NoScript Awarded for Security InnovationToday I've been notified by Patrick Green, the Chair of the Dragon Research Group Advisory Council, about NoScript having been chosen as the recipient of their Security Innovation Grant.

This is a great honor and a spur to keep making the Web a safer place. I feel the urge to thank the committee for recognizing NoScript as a pioneering force in browser security, and the community of contributors, researchers, translators, beta testers, and loyal users who keep this project alive day after day.

The grant will fund the effort to merge the current two development lines, i.e. "traditional" NoScript for desktop environments and NSA (NoScript 3.0 alpha for Android, generously aided by the NLNet Foundation). More specifically, it will support the implementation of a desktop UI, more powerful than the streamlined smartphone optimized one already developed for NSA, but leveraging the same almost entirely rewritten multi-process back-end: this will allow an unified "NoScript Anywhere" package to be installed indifferently on PCs and mobile devices, sharing the same configuration and permissions everywhere via secure remote synchronization.

Thanks to this unexpected help from the Dragon Research Group, we can look with more confidence at the goal of releasing a NoScript Anywhere beta build for Android and desktop Firefox by September.


The official announcement is online.

11 Responses to “NoScript Awarded with the DRG Security Innovation Grant”

  1. #1 0xaffe says:

    Will NoScript for Android also work on the n900 version of firefox?

  2. #2 Giorgio says:

    It's quite possible if it supports Firefox 4 at least, but I've got no device to test it on. Could you do it for me (the download is on the bottom of )?

  3. #3 therube says:


  4. #4 Walid Damouny says:

    Congratulations Giorgio and thanks for such a useful tool that I know has saved me from at least 2 drive-by JavaScript attacks.

    If I may, I suggest that the UI change you mentioned to include showing the preferences in a tab rather than a box separate from the browser.

  5. #5 Björn says:

    @Walid: It might be that the NoScript settings page will be integrated into the Add-on page.

  6. #6 Paul says:

    Congratulations! Nice to see such important projects getting the exposure and recognition they deserve.

  7. #7 Walid Damouny says:

    @Björn: Aha, better than what I even wished for. I saw mock-ups of interfaces integrated into the Add-ons page but still have to see one of the extensions I use employ such a UI.

  8. #8 Tom Brennan says:

    Note to self... time to talk to them about OWASP Foundation ( too..

  9. #9 Bruno says:


  10. #10 Pam says:

    Congratulations on your grant! I am awfully glad you received one because you do good work and I would like to contribute to it, but I just can't at this time. If ever I get any money, you are worthy of some. Thank you.

  11. #11 Thaddy says:


    two tips for winning next year:
    1. random mac generation to prevent IP binding behind NAT
    2. standard browser impersonation (for third party websites?)

    Or any other additional strategy that obfuscates/prevents user fingerprinting.

    I am busy implementing these two (with timer delay) on alternative linux router software, but it would be nice if it could be done in client space.

Bad Behavior has blocked 576 access attempts in the last 7 days.