An email I received yesterday night:
I’ve been using NoScript with Firefox for a while (recommended by SANS), and today it paid off bigtime.
I got to work, started Firefox, and went to our homepage.
NoScript complained and I checked out the complaint at the bottom of the page. Our webpage had a link on it to sdo.1000mg.cn.
I started looking and found that we had the SQL injection attack currently featured at SANS:
NoScript found it first! You are a hero! Thanks.
[Anonymized US Educational Site]
Then a quote from Ryan Naraine’s Talking Firefox security with Mozilla’s Window Snyder:
There are discussions happening internally at Mozilla around adding NoScript functionality into the core browser.
“It’s a conversation we’re having. I’d love to see it in there.”
Oh Window, why didn’t you tell me these sweet words when we were face to face in the romantic and adventurous land of Whistler?
I guess it’s destiny, even Steve Ballmer had been too shy to declare his love ;)