Reviews for NoScript Security Suite
NoScript Security Suite by Giorgio Maone
115 reviews
- Rated 2 out of 5by Firefox user 13515039, 7 years agoIn its current state, it is barely serviceable. It is still better than nothing, I know, because when I disabled it I started getting hijacked by rogue webpage scripts again. But it has alot of catching up to do to be as pleasing as the pre-Quantum version.
That annoying, user unfriendly popup window really has to go. The previous version had a more discreet and tolerable messaging UI at the bottom of the screen. Now it is in popup window format at the top of the page, in your face to annoy you very quickly.
And a suggestion of a much needed feature. An option dedicated to automatically allowing Facebook scripts. Since nearly every website now days has scripts for Facebook, it is getting tiresome to have to allow Facebook with nearly every website I visit. - Rated 2 out of 5by Roelof, 7 years agoThe addon doesn't save trusted, untrusted and custom entries. Maybe the plugin stores information in non-persistent storage (which is cleared with any privacy-aware configuration).
This makes the plugin unusable, as re-allowing all services every single time is way more time consuming than just blocking scripts alltogether.
And even if you manage to save settings, they're not synched, so users who use two or more devices need to re-apply settings every time, on every. single. device.
The old version worked a whole lot better, it's a shame this level of quaity has not yet been achieved on the new WebExtension version. - Rated 2 out of 5by Firefox user 13577838, 7 years agoThe latest extension for Firefox Quantum is a real PITA because whitelisted sites are not saved, so they have to be recreated every time FF restarts. Extremely annoying and time consuming.
- Rated 2 out of 5by Firefox user 13576248, 7 years agoThis crap does not remember settings, it loads default settings everytime I start firefox..
- Rated 2 out of 5by Firefox user 13565802, 7 years agoBefore latest Firefox update, I would have given this add-on a 5. The current version has left me disappointed.
- Rated 2 out of 5by Firefox user 13372577, 7 years agoIt does work (more or less) so I cannot justify a 1-star rating. But like others have said, this is not the NoScript we knew and loved. And while I know there is a temptation to just blame Firefox57 for old addons no longer working well, the truth is that we cannot blame Firefox57 for the dreadful new interface that NoScript has, nor for the buggy way it works (forgetting your settings, for example).
I don't want to be overly harsh here. For many years this developer has given us a fantastic product that millions of us found "essential". For that he must be commended. However, the new NoScript no longer has a place in my little "arsenal of defence". I've moved on.
If anyone is interested in alternatives, I find uBlock Origin is enough for my needs, provided the "I'm an advanced user" option is checked off and third party scripts / frames are globally blocked ("medium blocking mode", as per the author). If you want more power, there is uMatrix - still not a 100% replacement for NoScript but good enough for the vast majority of people. - Rated 2 out of 5by Firefox user 13560145, 7 years agoHad better experiences with NoScript years ago. The new version with the current Firefox is bad. It forgets settings and is buggy. I'am using ScriptSafe now. It's the same as under chrome. This addon works fine.
- Rated 2 out of 5by Firefox user 13559767, 7 years ago
- Rated 2 out of 5by Anonymous, 7 years agoThe new version has to be fixed full stop. The UI did not need to be fixed. And now the app does not remember settings on some sites. I'm thinking about uninstalling this until it is back up to its previous quality.
- Rated 2 out of 5by Firefox user 13557273, 7 years agoIn its current state it is absolutly not functional and productive. I liked the older interface a lot more.
- Rated 2 out of 5by Firefox user 13556987, 7 years agoJust joined on here to give my view.
I've used NoScript continually since its inception and thinking back there were a few hiccups early days which over time got ironed out, I think it will be the same with this version.
There were lots of folk ranting when it couldn't be used on the new Firefox, some demanding that something be done instantly, which was obviously impossible.
Giorgio obviously got on with this version and possibly rushed both building it and putting it out, these things happen.
However, buggy though it is, it is useable and as with all similar programs when many folk start using them bugs surface, the bugs are a PITA but hopefully, with time, will be resolved.
Lets not forget, that thanks to Giorgio's time and effort over the years, many thousands of surfers, me included, have been protected from who knows what was lurking behind some scripts.
Why not cut him a little slack, even such as the mighty Microsoft, Google, Apple and such others put out buggy stuff and that's with their thousands of programmers and millions of pounds!
So why have I given it two ( for the time being ) stars.
Mainly due to two things.
One, to me very important, there not being available, from the day it came out, any decent instructions in layman's terms, as to how to use it, I'm reasonably computer savvy and can normally get my head around most things, eventually, but this had me going spare, marking sites as trusted then having them revert to untrusted after shutting down and re-starting was a real pain, until I discovered only this morning, whilst reading these revues, that a simple click of the little clock solved this problem, thanks to those who mentioned it.
The second reason was because of the initial buggy nature of the first release.
Will I continue using it, of course.
Why, simply because, even as it is, I can't find another program that is as good as this one and going by past experience it will settle down.
