Government snooping, backdoors and #necessaryhashtags - Page 35

cheesehead · 2014-02-05, 17:12

Quote:

Originally Posted by retina

(why does the latest FF make so difficult for ordinary users to disable JS? FFS!)).

Try the NoScript add-on.

Quote:

Originally Posted by ewmayer

I continue to be quite happy with the NoScript add-on.

... as do I.

S485122 · 2014-02-05, 17:35

Reading fishing mails as plain text (which I do for all mails) makes the fishing attempt ludicrous. Sometimes, once I am sure the mail is legit, I switch to the formatted view to increase readability in one of those mails full of links or the even rarer mails where viewing the image(s) is necessary.

Jacob

ewmayer · 2014-02-05, 22:23

Quote:

Originally Posted by Brian-E

As well as the danger of clicking something which isn't what it seems, there is also the very real danger of performing a mouse click when this is unintended, perhaps while hovering the cursor over a link to investigate it

True - I probably underestimate this danger for most folks because I prefer using a real mouse even with my laptop - one full-sized mouse on the home desk, a mini one stays in the laptop bag and goes wherever does the laptop.

Since it seems hovertext is trivially spoofed I wonder why this phish-detection method appears to be nigh-foolproof in actual practice ... Perhaps because such a small % of targeted folks bother to check such stuff that the phishers don't even need to do even this small amount of extra spoof-work?

I would be very interested to hear from folks here who encounter a phish-mail which actually bothers to use link-alt-text spoofage, since I've never actually run across such a beast in the wild. (Maybe being over 30 and not a social media addict I'm just not in the target demographic...)

retina · 2014-02-05, 22:57

Quote:

Originally Posted by cheesehead

Try the NoScript add-on.
... as do I.

No. I don't run JS at all in any form whatsoever so NoScript is useless and unnecessary for me. What is disturbing is that the FF devs decided that ignoring my preference completely by turning on JS, while at the same time removing the easily accessible GUI option to turn it off, was somehow what I really wanted. I had JS off for a reason, it wasn't a mistake or an accident, and turning it on without my permission was a breach of trust IMO. My guess is that they are getting greedy and advertising interests have paid them to force JS on everyone. Or perhaps NSA/GCHQ have paid them to force JS on so that exploits are easier for them to deploy. Perhaps both.

Unfortunately it appears that all other browsers are doing similar things. Removing user options because they "clutter the screen and are confusing". Soon there won't be any address bar because it is cluttering the screen and it is too much effort to actually type anything. Hehe, no doubt we will end up with just glorified TVs where we can only read and watch whatever the BigAdCorps/GovCensors have decided we are allowed to. And naturally they will also be watching us through the inbuilt cameras that we can't turn off either. I for one welcome our new overlords.

Xyzzy · 2014-02-06, 01:45

When considering clicking a link in email, just copy the link to the buffer and paste it into a new tab. Then examine it to see if it is weird.

We received an email recently from Target about how our account might be hacked and they were offering us credit monitoring service. But, the link to click looked fishy to us and we did not pursue it. We do not even remember shopping at Target.

It was a really well done email and it might even be legit, but we practice "skeptical" computing.

xilman · 2014-02-06, 10:41

Quote:

Originally Posted by retina

And naturally they will also be watching us through the inbuilt cameras that we can't turn off either.

Sticky tape over the lens has served me well for many years.

retina · 2014-02-06, 10:59

Quote:

Originally Posted by xilman

Sticky tape over the lens has served me well for many years.

Okay for now but once that behaviour becomes illegal then what? Note that it probably won't be such an overt outlawing of said activity, it will be more subtle like forbidding unauthorised modification of computing equipment, or something equally nonsensical. Disconnecting from the Internet won't help either since all software is going the way of "as a service". No Internet means a useless box of atoms awaits. And of course not forgetting the added joy of no off-button and hard wired into the power grid. Oh oh oh, and while were at making Orwellian predictions we mustn't forget that without the computer operating you won't receive any money, food or water since technically you wouldn't exist. Just do what you are told and follow orders and everything will go just fine, and ignore the man behind the curtain, thanks.

Nick · 2014-02-06, 13:10

Quote:

Originally Posted by xilman

Sticky tape over the lens has served me well for many years.

With an appropriate message for the spies to read on the lens side, I hope!

cheesehead · 2014-02-07, 06:01

Quote:

Originally Posted by retina

No. I don't run JS at all in any form whatsoever so NoScript is useless and unnecessary for me.

You were complaining about FF not giving you the option to turn JS off.

NoScript offers you the choice to turn off JS (by selecting all the relevant disabling options).

Therefore, NoScript offers you a capability that you currently do not have. It is not useless.
If you want to turn JS off, it is also necessary (unless you find and install some other add-on that allows you to disable JS).

axn · 2014-02-07, 06:13

While I can appreciate the "easily accessible GUI" part of it, is going thru about:config > javascript.enabled that difficult?

retina · 2014-02-07, 10:11

Quote:

Originally Posted by cheesehead

You were complaining about FF not giving you the option to turn JS off.

NoScript offers you the choice to turn off JS (by selecting all the relevant disabling options).

Therefore, NoScript offers you a capability that you currently do not have. It is not useless.
If you want to turn JS off, it is also necessary (unless you find and install some other add-on that allows you to disable JS).

I can, and have, turned it off (Now. Again), but ...

Quote:

Originally Posted by axn

While I can appreciate the "easily accessible GUI" part of it, is going thru about:config > javascript.enabled that difficult?

... although not majorly difficult as such (once you know where you are supposed to look) there are two problems here.

1. It shouldn't have even been necessary for me to go searching and googling and general time wasting whatnot to find the hidden setting because I had already turned it off previously. And,
2. It shouldn't have even been necessary for me to go searching and googling and general time wasting whatnot to find the hidden setting because I had already turned it off previously.

Now, technically, I realise that they are the same point but it was such an important point that I thought it necessary to state twice.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
I'm rich AND on a government check.	jasong	jasong	18	2013-08-12 18:21
How does proper government manifest in regulation?	cheesehead	Soap Box	10	2011-04-17 02:29

2014-02-05, 17:35	#376
S485122 "Jacob" Sep 2006 Brussels, Belgium 2·3²·5·19 Posts	Reading fishing mails as plain text (which I do for all mails) makes the fishing attempt ludicrous. Sometimes, once I am sure the mail is legit, I switch to the formatted view to increase readability in one of those mails full of links or the even rarer mails where viewing the image(s) is necessary. Jacob

2014-02-06, 01:45	#379
Xyzzy "Mike" Aug 2002 10000000110101₂ Posts	When considering clicking a link in email, just copy the link to the buffer and paste it into a new tab. Then examine it to see if it is weird. We received an email recently from Target about how our account might be hacked and they were offering us credit monitoring service. But, the link to click looked fishy to us and we did not pursue it. We do not even remember shopping at Target. It was a really well done email and it might even be legit, but we practice "skeptical" computing.

2014-02-07, 06:13	#384
axn Jun 2003 1001111011111₂ Posts	While I can appreciate the "easily accessible GUI" part of it, is going thru about:config > javascript.enabled that difficult?