Search Mailing List Archives
[liberationtech] Meet the 'cowboy' in charge of the NSA
albill at openbuddha.com
Tue Sep 10 08:01:34 PDT 2013
Clearly not a battle I'm going to "win" in any sense with this audience but, really, the current Internet (for many many reasons) is pretty broken in places (and I don't just mean Facebook) when you turn off JS. We talk about this at work a lot and even amongst my peers with NoScript installed, most people find it more trouble than it is worth, and these are security professionals. I know many here probably would say these folks are stupid but given that these folks are also the security team for a major browser, I would say that if they find it too broken, most normal folks are not going to touch it.
Anecdotal data is, of course, anecdotal. :-)
I deal with JS issues largely by running the nightly build of my browser but then I am also aware of the unfixed vulns in it that are being worked on so my experience isn't normal either.
On Tuesday, September 10, 2013 at 4:55 PM, Joseph Lorenzo Hall wrote:
> On 9/9/13 2:55 PM, Al Billings wrote:
> > I suggest your use of the net is well outside the mainstream, even
> > amongst security folks. Some of us actually use social networking, for
> > example, or don't want ugly, half broken websites simply because we fear
> Hi Al, big fan. I use FF with NoScript and Request Policy both
> configured to block by default... and open links in session-only Chrome
> when I need something that requires that stuff. Not ideal, but it works
> for me and it's certainly not about JS zero-days.
> Anyway, I'm definitely the only one I know that surfs like that... but I
> suspect there are even wilder set-ups represented on this list in
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the liberationtech