Thanks Giorgio - Rated 2 out of 5by Firefox user 13556524, 7 years agoThere is a problem with the settings. Every time I close Firefox , the settings of what sites are trusted is lost. Every time I start Firefox, I have to configure each page all over again. This is very annoying.
- Rated 2 out of 5by Firefox user 13555681, 7 years ago
- Rated 2 out of 5by Firefox user 13553842, 7 years agoGeorgio wrote:
> Unfortunately I cannot do the impossible (recreating legacy NoScript on the new, much more limiting WebExtension platform)
> just because "people" ask for the impossible. And I've the duty to provide the best security NoScript
BUT maybe it is not so much about recreating the old thing, than understanding what the problem with the new thing is. First you need to accept that the current approach is simply not intuitive. As a dev (I am one myself, so I had this problem myself) its hard to understand when that happens, because for you its as familiar as a part of your body, but it is obviously a mistery for everbody else.
Also, about your "duty": Its true what you said, but: if many people now dont use NoScript at all, because they do not get it anymore, you decreased web security by a lot.
So:
- Simpler is better. Simpler might be less safer, but if the alternative is not using it at all, it's still better. Way better.
- get rid of the slider. It looks mhm good(?), but its not recognizable as one.
- there is way to much clickable stuff, one does not get what is a button, what a link and whatnot...
- make it simpler: hide everything exept: domain name, status icon and -depending on the status- two buttons for each entry.
- clear design, dont change font size and font color at any time
- No xss-popups. In fact, never, ever use popups.
Instead:
- a simple list of domains like before, each with a status icon in front of it: your blue "S", for allowed, same with a little clock for temporarily allowd, red crossed "S" for disallowed
- depending on the current status of an entry, two buttons:
- if currently allowed: "disallow" and "temp. disallow"
- if currently disallowed: "allow" and "temp. allow"
- these buttons need to be different than the status icon. I would use red X and green hook/check, each with and without a little clock.
- dont make anything but the buttons clickable! not the text, not the status icon.
Thats it.
You can add a (clearly seperated from the other buttons, clearly different graphic) button behind each list entry to hide all the detailed settings, for the expert. Everybody else gets the simple list.
At the very buttom of the list go -clearly separated - three entries: "temp allow all" and "save permissions for this site" and "deactivate noscript".
No problem to do that in html. And believe me, people will love you again. :)
If you would like me to make a mockup of what Ive just desrcibed, just say so and tell me where to send it.
And btw.: You dont owe us anything. People have no right being rude to you about something you gave us for free. But maybe see their ill-advised passion as a testament to how important NoScript is to us. That is something I think, even if you must hate the internet right now.
I thank you for the old NoScript and that it helped increase my security. But I won't use the current one. So I would thank you again if you make it simple and easy to use again. - Rated 2 out of 5by Firefox user 13552862, 7 years agoUsed to be good before they recently broke it with confusing and to some extent buggy UI. Tried to wait it out, but it's starting to really get on my nerves so for now I'll disable it and find an alternative. Even had to disable it to write this review, since the alternative seems to be to allow more or less known scripts (permanently?) until I happen to stumble upon the right one.
I really wish they'd just leave NoScript the way it was and make this experimental version a NoScript 2 Alpha/Beta or something like that instead. - Rated 2 out of 5by Firefox user 13551624, 7 years agoIt is a real pitty that you do not seem to want to listen to the incredible ammount of people who are trying to tell you that you messed this up.
If 90% of the people dont understand the new UI, its not the people, its the UI. For example the list is too large, and without an explaination you cant tell the status of an entry. And if -by accident- you manage to click what was "allow" before you have no idea if its temparily allowed or permanently.
I gave this addon another try today and now I get at least one XSS warning popup every 30 seconds. I mean popups? Really? Reminds me of the old personal firewall days, when you got so much warningsall the time, that after a while you just allwed everything just to be left in peace. Popups are a bad, bad, bad idea.
Please recreate the old look and feel and behaviour!
And I get from your comments that you cant do that exactly, but I dont see a reason why one could not try to recreate that as close as possible. Even if it does not look fancy and colorful like now. Because belive it or not, that is obviously not what people care about.Developer response
posted 7 years ago"I dont see a reason why one could not try to recreate that as close as possible".
*This* is as close as possible a WebExtension can go, and I've done and I'm doing my best to compensate the unavoidable loss in usability (due to the fact WebExtensions UI are just HTML web pages) with more customizability, and at the same time to provide feature parity security-wise. If people want the old version as it was, with the floating hovering menu and the "Allow / Temporarily allow / Forbid" commands (which, BTW, functionally map one-by-one with the new TRUSTED/UNTRUSTED paradigm), they can use Firefox 52 ESR or the Tor Browser as long as they're supported: on Firefox 57 this stuff is just out of reach for add-ons.
