Hacker News new | past | comments | ask | show | jobs | submit login

It opens a webpage that has an ad link to malware that must be manually installed. That's not a malicious page.



Sure.

Now, the question is, do I trust a plugin that serves ads for malware?

BTW any info on when did they start doing that?


Source code for NoScript is available, if you manually update and compare the code you should be safe.


Sure, but trust is widely used in security, in exchange for dramatically higher usability/productivity.

If I were to personally inspect every software (and hardware where possible) I use I would barely be up to date on 1995 versions of computing.

I outsource this trust to an aggregation of online communities I believe in. This post dramatically lessens my trust in NoScript.


Do you place any trust in Mozilla's add-on review process, which NoScript is subjected to? https://developer.mozilla.org/en-US/Add-ons/AMO/Policy/Revie...


Absolutely. To the extent it's servicable. I however don't trust every app on Apples appstore merely for passing review. I wouldn't be too scared to still use NoScript, but if there are alternatives why would I?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: