Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

NoScript Adds Subscriptions To Adblock Plus

Soulskill posted more than 5 years ago | from the countermeasures-and-counter-countermeasures dept.

Mozilla 408

hahiss writes "Apparently, NoScript has taken to adding its own whitelist updates to Adblock Plus — so that the ads on the NoScript page show up — without notifying users. (It is described on the NoScript addon page, however.) This was a part of the last update to NoScript. Wladimir Palant, the main developer of Adblock Plus, describes the situation in an informative blog post." Update — 5/02 at 12:30 GMT by SS: Reader spyrochaete notes that "InformAction, makers of the NoScript extension for Firefox, have removed the recently introduced AdBlock exceptions which unblocked the revenue-producing ads on the NoScript homepage with little or no warning to the user. According to the changelog, InformAction pushed out an update specifically addressing this controversial decision 'permanently and with no questions asked.'"

cancel ×

408 comments

Links are helpful (-1, Redundant)

ianweller (893579) | more than 5 years ago | (#27794439)

Maybe you should link to the "informative" blog post on Adblock Plus's blog.

Re:Links are helpful (0)

Anonymous Coward | more than 5 years ago | (#27794453)

That's what the link is.

Re:Links are helpful (-1)

ianweller (893579) | more than 5 years ago | (#27794467)

I am an idiot and thought the link belonged elsewhere. Mod me down.

Re:Links are helpful (0, Redundant)

telchine (719345) | more than 5 years ago | (#27794481)

I must admit I don't have much expertise in this area. I've never used either Adblock or Noscript.

However...

From what I can see, this issue will only affect you if you have both Noscript (adware) and AdBlock (adblocker) installed on your machine. Everyone else will be unaffected.

Surely if you give an extension permission to run on your machine then you accept the terms & conditions that come with it. In this case, it means receiving ads. If you are a bit naive then you'll likely have some kind of adware scanner installed on your machine, which presumably alerts you to NoScript's adware status when you install it.

It's not like this is a website here, it's a specific extension that you have to specifically install on your machine! Should you really expect AdBlock to block more than just ads on websites, are you supposed to expect it to block ads from adware that you've installed voluntarily on your own machine?

From what I can see, it seems that AdBlock have been investing a lot of time and money in an arms race with Noscript. perhaps they should just accept that adware is out of their juristiction and concentrate on improving their software which is focussed on blocking ads on web sites?

Re:Links are helpful (5, Informative)

derfy (172944) | more than 5 years ago | (#27794513)

First, noscript added code that disabled adblock plus if EasyList was used. Then, noscript auto-adds (no user prompting) an abp subscription whitelisting his sites. You cannot delete it (it readds upon FF restart), only disable it.

Re:Links are helpful (5, Insightful)

bignetbuy (1105123) | more than 5 years ago | (#27794877)

"I must admit I don't have much expertise in this area. I've never used either Adblock or Noscript."

You should have stopped right there.

Re:Links are helpful (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27795033)

Maybe he did what he really should have done: installed privoxy years ago.

Personally, I couldn't care less. (2)

Kotoku (1531373) | more than 5 years ago | (#27794441)

I only visit the site to update software, software they provide me free of charge, I'm not going to complain.

Re:Personally, I couldn't care less. (0, Troll)

Anonymous Coward | more than 5 years ago | (#27794491)

I'll repair your car for free, and as an added bonus I'm also going to change all of your saved radio stations, adjust your seats, replace your tires with a cheaper brand, and rape your lass.

I do it for free, so people aren't allowed to complain!

Re:Personally, I couldn't care less. (4, Funny)

rackserverdeals (1503561) | more than 5 years ago | (#27794523)

I'll repair your car for free, and as an added bonus I'm also going to change all of your saved radio stations, adjust your seats, replace your tires with a cheaper brand, and rape your lass.

I do it for free, so people aren't allowed to complain!

