Javascript Blockers
EssaysA safer web / Java Not Joe / Javascript / Tech Sunday9 Comments
Java is a delicious coffee. But I am not writing about this kind of Java. Disclosure: Those are organic espresso beans. Because I didn’t want to go out in search of actual Java coffee beans. Sorry. Call it a Java license. bwhahahahahahaha! That’s tech humor. ::::snort::::::
Not This Kind of Java. Photo by JSON
Java is also a programming language. You can create an application with Java. Here’s what Java.com has to say about Java:
Java is the foundation for virtually every type of networked application and is the global standard for developing and delivering embedded and mobile applications, games, Web-based content, and enterprise software. With more than 9 million developers worldwide, Java enables you to efficiently develop, deploy and use exciting applications and services.
Javascript is not the same thing as Java. I guess it’s just not as exciting as Java applications and services. Here’s the wikipedia entry for Javascript, and here’s part of what it says:
JavaScript is classified as a prototype-based scripting language with dynamic typing and first-class functions. This mix of features makes it a multi-paradigm language, supporting object-oriented,imperative, and functional programming styles.
Despite some naming, syntactic, and standard library similarities, JavaScript and Java are otherwise unrelated and have very different semantics. The syntax of JavaScript is actually derived from C, while the semantics and design are influenced by the Self and Scheme programming languages.
Javascript is heavily used on websites. And, it is used for good and for evil. This is why, a while back, there was some concern about the epub 3 standard allowing some limited javascript, and, indeed, it wasn’t long before someone demonstrated a proof of concept of Javascript behaving badly in an ebook. Because javascript can completely compromise a computer’s security and act as a vector for malware and, in fact, deliver malware directly to your unsuspecting computing device, there are browser plugins and add-ons and the like that disable javascript on a webpage. You can, with some work, entirely disable javascript in the browser. That should be nice and safe, right?
Yes. Yes, it should.
But then your browsing experience would be what we might call the opposite of browsing. Shopping online might become impossible. I was renewing support for an xml editor I like and the dropdown for selecting the State I live in was there, but clicking on it revealed …. no States. I reenabled javascript for that page and then it worked.
So, unless you are an advanced user, I wouldn’t recommend entirely disabling javascript in the browser. Though you certainly could. But you’d have to re-enable it every time you hit a website that won’t work without it. If there’s something you need to do at that site, you’d have no choice but to re-enable javascript.
There are plugins/add-ons that will help you control this a bit more finely. NoScript is a popular one for Mozilla users.
Here’s a link to a page that lists javascript blockers for Chrome.
There’s Javacript Blocker for Safari
My advice is to be patient when you start using javascript blocking functionality. You will spend some time white-listing sites that you know are safe or enabling various scripts until the page you’re at is functional enough for you to accomplish your task. And, you will land at some sites and be able to complete the purpose for your visit without seeing annoying, blinking ads. That is a win.
Do you use a Javascript blocker? If so, which one? If not, why not?
I actually wish there were no JavaScript blockers because people use them and then complain that sites are broken when they are not. Same with Ad blockers. I’m a former web programmer (html, css, JavaScript, php, and perl) and even I don’t use them because they would just make websites unusable. Besides, I’m on a Mac and JavaScript taking over my computer isn’t going to happen. :)
NoScript is the first extension I download after installing FF on a new computer (followed by EFF’s https extension). It’s nice not being bombarded by flashing ads on websites, especially when it’s the autoplay with sound. Hate those things.
@S. J. Pajonas: I agree that a Javascript blocker can make a website look broken when it’s not. However, malicious javascript is a real thing.
Personally, I’m leery of the belief that Mac OS is more secure. In the past, it’s been more “secure” chiefly because building malware for such a small segment of the OS world wasn’t worth it. That’s been changing over the years, and there is now malware targeted at Mac OS. So, that makes me nervous.
And, the benefit of something like NoScript is that you can build a whitelist of sites. It’s dangerous, in my opinion, to assume that any given site is safe. It might be, but Jane Surfer doesn’t know that the first time she comes to the that site. Bad actors mean that all the good developers of safe(r) websites must take into account that their site visitors are likely to be very wary and come with protection that affects site functionality. So, you build in notices like “We see you have javascript disabled. Certain parts of our site won’t work well without it.”
@AngP:
Autoplay of sound or video is flat out evil. ;-)
I use NoScript on my Linux laptop, as I’ve mentioned before, and admit that starting from scratch is a real pain. In fact, I haven’t bothered putting it on my husband’s computer because he just doesn’t have the patience to work through each website and decide what to allow.
Having said that, however, I go nowhere without NoScript, Ghostery and Web of Trust. DA and SBTB are whitelisted with all blockers because experience has shown they’re safe and I want them to derive any income they can from ads. Plus, I’m here all the time; whitelisting is the only thing that makes sense. Same for Amazon.
Some sites, such as TV Guide, I’ve had to pause all blocking in order to see the program schedule, for example. Their content is completely tied up with advertising, tracking and cookies, which comes down to balancing what I want to see with how safe I feel. For the rest, it’s just a matter of paying attention, using the “allow temporarily” settings for new sites judiciously.
More than the annoying ads, though, is the clickbait and other hidden malware. Because of an incident on a site that should have been totally safe and locked down (in theory, I know, but I’m still angry), I assume every website is out to get me until they prove otherwise.
@Darlynne:
::::I assume every website is out to get me until they prove otherwise.::::
Yes. Sad, but true. It’s a wise frame of mind.
I’ve been on Macs for almost 20 years and have yet to get hacked or a get a virus. I don’t even buy virus protection software! I think this comes down to being a smart surfer. I’m not prone to clicking on ads or falling for spam mail which is where a lot of malicious code comes from. Granted, Jane Surfer is probably going to fall for those things and NoScript COULD help her, but most likely would just annoy the heck out of her first. Really a better use of time and resources would be to educating these people but you know that isn’t going to happen :)
I started using flash blockers, script blockers and adblockers when I was still on dialup so I could actually get pages to load in a reasonable amount of time. Some sites I whitelist with any or all of the blockers, but as was said autoplay of audio or video is not nice. I open numerous pages in a new tab and then read my new tabs when I’m done with the current one. If auto play is active, then by the time I get to the new tab, my story is long gone.
I also use the Web of Trust add on and I use a good firewall. Occasionally, I will get a very small malware but between my blockers, good info, careful site selection and a virus protector, I’ve been “lucky”
Hello All, a little late to the party but I had marked this to follow up on on ye olde Macbook Air. I’m running Safari and just downloaded the recommended javascript blocker for Safari and now…well, I can’t figure out how to use the darned thing. The older version had a user guide, but the new JS Blocker 5, which is recommended, doesn’t seem to. Before I write to the developer saying HELP I wonder if anyone knows where the user guide is, or has experience with this new version?
What would be most helpful right now, I think, would be an answer to the question: what’s a basic starting set-up for this extension?