An email I received yesterday night:
Hi,
I’ve been using NoScript with Firefox for a while (recommended by SANS), and today it paid off bigtime.
I got to work, started Firefox, and went to our homepage.
NoScript complained and I checked out the complaint at the bottom of the page. Our webpage had a link on it to sdo.1000mg.cn.
I started looking and found that we had the SQL injection attack currently featured at SANS:http://isc.sans.org/diary.html?storyid=4844
NoScript found it first! You are a hero! Thanks.
Jeff E.
[Anonymized US Educational Site]
Then a quote from Ryan Naraine’s Talking Firefox security with Mozilla’s Window Snyder:
There are discussions happening internally at Mozilla around adding NoScript functionality into the core browser.
“It’s a conversation we’re having. I’d love to see it in there.”
Oh Window, why didn’t you tell me these sweet words when we were face to face in the romantic and adventurous land of Whistler?
I guess it’s destiny, even Steve Ballmer had been too shy to declare his love ;)
August 10th, 2008 at 4:10 pm
haha
Although the news is great, I loved the writing style (last two lines) more. ;)
August 19th, 2008 at 2:32 am
Great news. I love no script and wonder how I ever browsed without it, even got my Missus onto it. I still think it is too hard for most end users, maybe if it could do like adblock plus or other collaborative systems and have a dynamic web stored whitelist that is updated based on x number of users allowing sites. Of course this feature also needs to be able to be turned off, cause no way I would have it on :P