The parts in bold happen frequently in my experience. The part in italics happens frequently if you exchange "hit on" for "rape".

Re:Personally, I couldn't care less. (5, Insightful)

DigDuality (918867) | more than 5 years ago | (#27794505)

i'm not so much concerned about what money who makes from what as I am as extensions, without ample notification, acting as malware against other software/extensions i have installed in order to make a buck. I moved to linux long ago b/c i was tired of having to run scans once a week. I switch to FF b/c i prefered a more secure browser (made even more secure by extensions). Now basically, this guy, has managed to get malware in both firefox and linux. Seriously, total douchebag move.

Re:Personally, I couldn't care less. (5, Insightful)

mysidia (191772) | more than 5 years ago | (#27794817)

The bottom line is: don't install untrusted extensions.

It was always a risk.

By the way, you now know never to trust NoScript, and to warn anyone who tells you they're using it.

I would complain (4, Insightful)

carlzum (832868) | more than 5 years ago | (#27794777)

Sure you may not be bothered by some ads on their site, but it's a slippery slope they should avoid. Users place their trust in add-ons like AdPlus and NoScript when they allow a third party to filter content. They proved they're willing to cross the line for a few dollars in ad revenue. What would they do for a significant amount of money?

Really Smart (5, Insightful)

rackserverdeals (1503561) | more than 5 years ago | (#27794445)

Start a project that blocks ads that is funded by advertising on their website and donations.

Sounds real smart.

They have 3 AdSense ad units (the max) on their home page, a couple of small buttons and a set of sponsored links. The sponsored links also don't use the rel="nofollow" tag but I guess google doesn't penalize everyone for that or nobody has reported them.

Seriously, this is a business model that shoots itself in the foot.

Re:Really Smart (5, Informative)

Anonymous Coward | more than 5 years ago | (#27794591)

NoScript is not primarily an ad blocker. It manipulates AdBlock to allow ads on NoScript domains.

What happened: NoScript blocks scripts (which also catches some typical ad delivery scripts). NoScript exempts the domain of the NoScript authors from script blocking (bad). An AdBlock subscription list recently added entries to block ads on the NoScript domain. NoScript tried to evade that measure by manipulating the way AdBlock works. Now NoScript has changed again and only ads a visible exception subscription to the list of AdBlock subscriptions. This exception can not be removed, only deactivated, as it's added back in whenever Firefox starts.

As an extension author, I can sympathize with the NoScript authors: Firefox users are really stingy. Unless an extension is inherently intertwined with a business opportunity and not just a convenient stand-alone feature, working on a Firefox extension is a losing proposition, at least financially. However, an author should either accept that and find other motivations for continuing the work, try a transparent commercial approach or cut the extension loose. The dark side is big enough without Firefox extension authors joining it.

Re:Really Smart (2, Informative)

rackserverdeals (1503561) | more than 5 years ago | (#27794663)

NoScript is not primarily an ad blocker.

That may not have been its intention, but a lot of people are using it for that purpose since many forms of advertising are served up through JavaScript.

Even the advertising on NoScript's site is primarily JavaScript based.

From reading the blog, he didn't just whitelist his own domain, but also the domains where Google AdSense ads are served.

Personally, I don't see the big deal in blocking advertising. Most good sites aren't too in your face about it and it helps keep them running. I haven't run ABP in years because of it and I've found some of the ads to be useful.

The only issues seem to be in some NSFW advertising but since advertising tends to be based on the content of the site (either through contextual advertising such as AdSense or the webmaster's own good sense to put related ads on the site) NSFW ads tend to show up on NSFW sites which you shouldn't be surfing during work anyway. There are some exceptions but they seem to be infrequent.

Re:Really Smart (0, Troll)

mysidia (191772) | more than 5 years ago | (#27794875)

There's another side to this... displaying ads is a perfectly acceptable revenue model. Turning off scripting is perfectly acceptable, all browsers allow users to do this, NoScript just makes it more convenient.

