Comments on: Browserscope Update http://hackademix.net/2010/11/13/browserscope-update/ Giorgio Maone's answers to the Web, the Universe, and Everything Wed, 16 May 2012 22:16:35 +0000 http://wordpress.org/?v=2.2.3 By: Tom T. http://hackademix.net/2010/11/13/browserscope-update/#comment-24208 Tom T. Thu, 25 Nov 2010 08:00:14 +0000 http://hackademix.net/2010/11/13/browserscope-update/#comment-24208 Why is there no test of Fx with NS *not* Allow Globally, i. e., in its default-deny setting? Even old, outdated Fx 2.0.0.20 refused to run the test. First, because I deny cookies to all sites unless both the site *and I* decide they need them. ;) After allowing cookie, test still wouldn't run, because NS default-deny refuses Browserscope's script - as it refuses any other. So that's 17/17 in my book, not the 3/17 that they report for Fx 2.20. :-D Apparently, no one can use any of these methods of attack unless they can convince the user to allow scripting from that site. Perhaps only a small minority of user population uses NoScript, but if the Browserscope people displayed this fact on their site, it might convince more users to use NS who may not even have heard of it before. Can you get them to do that? It would be dramatic. :) Cheers! P. S. Captcha not showing until google.com is allowed??? Haven't posted here in a while, but why the change? Why is there no test of Fx with NS *not* Allow Globally, i. e., in its default-deny setting?

Even old, outdated Fx 2.0.0.20 refused to run the test.
First, because I deny cookies to all sites unless both the site *and I* decide they need them. ;)

After allowing cookie, test still wouldn’t run, because NS default-deny refuses Browserscope’s script - as it refuses any other. So that’s 17/17 in my book, not the 3/17 that they report for Fx 2.20. :-D

Apparently, no one can use any of these methods of attack unless they can convince the user to allow scripting from that site. Perhaps only a small minority of user population uses NoScript, but if the Browserscope people displayed this fact on their site, it might convince more users to use NS who may not even have heard of it before. Can you get them to do that? It would be dramatic. :)

Cheers!

P. S. Captcha not showing until google.com is allowed??? Haven’t posted here in a while, but why the change?

]]> By: Nicolai http://hackademix.net/2010/11/13/browserscope-update/#comment-24172 Nicolai Sun, 14 Nov 2010 00:09:10 +0000 http://hackademix.net/2010/11/13/browserscope-update/#comment-24172 Well, I checked the "extension" folder, and the permissions of one of the folder was weird, so I rebooted my computer into Linux (dualboot; Win7 & Fedora) and deleted the folder, and then NoScript worked again. I have no idea, why the permissions changed, but the "problem" is fixed now :-) and btw thanks for making the best FF addon! Well, I checked the "extension" folder, and the permissions of one of the folder was weird, so I rebooted my computer into Linux (dualboot; Win7 & Fedora) and deleted the folder, and then NoScript worked again.
I have no idea, why the permissions changed, but the "problem" is fixed now :-)

and btw thanks for making the best FF addon!

]]> By: Giorgio http://hackademix.net/2010/11/13/browserscope-update/#comment-24170 Giorgio Sat, 13 Nov 2010 10:36:08 +0000 http://hackademix.net/2010/11/13/browserscope-update/#comment-24170 @<a href="http://hackademix.net/2010/11/13/browserscope-update/#comment-24169" rel="nofollow">Nicolai</a>: that looks like an Add-Ons Manager corruption. Could you try to follow the steps outlined in this article? http://kb.mozillazine.org/Firefox_:_Issues_:_Can%27t_Install_Themes_or_Extensions#Corrupt_extension_files @Nicolai:
that looks like an Add-Ons Manager corruption.

Could you try to follow the steps outlined in this article?

http://kb.mozillazine.org/Firefox_:_Issues_:_Can%27t_Install_Themes_or_Extensions#Corrupt_extension_files

]]> By: Nicolai http://hackademix.net/2010/11/13/browserscope-update/#comment-24169 Nicolai Sat, 13 Nov 2010 10:30:38 +0000 http://hackademix.net/2010/11/13/browserscope-update/#comment-24169 Okay, this is really weird but today I "lost" NoScript from FF!? When I try to install NoScript, then I get this error: http://img691.imageshack.us/img691/575/err0rt.jpg It looks like NoScript try to access (or create?) a file in a location it doesn't have access to. I'm running: Win7 x64 Mozilla/5.0 (Windows; U; Windows NT 6.1; da; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12 Okay, this is really weird but today I "lost" NoScript from FF!? When I try to install NoScript, then I get this error: http://img691.imageshack.us/img691/575/err0rt.jpg
It looks like NoScript try to access (or create?) a file in a location it doesn’t have access to.

I’m running: Win7 x64
Mozilla/5.0 (Windows; U; Windows NT 6.1; da; rv:1.9.2.12) Gecko/20101026 Firefox/3.6.12

]]>