[liberationtech] Meet the 'cowboy' in charge of the NSA

Jonathan Wilkes jancsika at yahoo.com
Mon Sep 9 13:53:06 PDT 2013 

On 09/09/2013 12:50 PM, Al Billings wrote:
> Have fun tilting that windmill, Mr. Quixote.
>
> Like it or not, to fully use websites at this point, you generally 
> need things like Javascript and CSS. The reason that most folks, even 
> security folks like the ones I work with, don't run with NoScript on 
> all the time is that it breaks the net as experienced.

That's why NoScript lets you whitelist certain sites.  If you're 
comfortable giving
some type of personally identifying credentials to log on to a secure 
site, then
maybe you're ok with letting that site shoot a turing complete language 
at your
browser.  On the other hand, maybe you're not, but if the site requires 
javascript
to be on for you to log in then it's a binary thing.  Let's call this 
the stark reality of
doing business over the web.

But for general _reading_ of content, I see no reason why javascript and 
third party
ads should be reaching the user's eyes by default.  The benefits of 
blocking are:
* user learns just how much third party junk websites typically try to 
shoot at them
* user learns just how inconsequential 95% of those scripts are to the 
experience
of displaying readable content
* user learns which news sites are the most aggressive about forcing 
third-party
content on the user (i.e., the ones that won't allow to read without 
javascript turned on)
* pages that do load the content load the content faster
* user learns how much cpu/electricity/etc. they are saving the moment 
they turn
on javascript to leave a comment and their laptop fan starts whirring 
crazily because
some crankhead cooked up the least efficient way in the world to display 
blocks of text

And with Adblock:
* user somehow feels less distracted when the blinking budweiser sign 
next to their
head is turned off.

Best,
Jonathan

>
> -- 
> Al Billings
> http://www.openbuddha.com
> http://makehacklearn.org
>
> On Monday, September 9, 2013 at 5:43 PM, Leif Ryge wrote:
>
>> Ok, well as long as we're talking about that FP javascript overlay: 
>> if you saw
>> it, that means you run JavaScript by default, which means you're 
>> vulnerable to
>> a larger number of the arbitrary-code-execution bugs in your web 
>> browser (of
>> which there are undoubtedly many more which are not yet fixed, given the
>> frequency with which new ones are discovered [1,2]). In my opinion, 
>> if you're
>> using Firefox, you should really be using NoScript. [3]
>
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20130909/a8256c53/attachment.html>

More information about the liberationtech mailing list