[OT]
 

[QUOTE=retina;366164](why does the latest FF make so difficult for ordinary users to disable JS? FFS!)).[/QUOTE]Try the NoScript add-on.
[QUOTE=ewmayer;366172]I continue to be quite happy with the NoScript add-on.[/QUOTE]... as do I.

Reading fishing mails as plain text (which I do for all mails) makes the fishing attempt ludicrous. Sometimes, once I am sure the mail is legit, I switch to the formatted view to increase readability in one of those mails full of links or the even rarer mails where viewing the image(s) is necessary.

Jacob

[QUOTE=Brian-E;366188]As well as the danger of clicking something which isn't what it seems, there is also the very real danger of performing a mouse click when this is unintended, perhaps while hovering the cursor over a link to investigate it[/QUOTE]

True - I probably underestimate this danger for most folks because I prefer using a real mouse even with my laptop - one full-sized mouse on the home desk, a mini one stays in the laptop bag and goes wherever does the laptop.

Since it seems hovertext is trivially spoofed I wonder why this phish-detection method appears to be nigh-foolproof in actual practice ... Perhaps because such a small % of targeted folks bother to check such stuff that the phishers don't even need to do even this small amount of extra spoof-work?

I would be very interested to hear from folks here who encounter a phish-mail which actually bothers to use link-alt-text spoofage, since I've never actually run across such a beast in the wild. (Maybe being over 30 and not a social media addict I'm just not in the target demographic...)

[QUOTE=cheesehead;366212]Try the NoScript add-on.
... as do I.[/QUOTE]No. I don't run JS at all in any form whatsoever so NoScript is useless and unnecessary for me. What is disturbing is that the FF devs decided that ignoring my preference completely by turning on JS, while at the same time removing the easily accessible GUI option to turn it off, was somehow what I really wanted. I had JS off for a reason, it wasn't a mistake or an accident, and turning it on without my permission was a breach of trust IMO. My guess is that they are getting greedy and advertising interests have paid them to force JS on everyone. Or perhaps NSA/GCHQ have paid them to force JS on so that exploits are easier for them to deploy. Perhaps both. :cry:

Unfortunately it appears that all other browsers are doing similar things. Removing user options because they "clutter the screen and are confusing". Soon there won't be any address bar because it is cluttering the screen and it is too much effort to actually type anything. Hehe, no doubt we will end up with just glorified TVs where we can only read and watch whatever the BigAdCorps/GovCensors have decided we are allowed to. And naturally they will also be watching us through the inbuilt cameras that we can't turn off either. I for one welcome our new overlords. :hello:

:sm88:

When considering clicking a link in email, just copy the link to the buffer and paste it into a new tab. Then examine it to see if it is weird.

We received an email recently from Target about how our account might be hacked and they were offering us credit monitoring service. But, the link to click looked fishy to us and we did not pursue it. We do not even remember shopping at Target.

It was a really well done email and it might even be legit, but we practice "skeptical" computing.

:judge:

[QUOTE=retina;366247]And naturally they will also be watching us through the inbuilt cameras that we can't turn off either. [/QUOTE]Sticky tape over the lens has served me well for many years.

[QUOTE=xilman;366283]Sticky tape over the lens has served me well for many years.[/QUOTE]Okay for now but once that behaviour becomes illegal then what? Note that it probably won't be such an overt outlawing of said activity, it will be more subtle like forbidding unauthorised modification of computing equipment, or something equally nonsensical. Disconnecting from the Internet won't help either since all software is going the way of "as a service". No Internet means a useless box of atoms awaits. And of course not forgetting the added joy of no off-button and hard wired into the power grid. Oh oh oh, and while were at making Orwellian predictions we mustn't forget that without the computer operating you won't receive any money, food or water since technically you wouldn't exist. Just do what you are told and follow orders and everything will go just fine, and ignore the man behind the curtain, thanks.

[QUOTE=xilman;366283]Sticky tape over the lens has served me well for many years.[/QUOTE]
With an appropriate message for the spies to read on the lens side, I hope! :smile:

[QUOTE=retina;366247]No. I don't run JS at all in any form whatsoever so NoScript is useless and unnecessary for me.[/QUOTE]You were complaining about FF not giving you the option to turn JS off.

NoScript offers you the choice to turn off JS (by selecting all the relevant disabling options).

Therefore, NoScript offers you a capability that you currently do not have. It is not useless.
If you want to turn JS off, it is also necessary (unless you find and install some other add-on that allows you to disable JS).

While I can appreciate the "easily accessible GUI" part of it, is going thru about:config > javascript.enabled [I]that[/I] difficult?

[QUOTE=cheesehead;366349]You were complaining about FF not giving you the option to turn JS off.

NoScript offers you the choice to turn off JS (by selecting all the relevant disabling options).

Therefore, NoScript offers you a capability that you currently do not have. It is not useless.
If you want to turn JS off, it is also necessary (unless you find and install some other add-on that allows you to disable JS).[/QUOTE]I can, and have, turned it off (Now. Again), but ...[QUOTE=axn;366350]While I can appreciate the "easily accessible GUI" part of it, is going thru about:config > javascript.enabled [I]that[/I] difficult?[/QUOTE]... although not majorly difficult as such (once you know where you are supposed to look) there are two problems here.

1. It shouldn't have even been necessary for me to go searching and googling and general time wasting whatnot to find the hidden setting because I had already turned it off previously. And,
2. It shouldn't have even been necessary for me to go searching and googling and general time wasting whatnot to find the hidden setting because I had already turned it off previously.

Now, technically, I realise that they are the same point but it was such an important point that I thought it necessary to state twice.