An email I received yesterday night:
Hi,
I've been using NoScript with Firefox for a while (recommended by SANS), and today it paid off bigtime.
I got to work, started Firefox, and went to our homepage.
NoScript complained and I checked out the complaint at the bottom of the page. Our webpage had a link on it to sdo.1000mg.cn.
I started looking and found that we had the SQL injection attack currently featured at SANS:http://isc.sans.org/diary.html?storyid=4844
NoScript found it first! You are a hero! Thanks.
Jeff E.
[Anonymized US Educational Site]
Then a quote from Ryan Naraine's Talking Firefox security with Mozilla’s Window Snyder:
There are discussions happening internally at Mozilla around adding NoScript functionality into the core browser.
“It’s a conversation we’re having. I’d love to see it in there.â€
Oh Window, why didn't you tell me these sweet words when we were face to face in the romantic and adventurous land of Whistler?
I guess it's destiny, even Steve Ballmer had been too shy to declare his love ;)
