I don’t do as much web surfing as I once did on my laptop (Apple), but I do some.
I used to think that the NoScript add on was an important part of basic internet security. But it’s incredibly inconvenient these days; sometimes forms and entire sites don’t work, and I have to temporarily whitelist a bunch of servers, and sometimes even after they’re all whitelisted, it STILL doesn’t work. And I’ve heard stuff that makes me question whether it’s really necessary these days.
Does having NoScript offer a significant amount of internet security protection these days? Or could I turn it off and not see a significant difference in my general risk level (assuming all other measures stay the same, of course)?
Install uBlock Origin and Privacy Badger. Get rid of NoScript. It’s useless if you’re just going to whitelist things as you come across them anyway.
I still use Noscript, and I think it’s great. Unknown domains are blocked automatically. In other contexts, it was also pretty useful for detecting yandex SEO hackers infiltrating a website I used to oversee.
I do also like seeing what nonsense crops up and managing my own privacy. If you’re disinterested in that and want an automatic experience, I suspect the post above me has the length of it. But for me, this remains the way to go. I like to stay abreast of this sort of thing.
But with all the improvements in adblocking to block trackers and malware scripts, browser fixes for clickjacking, badsite lists, popup/under bllocking, and so on, I no longer think NoScript is worth it. Just get uBlock Origin and enable the protection stuff, and make sure you use the security settings in your browser–in Chrome, the medium option is fine.
There was perhaps a case to be made back when dynamic pages were a pretty new thing, and there were usually fallbacks available. Allowlisting wasn’t a huge deal and maybe there was some value in just blocking everything by default. But it’s been a pretty long time since that was true. And at most it would have only caught a pretty narrow slice of vulnerabilities. Image parsing errors and the like were always more serious, IMO.
In the limited time I actually used NoScript, one of the biggest annoyances is that it applied a low level of brokenness to everything. “Responsible” developers that used JS for simple form checking, etc. were blocked too, but as a user I just found that buttons would stop working, or I couldn’t fill in certain fields, etc. Was it a crappy broken web page or was NoScript interfering? Often the latter, but hard to tell.
Then I had to give up on FF, and there wasn’t a NS version for IE or Edge.
Do you mean “uninterested”? That would seem to make more sense than “disinterested”.
Pick the version that best says, “expressing a lack of interest,” to you, and roll with on with your bad semantic self. I’m easy.