Unfortunately I cannot do the impossible (recreating legacy NoScript on the new, much more limiting WebExtension platform) just because "people" ask for the impossible. And I've the duty to provide the best security NoScript can provide to people which actually rely on it, even for their physical safety (and no, uMatrix / uBlock / ScriptSafe & C. are not up to the task, simply because they've got a completely different scope). - Rated 2 out of 5by Firefox user 13551289, 7 years agoOk, I just got the update and have to say I really hate the new version and am considering dumping it completely. There are a lot of reasons why.
Under the old version, when you visit a new website, it shows a popup saying that scripts are disabled and giving you a quick option to temporarily or permanently enable scripts for just that website. Under the new version, you don't even know if the scripts are blocked, and if the website is malfunctioning because it needs its scripts, or what.
Also, the new UI really sucks. Everything is all icons now and I don't have a clue what any of them do. Am I allowing scripts or blocking them? Am I permanently allowing them or just temporarily? You could at least give us the option to go back to the classic interface.
I've also noticed that for every single website I go to, I have to tell it not to allow XSS from that website to facebook.com. It's really annoying. There is no option to just say, don't allow XSS from anywhere to facebook.com. Under the old version, it only gave me an XSS warning for a certain few websites which I could then do an unsafe reload. Now it's like there's cross-scripts everywhere.
Ok so maybe a useful feature would be to allow for example facebook.com (seems to be the main offender here) when I'm ON facebook.com, but disable it when any other website tries to cross-script to it.
Anyway to sum it up, the new version nags me incessantly and isn't clear enough about what's going on for me to figure out how to allow the scripts I want and block the ones I don't. Please go back to the old version.Developer response
posted 7 years ago1) The UI shows you all the domains that are trying to run active content, just like before, but more compact. You can allow them individually (by assigning the TRUSTED preset), leave them not running (DEFAULT), blacklisting (UNTRUSTED) or even assign CUSTOM permissions. Not just that, but better than before if you can modify each preset on the fly and even see the minimum permissions needed for the site to work (they've got a pink background).
2) To assign the TRUSTED preset temporarily, you just click it once. To make it permanent, you click the clock icon and make it fade away (temporary->permanent).
3) The XSS filter now has a "Always block requests from a.com to b.com" option, that you can use exactly the way you say you want. - Rated 2 out of 5by Almair, 7 years agoUgly interface. Not usable.
Return old interface, please... :(Developer response
posted 7 years agoThe UI cannot be the same as before because WebExtensions are limited to a handful of customization entries, all HTML-based. But with some constructive feedback we can make it even better than before (it's already more customizable). Please visit https://noscript.net/forum with your ideas, thanks. - Rated 2 out of 5by Firefox user 13462509, 7 years agoStill quite buggy... time to find a replacement, sadly. Thanks for all the script blocking to this point.
- Rated 2 out of 5by Firefox user 13549703, 7 years agoSo I load a page and the addon button shows a tiny "3", but lists only one domain. I allow all from that domain, reload and the page still doesn't work. How do I see the other 2 domains?!
Then I try the NoScript settings only to find that:
- it by default allows scripts from a bunch of sites that I don't trust,
- there is no way to auto-block all the domains in that list,
- all the old settings are gone .. can't find them anywhere.
Uninstalled.. fortunately, it still works in a slightly older version of FF.
Rating 2 based on the average experience. - Rated 2 out of 5by Firefox user 13537226, 7 years agoSu Firefox Quantum ha perso molte delle sue caratteristiche e delle possibilità di configurazione. Ora si limita a disattivare gli script con la possibilità di inserire i siti in una white list. Un po quello che faceva l'estensione NOscript.
- Rated 2 out of 5by Firefox user 13548373, 7 years agoThis used to be my go-to script blocker and it was fantastic. With the latest update though to make it work for the new Firefox, everything is upside down and it's more or less unusable in its current state. The addon's menu keeps bugging out and cant decide whether to be a dropdown like before or a standalone window. Furthermore I can no longer easily whitelist entire pages except for temporarily which is rather tedious for sites I visit alot. That it also refuses to save my settings for a specific site (where I have taken the time to click which parts of it I want to trust and which not) just makes the experience more frustrating.
Please return this addon to its former look and functionality, it was much much better. - Rated 2 out of 5by Firefox user 13547390, 7 years agoUnable to use the newer addon now. Doesn't work now. I'm currently using the 10.1.3 version now but can't get the web browser to work until the addon is disabled again. If the pages are marked to allow access, evetually they get to a state to show allowed but shown in red text. If you toggle not allow allow it doesnt get back to a usable state. I can't even search google now, with page allowed, it doesn't let you select any items returned from a search. Please sort the issue because this is the best software to do the job of blocking items. We appreciate your work, but 2 stars to show it is really busted with the newer firefox version
- Rated 2 out of 5by Firefox user 13547357, 7 years agoWhat a shame! This new UI is horrible.
I can´t get some web-pages to work and looking at the new version, it´s anything but self-explanatory.
Is the protection ON or OFF?!" I don´t know....
Please, update the UI to the older one!