The latter has filters to block trackers and fingerprinting scripts.

Originally, I installed NoScript to follow the principle of least privillege and only allow the minimum set of permissions for domains that they require.

At first, it wasn’t a problem at all because I don’t visit that much websites, but occasionally I’ll have to visit some fedi links and it does require giving permissions often.

It’s just a good practice I picked up from the days of hardening my Linux system. Sometimes, though, I feel annoyed like in the case described above.

So, does it make any sense to keep using NoScript if my threat model doesn’t include dedicated attackers, who would target me precisely with custom-made scripts?

  • Eccitaze@yiffit.net
    link
    fedilink
    English
    arrow-up
    3
    ·
    1 year ago

    I keep NoScript around because there’s been a few times where I clicked a bad link and NoScript blocking JS by default has saved my bacon. Plus, a lot of services like twitch serve ads through separate domains that I can block from running entirely with NoScript–the entire time people were complaining about Twitch trying to bypass adblockers, I never once saw a single ad.