PSA: You probably don't need that extension

quindraco, 7 months ago

I’m deeply unfamiliar with Arkenfox, but does it really supercede NoScript? One of my primary uses for NoScript is bypassing soft paywalls.

NiaTheCat, 7 months ago

This is likely a very unpopular opinion, but I’m not a fan of the “only use uBlock origin” view that seems to be going around, yes using just that makes you less fingerprintable, but you’re also just giving yourself a single point of failure and giving full control of your privacy to whatever the uBlock Origin devs want to add or refuse to add, who are at the end of the day still only human and can make mistakes.

JubilantJaguar, 7 months ago

Agreed. Ideally, any such single point of failure needs to be under a distributed or accountable kind of control. Perhaps EFF could take over uBO, for example.

netchami, 7 months ago

Just use LibreWolf. It has everything already set up and it includes uBlock Origin by default.

blarp, 7 months ago

I used to use Librewolf but found it lagged behind Firefox too much when it came to security updates. But I agree with you that it does take the work out of configuring Firefox, which is convenient.

netchami, 7 months ago

The update schedule used to be pretty bad, but they have really improved. They usually release patches within 1-2 days, but recently, I’ve often seen them release an update on the same day. It’s not that bad, especially when you combine it with just general good security practices. Block known malware on DNS/firewall level, run your browser in a sandbox and just be cautious when clicking on links. Blocking JavaScript as much as possible also reduces attack surface. For high security stuff I just use Vanadium on my phone which is hardened Chromium by GrapheneOS.

hottari, 7 months ago

NoScript and Cookies Auto Delete are very much needed. uBlock’s JavaScript control is extremely basic and doesn’t toggle WebGL.

As for cookies, I only set them for sites I have accounts or ones that need to remember user data in Chromium. I personally don’t use CAD but I can certainly appreciate its convenience.

alynnetjes, 7 months ago

Any references you can give? I would like to research this a bit more.

free, 7 months ago

what if u keep them disabled and only enable when need them? i assume it’s OK. 🤷 sometimes u need other extensions.

Mikelius, 7 months ago

I personally prefer NoScript not for just the privacy stuff, but for the security of knowing that an accidental click to a malicious site using some zeroday JavaScript exploit won’t kick in like it would, had it not been default blocked.

My NoScript profile is also fairly populated with things I’ve trusted over the years, so it’s really only new websites that require JavaScript that I have to worry about.

Maybe just me being over cautious, but just keeps me at ease, personally.

Potatos_are_not_friends, 7 months ago

NoScript is fantastic.

As a web developer, I have to build tools for the SEO/ad team to turn my beautiful optimized sites to be ad-filled garbage. And frequently, that involves fetching data from third party sites that even I feel disgusted by, that can be easily blocked with NoScript.

taladar, 7 months ago

My personal view is that anyone who forks a browser is probably not experienced enough to know how much work it is to patch security holes in a timely manner in such a large code base.

Lemongrab, 7 months ago

Good thing arkenfox is not a FF fork and you still get the same updates from Firefox main.

war, 7 months ago

deleted_by_author

mintycactus, 7 months ago

Do you use Cookie Auto Delete to whitelist sites and delete evrything else?

war, 7 months ago

deleted_by_author

mintycactus, 7 months ago

Oh I see it in desktop version now, and mobile version do not has options to whitelist sites.

pewgar_seemsimandroid, 7 months ago

btw if you watch YouTube get sponsorblock

MigratingtoLemmy, 7 months ago

How exactly are my URLs going to be cleaned without ClearURLs?

My extensions are:

• UBlock Origin
• Dark Reader
• ClearURLs
• NoScript
• Multi-Account Containers
• Cookie Quick Manager (probably not required since I don’t deal much with cookies other than flushing them)
• LocalCDN

folak, 7 months ago

raw.githubusercontent.com/…/LegitimateURLShortene… add this to ublock origin

QuazarOmega, 7 months ago

The option in uBlock Origin should really be baked-in and more prominent IMO, also I think I had some issues with the shortener not working on, e.g. Amazon in the past, but things might be working fine now, idk

MigratingtoLemmy, 7 months ago

Funny how even when I toggle the “advanced user” option on, I still can’t see any interactive menu/console to work with individual scripts. This is what prompted me to install NoScript in the first place. Am I using an old version?

QuazarOmega, 7 months ago

Sorry, don’t know about that, I was talking about the ClearURLs replacement

finickydesert, 7 months ago

According to the wiki through ublock but I honestly don’t know how to do that

sub_ubi, 7 months ago

Is it possible to limit permissions for an extension to just a few domains? Most of them I’m using just for specific sites

Melco, 7 months ago

deleted_by_author

dampfnudel, 7 months ago (edited 7 months ago)

Cookie management is now handled by firefox natively. In your FF browser bar, go to about:preferences#privacy and choose Strict. Then you can remove AutoCookie Delete extension. If you want to know more, find the the Firefox blog posts about Total Cookie Protection. There are multiple posts on the topic.

Edit: If you want to be super intense, you can also check the box, “Delete cookies and site data when Firefox is closed” although that isn’t strictly necessary if your ETP is set to strict.

Nioxic, 7 months ago

I will add, Librewolf (a firefox fork) auto deletes cookies by default

Melco, 7 months ago

deleted_by_author

dampfnudel, 7 months ago

You gotta read the blog posts my dude. I’m not going to type it all out for you.

ExLisper, 7 months ago

It just says not everything is supported by those extensions. I use Cookie Auto Delete to log me out automatically out of youtube and stuff. Firefox alone can’t do that.

LoafyLemon, 7 months ago

It can. Just use the built-in containers.

ExLisper, 7 months ago

Nice, thanks.

AtHeartEngineer, 7 months ago

Multi account containers are super useful for managing multiple accounts though. Keeping work/personal/hobby stuff separate is awesome.

fnie, 7 months ago

I find the temporary containers extension essential. Set automatic mode and forget.

Sinnerman, 7 months ago

The link says that NoScript is "redundant with uBlock Origin"

I like NoScript because I can click on its icon on the toolbar, and easily select which scripts on a given page to whitelist, or which to whitelist temporarily (until browser quit.) And on any page, I can select which set of scripts (by domain name) on that page to run or whitelist.

With uBlock Origin, it's only "all script on the page" or "no scripts on the page", right?

dampfnudel, 7 months ago

With uBlock Origin, it’s only “all script on the page” or “no scripts on the page”, right?

nope. You should read the uBO wiki’s pages about medium mode and hard mode. You have pretty granular control if you’re using uBO in “I am an advanced user” mode.

Sinnerman, 7 months ago

Oh, thanks, I didn't realize that about advanced user mode, I'll look into it!

deranger, 7 months ago

Take a look at this documentation, it’s pretty good.

github.com/…/Dynamic-filtering:-quick-guide

PeachMan, 7 months ago

Ublock Origin allows that as well, but it’s not as easy as NoScript. So, IMO that’s a perfectly valid reason to prefer NoScript.

bobby_hill, 7 months ago

To add to the other fine points here, I almost exclusively do all my personal browsing on my phone. Arkenfox isn’t designed to work on Firefox mobile.

GammaGames, 7 months ago

Love when you install a boring extension on vscode and it has a telemetry setting…