How to stop malicious code? Use NoScript
The World Wild Web is a dangerous place with viruses, exploits, spyware and malware looking to infiltrate your system and cause all sorts of havoc. Even the latest security patches and virus updates does not mean your PC is vulnerable. One method that these web rogues use to do this is via malicious websites or scripts that compromise your system without you knowing it.
Presenting the Firefox plugin “Noscript” which essentially block all manner of scripting that may hold malicious code. What about sites that need scripting like your webmail? Noscript is flexible enough to allow you to define which sites code may be run.
Winner of the “2006 PC World World Class Award”, this tool provides extra protection to your Firefox.
It allows JavaScript, Java and other executable content to run only from trusted domains of your choice, e.g. your home-banking web site, and guards the “trust boundaries” against cross-site scripting attacks (XSS). Such a preemptive approach prevents exploitation of security vulnerabilities (known and even unknown!) with no loss of functionality…Experts do agree: Firefox is really safer with NoScript ;-)
I have been using this for an year now. Cant live without it. lol. Easy but powerful tools. I had written about it earlier here.
I was on a website searching for help on a project management package my company had purchased from Tenforce.com and after a while my browser asked me
“Do you want to allow this page to paste information from your clipboards”
This was not funny as I had just used the clipboard to copy some confidential information into outlook express and did not think much about it at the time believing that I had pressed the wrong key but later it happened again so I asked internal security to test my computer for a virus.
Nothing was found so we both searched the internet and found
http://www.sourcecodesworld.com/special/clipboard.asp only to discover it could read the clipboard from my computer using a malicious script and later we managed to change the security settings for internet explore to stop this happening again.
Clearly this shocked me as it appears our supplier has a security problem or is deliberately committing fraud and I want to catch them before I see my manager so please help me.
JavaScript is NOT the bogeyman here, people—-*Java* and Flash ARE. Without Java or Flash, JavaScript cannot do anything worse than stall your browser (IF you’re running Firefox instead of Inbreed Exploiter).
Postman, if your company insists upon using Intercourse Exposer AND Outleak Express, lock the door to your IT department from the outside, pour gasoline under the door, and set it off. It’s too late for you, but it WILL prevent those pretards from spreading their defective DNA.