Blocking scripts enhances security against drive-by downloaders and various types of malicious-code-related threats.

However, AdBlock is illegally manipulating the author's content to remove ads designed to produce revenue. It's not merely disabling features, it's changing the presentation of web pages.

In a sense, AdBlock is acting as malicious software, because it's altering the site author's message, without their permission.

NoScript is taking measures to manipulate AdBlock so the message is preserved.

They are taking measures so that their users are not effected by the malicious activity that the AdBlock software is performing.

They do have some other options.... they could force the user to sit through some advertising immediately after every NoScript install.

They could inform the user of an incompatibility, due to "Adblock's nefarious practices", and require AdBlock to be uninstalled, before NoScript can be utilized.

Or NoScript could actually monitor whitelist entries, and inform the user that "NoScript functionality will be disabled unless you whitelist our domain"

IOW, they could take more proactive measures, that will hurt AdBlock users in the long run, if adblock users continue to attempt to block their site's ads.

Re:Really Smart (5, Insightful)

Jafafa Hots (580169) | more than 5 years ago | (#27794939)

"However, AdBlock is illegally manipulating the author's content "

Citation please.

Re:Really Smart (4, Insightful)

UncleFluffy (164860) | more than 5 years ago | (#27794957)

In a sense, AdBlock is acting as malicious software, because it's altering the site author's message, without their permission.

In what sense? Adblock doesn't modify anything on the server - the content remains unchanged. Once the bits are on my machine, I can do anything I want with them without permission from the author as long as I don't republish the modified version.

Re:Really Smart (5, Insightful)

andymadigan (792996) | more than 5 years ago | (#27794975)

They're not modifying the content in any way, as the content is the source of the page, not the display. Rather, AdBlock changes the display of content based on the user's preferences. You are not required to watch TV on a color screen, and you are not required to view web pages with a browser capable of displaying ads. Web browsers apply plenty of rules to display a page, adblock merely extends those rules. It is not illegal at all.

If you want to make sure people are looking at your ads, come up with a mechanism that ensure they are, and make them leave if they aren't. I don't feel like come up with the mechanism now, but it could be as simple as having the JavaScript for the ad set a variable in page. If the variable isn't set when the page finishes loading, redirect them to another page that tells them to go away.

If I opened a page in links or another text-mode browser I wouldn't see ads either, are you saying those browsers are illegal? If a site doesn't want me there because I'm not looking at their ads, fine, I'll leave. The fact is that advertisers are too greedy, with ads that move, some that even play sound. Internet Advertising is killing itself with bullshit like that, and blaming it on AdBlock Plus is ridiculous. People want to be able to browse the web and read without being constantly distracted by a moving ad on the side, and without worrying that their speakers will suddenly start blasting because they navigated to a page that has a jackass advertiser on it.

If your response is "well not all ads do that, AdBlock should only block the bad ones" then consider advertisers brought the block on themselves by allowing those advertisers to exist. If they want to save their industry, they need to stand up and say that obnoxious ads shouldn't exist, and that they won't do business with anyone who displays them. That means that Google shouldn't show ads for a company that also has obnoxious ads (IBM is a good example). Until serious self-regulation occurs, ABP will keep getting more users.

Re:Really Smart (4, Insightful)

scdeimos (632778) | more than 5 years ago | (#27795045)

However, AdBlock is illegally manipulating the author's content to remove ads designed to produce revenue.

Bollocks. You must work in the advertising industry. Using your own logic it could be said that NoScript is "illegally" modifying the operation of a web site by disabling the scripting on it.

In reality, neither is illegal. Both practices (blocking script, blocking advertising) are users exercising control over their own computers and their own browsing experience.

Advertising on web pages can generate revenue for both the advertiser and the web page author, but they cost the viewers in terms of:

  1. money - because the ads have to be downloaded to end-users and that bandwidth has to be paid for, and
  2. time - because ads are generally garish and/or animated and so distract the viewers from their whole reason of being on the page: to read the actual content.

