NoScript Awarded with the DRG Security Innovation Grant
Posted by: Giorgio in Mozilla, Security, NoScript
Today I've been notified by Patrick Green, the Chair of the Dragon Research Group Advisory Council, about NoScript having been chosen as the recipient of their Security Innovation Grant.
This is a great honor and a spur to keep making the Web a safer place. I feel the urge to thank the committee for recognizing NoScript as a pioneering force in browser security, and the community of contributors, researchers, translators, beta testers, and loyal users who keep this project alive day after day.
The grant will fund the effort to merge the current two development lines, i.e. "traditional" NoScript for desktop environments and NSA (NoScript 3.0 alpha for Android, generously aided by the NLNet Foundation). More specifically, it will support the implementation of a desktop UI, more powerful than the streamlined smartphone optimized one already developed for NSA, but leveraging the same almost entirely rewritten multi-process back-end: this will allow an unified "NoScript Anywhere" package to be installed indifferently on PCs and mobile devices, sharing the same configuration and permissions everywhere via secure remote synchronization.
Thanks to this unexpected help from the Dragon Research Group, we can look with more confidence at the goal of releasing a NoScript Anywhere beta build for Android and desktop Firefox by September.
Update
The official announcement is online.
July 15th, 2011 at 9:00 pm
Will NoScript for Android also work on the n900 version of firefox?
July 15th, 2011 at 9:08 pm
@0xaffe:
It's quite possible if it supports Firefox 4 at least, but I've got no device to test it on. Could you do it for me (the download is on the bottom of http://noscript.net/nsa/ )?
July 15th, 2011 at 9:09 pm
Congratulations.
July 15th, 2011 at 9:25 pm
Congratulations Giorgio and thanks for such a useful tool that I know has saved me from at least 2 drive-by JavaScript attacks.
If I may, I suggest that the UI change you mentioned to include showing the preferences in a tab rather than a box separate from the browser.
July 16th, 2011 at 12:32 am
@Walid: It might be that the NoScript settings page will be integrated into the Add-on page.
July 16th, 2011 at 6:18 pm
Congratulations! Nice to see such important projects getting the exposure and recognition they deserve.
July 16th, 2011 at 8:00 pm
@Björn: Aha, better than what I even wished for. I saw mock-ups of interfaces integrated into the Add-ons page but still have to see one of the extensions I use employ such a UI.
July 19th, 2011 at 5:13 pm
Note to self... time to talk to them about OWASP Foundation (www.owasp.org) too..
July 19th, 2011 at 8:39 pm
Congratulations!
August 18th, 2011 at 8:14 am
Congratulations on your grant! I am awfully glad you received one because you do good work and I would like to contribute to it, but I just can't at this time. If ever I get any money, you are worthy of some. Thank you.
September 19th, 2011 at 5:58 pm
Congrats!
two tips for winning next year:
1. random mac generation to prevent IP binding behind NAT
2. standard browser impersonation (for third party websites?)
Or any other additional strategy that obfuscates/prevents user fingerprinting.
I am busy implementing these two (with timer delay) on alternative linux router software, but it would be nice if it could be done in client space.