Linked by Thom Holwerda on Thu 23rd Sep 2010 21:36 UTC, submitted by google_ninja
Now this is a subject sure to cause some discussion among all of you. LifeHacker's Adam Pash is arguing that Chrome has overtaken Firefox as the browser of choice for what he calls 'power users'; polls among LifeHacker's readership indeed seem to confirm just that. He also gives a number of reasons as to why this is the case.
Thread beginning with comment 442508
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[5]: I need NoScript
by google_ninja on Fri 24th Sep 2010 16:59
in reply to "RE[4]: I need NoScript"
Member since:2006-02-05
not really, you are turning off any kind of interactivity. It may just be a subtle glow effect, or a fade in/out, or maybe you are just breaking menus. In any case, you are basically hobbling the intent behind the design and development of the site.
Again, it is completely arbitrary. I understand flashblock, cause plugins like flash is where almost all browser vulnerabilities come from. Yes, there have been exploits through javascripts, but also through jpegs/pngs/gifs, and styles. If you are going to turn one off and whitelist it back, you may as well go for all 3. That would be 3x as secure as just noscript, and instead of just going back in time by about 10 years (when javascript was barely used for anything), you will go back 30-35 years, which is essentially the lynx experience.
Of course, you could just uninstall flash/silverlight/java/etc, which will make a way bigger difference then blocking javascript. But it seems like "power users" who use noscript also tend to have every adobe plugin under the sun installed as well, no matter how bad, frequent, and widely publicized security issues with those plugins are.
but hey, as long as it makes you feel safer, its totally up to you. I just find it baffling.
Edited 2010-09-24 17:00 UTC
Member since:2006-06-21
I just find it baffling.
That's probably because you are clueless.
You are mixing vulnerabilities up. Exploits that target rendering (images, CSS, HTML) and plugins, are used to get out of the browser space and provide remote access to your system. JavaScript vulnerabilities do not provide access to your system but instead to websites that you visit, under your credentials.
Both are equally serious, just the data being exposed is different.
Then there's also the concern with people who don't want to break in anywhere, they just want to spy on you. JavaScript can be used for that too. Remember the "everlasting cookie" article a few days ago? And here's another example:
http://www.mikeonads.com/2008/07/13/using-your-browser-url-history-...
NoScript and cookie whitelist extensions (CookieSafe or Cookie Monster) are extremely useful for protecting your privacy and preventing creative malicious uses of JavaScript. This is stuff that's actively exploited on a wide scale and works no matter what OS the browser runs on, unlike the other type of exploits.
I use such Firefox extensions (and builtin about:config settings) to create a super-hardened browser that I use exclusively when visiting my banking site, sensitive accounts or whenever I have to enter my credit card data. You cannot do that with Chrome (not to mention Google themselves spying on you with it).
Such privacy concerns strike you as paranoid? Suit yourself, it's your choice.
Edited 2010-09-24 21:27 UTC
News
Linked by Thom Holwerda on 06/19/13 23:02 UTC, submitted by M.Onty
"Microsoft has sensationally abandoned its controversial plans to restrict the sharing of XBox One games, and has also removed daily online authentication requirements for its forthcoming console", reports The Guardian. They had no choice. Still a good move.
Linked by Thom Holwerda on 06/19/13 22:28 UTC
"A snippet of code in the Steam digital distribution platform has revealed that Valve may be planning to let users easily share their games with friends in the future. The Verge has verified the code's authenticity, which was originally spotted by a member of the NeoGAF gaming forum; the code references a 'shared game library' and a notification that would alert a user when their games are currently in use by a borrower." This would change the, uh, game.
Linked by Thom Holwerda on 06/18/13 22:33 UTC
Official Apple statement on PRISM and privacy: "Regardless of the circumstances, our Legal team conducts an evaluation of each request and, only if appropriate, we retrieve and deliver the narrowest possible set of information to the authorities. In fact, from time to time when we see inconsistencies or inaccuracies in a request, we will refuse to fulfill it." This is basically Apple re-publishing their earlier statement in a more official manner. You either believe it, or you don't.
Linked by Anonymous on 06/18/13 22:26 UTC
The open source Contiki operating system and its commercial Thingsquare distribution are making strides towards the connected home. According to a Computerworld article, a new LED light bulb manufacturer is putting small computers into their light bulbs. Each computer runs the Contiki OS, which gives each bulb an IP address and allows them to be controlled with a smartphone application. To connect the bulbs to the application, the bulbs use both Wi-Fi and the much lower power IEEE 802.15.4 mesh technology.
Linked by Thom Holwerda on 06/18/13 22:25 UTC
"Google asked the secretive Foreign Intelligence Surveillance Court on Tuesday to ease long-standing gag orders over data requests it makes, arguing that the company has a constitutional right to speak about information it's forced to give the government. The legal filing, which cites the First Amendment's guarantee of free speech, is the latest move by the California-based tech giant to protect its reputation in the aftermath of news reports about sweeping National Security Agency surveillance of Internet traffic." Draining the ditch after the cow has drowned in it.
Linked by Thom Holwerda on 06/18/13 17:45 UTC
"I can't find one person who has been using the Nexus 7 for an extended period of time, and hasn't seen a massive downgrade in performance. Just what kind of downgrade are we talking here? I cannot pick up my Nexus 7 without experiencing problems like a lag of ten seconds, or more, just to rotate the display; touches refusing to acknowledged; stuttering notification panel actions; and unresponsive apps." Fully and utterly agreed. My Nexus 7 was blazing-fast and awesome for a few months, and at some point, it just started sucking. Just like that. I've tried loads of ROMs, and nothing helps.
Linked by Thom Holwerda on 06/18/13 17:32 UTC, submitted by poundsmack
A new release of the hobby operating system MenuetOS! The release notes are a bit non-descript, but you'll have to take what you can get: "updates and improvements (picview, httpc, ehci, ...)".
Linked by Thom Holwerda on 06/17/13 17:58 UTC
"The Internet is one of the most transformative technologies of our lifetimes. But for 2 out of every 3 people on earth, a fast, affordable Internet connection is still out of reach. And this is far from being a solved problem. There are many terrestrial challenges to Internet connectivity - jungles, archipelagos, mountains. There are also major cost challenges. Right now, for example, in most of the countries in the southern hemisphere, the cost of an Internet connection is more than a month's income. Solving these problems isn't simply a question of time: it requires looking at the problem of access from new angles. So today we're unveiling our latest moonshot from Google[x]: balloon-powered Internet access." Insane.
Linked by Thom Holwerda on 06/17/13 17:52 UTC
"MineAssemble is a tiny bootable Minecraft clone written partly in x86 assembly. I made it first and foremost because a university assignment required me to implement a game in assembly for a computer systems course. Because I had never implemented anything more complex than a 'Hello World' bootloader before, I decided I wanted to learn about writing my own kernel code at the same time. Note that the goal of this project was not to write highly efficient hand-optimized assembly code, but rather to have fun and write code that balances readability and speed. This is primarily accomplished by proper commenting and consistent code structuring." Just cool.
Linked by Thom Holwerda on 06/14/13 21:03 UTC
Jon Rubinstein, former CEO of Palm: "Well, I'm not sure I would have sold the company to HP. That's for sure. Talk about a waste. Not that I had any choice because when you sell a company you don't get to decide that. Obviously, the board and shareholders decide that. If we had known they were just going to shut it down and never really give it a chance to flourish, what would have been the point of selling the company? I think the deal we had with Verizon really hurt us, but who knew that at the time? These things are all hindsight."More News »
Sponsored Links
Member since:
2008-01-09
Overstatement of the year