If advertising was subtle and all scripting was trustworthy then there would be no need to block either. Alas, that isn't the world that we live in.

Fight noscript.net with NoScript (2, Informative)

the_raptor (652941) | more than 5 years ago | (#27795011)

Just remove noscript.net and his other domains from NoScripts allow list and his own addon stops his Google adbars.

I am sure he will hard code around this in his next patch, that will be the point where I start adding firewall rules.

Does this shock anyone? (0)

Anonymous Coward | more than 5 years ago | (#27794449)

They need to make money too... Same as anyone else.

Re:Does this shock anyone? (5, Insightful)

Anonymous Brave Guy (457657) | more than 5 years ago | (#27794581)

  1. Most people sharing popular Firefox add-ons don't do it to make money.
  2. In any case, there is no excuse for modifying the behaviour of other software on a computer without the user's consent. There are words for that sort of behaviour, starting with "malware" and in many places ending in "illegal".

Re:Does this shock anyone? (-1, Troll)

x2A (858210) | more than 5 years ago | (#27794883)

"There are words for that sort of behaviour, starting with "malware" and in many places ending in "illegal"."

Wow... and I can't even think of one word that begins with 'malware' and ends with 'illegal'. But there are many you say?

Re:Does this shock anyone? (0)

Anonymous Coward | more than 5 years ago | (#27794927)

"malware is illegal" would fit his description fine.

Re:Does this shock anyone? (0)

x2A (858210) | more than 5 years ago | (#27794989)

Well that's more a sentence than a word.

Re:Does this shock anyone? (1)

artor3 (1344997) | more than 5 years ago | (#27795035)

I read the original post as "There are words for that sort of behaviour, [with that list of words] starting with "malware" and in many places ending in "illegal"." Makes perfect sense to me.

Duh it's the money stupid (-1, Troll)

phantomcircuit (938963) | more than 5 years ago | (#27794457)

Seriously how could you not expect someone who spent a huge amount of time and was making money off of his work to not do everything he could to continue making it?

Re:Duh it's the money stupid (1)

DigDuality (918867) | more than 5 years ago | (#27794813)

everything except... i don't know, follow the rules for Mozilla's Addon policy? Everything except act as malware?

this is like Little Snitch (4, Insightful)

Anonymous Coward | more than 5 years ago | (#27794463)

Little Snitch on the Mac, which helps you identify when apps 'phone home, itself 'phones home, and you can't block it using Little Snitch itself.

I like to call this the Communism trait, for the Party elite always manage to make themselves more equal than others.

(Moderators: this isn't an anti-communism or pro-capitalism post. An important part of growing up is knowing that ideals are merely the primary colours, and life requires a mixture.)

Re:this is like Little Snitch (0)

Anonymous Coward | more than 5 years ago | (#27794615)

Little Snitch on the Mac, which helps you identify when apps 'phone home, itself 'phones home, and you can't block it using Little Snitch itself.

Didn't work with any of my phone home applications, one used the DNS resolver in the OS to push a TXT record to a server to phone home and another used a non-TCP/UDP protocol over the Internet to phone home.

Timeline of events (4, Informative)

Anonymous Coward | more than 5 years ago | (#27794475)

When the Easylist filter was made for Adblock Plus, it generically blocked ads for many websites, with some specific rules for other sites. Giorgio Maone (creator of NoScript) relies to a certain extent on ad revenue on his websites, without which he may spend less time working on the extension. He made a workaround on the ad blocking, and though the filter could have been updated to counter this, no attempt was made to update it.

When Rick Petnel died, they needed a new maintainer for the filter. Ares2 continued where Rick left off. He decided to fix the workaround made on Giorgio's sites.

