] C5 : Firefox 38 bug

Fri Jun 12 19:03:17 UTC 2015
Jonathan Billings <billings at negate.org>

On Sat, Jun 13, 2015 at 12:38:35PM -0600, jd1008 wrote:
> I was just using that as an example of damaging javascripts.
> The current version of noscript no longer tells the number of
> javascrits that are blocked out of the total (per web site).
> In the older versions, I would dlete all entries in the visible
> whitelist, and would visit new websites. It would list some
> n javascripts blocked out of m scripts.
> Clicking on 'options' tab on bottom, I would not see the
> 'allowed' scripts listed.

So, you're scaring people away from a privacy-enhancing tool with
unprovable claims of a hidden whitelist?  Which I can't find in the
javascript source of the XPI?  Also, based on your conversations with
someone who worked at a company that hasn't existed since 2009?

I get it, you've got some concerns about the security of the web
model.  But adjust your tin foil hat, you're picking up Fox News on
that thing.

For the record, I use NoScript, Ghostery and uBlock, and am happy with
the experience (for the most part).

I also heavily use Firefox profiles, and only use a completely
separate profile for certain operations, such as online banking.  I've
been playing with using the SELinux sandbox program too, but its just
too convenient to be able to copy-paste into firefox, which sandbox
blocks. I don't use the same profile for Facebook (*sigh*, yeah) and
just random browsing.  I'm certain that a certain amount of private
information leaks out when I'm browsing forums or catching up with the
news, but unfortunately, that's the tax you pay when you use the web.

I'm fairly certain that io9.com isn't reading /etc/shadow on my
computer. 

-- 
Jonathan Billings <billings at negate.org>