Comments on: Firefox hack can expose your Google account http://tech.blorge.com/Structure: /2007/11/18/firefox-hack-can-expose-your-google-account/ Technology news Sun, 22 Nov 2009 16:15:02 -0700 http://wordpress.org/?v=2.8.5 hourly 1 By: Giorgio Maone http://tech.blorge.com/Structure:/2007/11/18/firefox-hack-can-expose-your-google-account/comment-page-1/#comment-49978 Giorgio Maone Sun, 18 Nov 2007 21:51:44 +0000 http://tech.blorge.com/Structure: /2007/11/18/firefox-hack-can-expose-your-google-account/#comment-49978 "There is an easy fix if you install the NoScript Firefox extension, but this means that you’ll be running absolutely no scripts, making for a far more boring web browsing experience." This is incorrect and misleading, because NoScript protection against this bug is independent from JavaScript blocking, i.e. you can keep JavaScript enabled on sites where you need it and still be protected by NoScript against jar: attacks and other XSS exploits. See <a href="http://hackademix.net/2007/11/13/a-jar-of-misleading-advices/" rel="nofollow">A Jar of Misleading Advices</a> for more details. “There is an easy fix if you install the NoScript Firefox extension, but this means that you’ll be running absolutely no scripts, making for a far more boring web browsing experience.”

This is incorrect and misleading, because NoScript protection against this bug is independent from JavaScript blocking, i.e. you can keep JavaScript enabled on sites where you need it and still be protected by NoScript against jar: attacks and other XSS exploits.

See A Jar of Misleading Advices for more details.

]]>