What then followed was a game of cat-and-mouse. Giorgio would attempt a new workariound, and Ares2 would attempt to block the ads. It reached the stage where large parts of Giorgio's sites weren't working due to false positives [informaction.com] .

Here, it seems clear that Ares2 has gone too far, and a compromise should have been reached. ABP and NoScript are a good pair when working together, though the people behind them have different philosophies. Unfortunately, things start to take a turn for the worse.

In an attempt to defend his site and ad revenue, he makes an update of NoScript to version 1.9.2. This version contains a file called MRD.js [adblockplus.org] , which adds a CSS stylesheet rule to his websites that overrides the filter, by adding -moz-binding: none after the filter has loaded, which the filter depends upon. Furthermore, the file is obfuscated to hide what it does. No warning is given to Firefox users of what the extension has added in this tit-for-tat battle.

When this addition started breaking users ABP installations, version 1.9.2.3 instead adds his websites to the ABP whitelist, calling it a "NoScript development support filterset" [noscript.net] . The user isn't informed of what this is, and isn't given a choice on whether to accept it.

At present, the filter has removed its false positives, though leaves the ad blocking in place. The NoScript behaviour still remains in the latest version.

Ares2 was overzealous in attempting to block ads, and shouldn't have made Giorgio have to make excessive changes to his site. But the larger concern is that while Easylist is a filterset, which can be removed and updated by the user, NoScript went further and started to modify existing extensions, executing code without user's consent or awareness, and acting in a way that resembled malware, to display ads on his websites.

Extensions can be great for giving people freedom to control how they view the web. But creators of extensions need to be careful in what they do with them, especially with those with a large user-base like Adblock Plus and NoScript. If not handled correctly, Firefox extensions could become the next vector of malware, and that would be a shame for all.

Re:Timeline of events (1, Insightful)

pete6677 (681676) | more than 5 years ago | (#27794535)

Abe Simpson, is that you?

Re:Timeline of events (0)

Anonymous Coward | more than 5 years ago | (#27794691)

It sure isn't Jasper or Old Jewish Man.

Re:Timeline of events (0)

Anonymous Coward | more than 5 years ago | (#27794547)

Nice, well thought out post.

I agree with the sentiment that NoScript has crossed a line at this point. But the truth is, what did the author of NoScript think was going to happen?

Re:Timeline of events (5, Insightful)

angrydotnerd (1377713) | more than 5 years ago | (#27794565)

NoScript has no business injecting itself into the AdblockPlus-addon. PERIOD!

Re:Timeline of events (1)

melikamp (631205) | more than 5 years ago | (#27794881)

Not without a nagger-box, at least.

Re:Timeline of events (-1, Flamebait)

Anonymous Coward | more than 5 years ago | (#27794977)

Well, AdblockPlus was injecting itself into NoScript first...

Re:Timeline of events (5, Informative)

derfy (172944) | more than 5 years ago | (#27794571)

I recall in an earlier version of noscript that had Giorgio's sites whitelisted, and you couldn't remove them from the UI. You had to edit the plugin files themselves. This isn't new behavior for him.

Re:Timeline of events (0, Flamebait)

mabhatter654 (561290) | more than 5 years ago | (#27794959)

what's the problem with that? It's his extension, are you really too much of a cheap bastard to reward him for his work. You said yourself you can see what sites he whitelisted so he's not hiding it.

I think the cross site ad thing has gone too far, but ads do pay for bandwidth, it's not really fair to surf sites like slashdot, that do a good job of keeping them to a minimum, and skip the ads. I think noscript serves a useful purpose in controlling your connections and scripts as well as diagnosing hacking attempt... ad block seems to be for cheapskates.

AdBlock "Plus" vs regular AdBlock (-1, Redundant)

IBitOBear (410965) | more than 5 years ago | (#27794771)

(If I recall correctly) When the AdBlock Plus guy started out, he started out by sealing the Adblock name and then spaming negative reviews (etc) at the original AdBlock until he got the original AdBlock guy to just quit out of disinterest having to mess with the scammer-like behavior. I am not at all surprised that now AdBlock Plus is titting-for-tat with someone else. It is Ego Ware after all. If it weren't he would never have tried to undermine the (simpler and better) AdBlock by gaming the reviews.

Of course that's just how I remember the whole thing. I never visit the AdBlock Plus page and I am deliberately blind to most ads anyway. Why would anybody ever need to go to the page anyway? I click the close-tab icon on add-in update pages the way I click buttions that say "Accept", qickly and with deliberate intent not to allow any of the content into my awareness. Both are after the fact, both add nothing to the software in question, and as a matter of policy I refuse to "come to a meeting of the mind" with anybody who attempts to compel or curtail my behavior.

Re:AdBlock "Plus" vs regular AdBlock (3, Insightful)

bignetbuy (1105123) | more than 5 years ago | (#27794911)

"(If I recall correctly)"
"Of course that's just how I remember the whole thing. I never visit the AdBlock Plus page and I am deliberately blind to most ads anyway."

So, your entire post was based on a guess? You don't have any direct experience with AdBlock either? Are you kidding me? Why are you posting again?

Re:AdBlock "Plus" vs regular AdBlock (1)

Tubal-Cain (1289912) | more than 5 years ago | (#27794915)

That was almost coherent...

Re:Timeline of events (0)

Anonymous Coward | more than 5 years ago | (#27794811)

Giorgio,is that you?

Re:Timeline of events (1)

Tubal-Cain (1289912) | more than 5 years ago | (#27794829)

...he makes an update of NoScript to version 1.9.2...

I don't know how it happened, but I am glad I missed any updates after 1.9.1.91. I think I'll stick with that for the time being, if I don't remove NoScript completely.

Its GPL licenced, someone should fork it. (5, Insightful)

ThomasHoward (925022) | more than 5 years ago | (#27794477)

It is a useful tool, it shouldn't be too hard to strip out all the dodgy code and host it on another site.

Re:Its GPL licenced, someone should fork it. (2, Interesting)

MrEricSir (398214) | more than 5 years ago | (#27794651)

I imagine the cost of doing this would be quite high, especially considering the constant updates to the extension.

Re:Its GPL licenced, someone should fork it. (5, Insightful)

thesolo (131008) | more than 5 years ago | (#27794907)

Has anyone pondered the fact that maybe the updates aren't really that frequent at all, and the developers just push out minor changes so that all updated users get a forced visit to their homepage when they reload Firefox?

Re:Its GPL licenced, someone should fork it. (5, Interesting)

bob whoops (808543) | more than 5 years ago | (#27794999)

Why does noscript need to be updated that often, if ever? What happens in these updates anyway? I honestly cannot tell the difference in functionality in noscript now and when I first downloaded it a few years ago. Someone should fork it, strip out the crap, and then never update it again (except security fixes, etc.)

Re:Its GPL licenced, someone should fork it. (4, Insightful)

bcrowell (177657) | more than 5 years ago | (#27794737)

It is a useful tool, it shouldn't be too hard to strip out all the dodgy code and host it on another site.

Yes, please. If someone will fork it, I will happily donate five bucks every year. What I will not do is run code on my machine that's obfuscated or that attempts to mess with things it shouldn't mess with.

I'd never understood why NoScript had to have such frequent updates. It seemed like several times a week, sometimes even more than once in a day. It was a nuisance, but I figured the author must just be working really hard. Now I have a sneaking suspicion that it was because the author was playing cat and mouse with adblock.

Why is this even a nontrivial software project? Don't run javascript unless it comes from a site that's on a whitelist. That doesn't seem like it should be a big deal.

Re:Its GPL licenced, someone should fork it. (4, Informative)

Stephen Parks (661470) | more than 5 years ago | (#27794935)

Why is this even a nontrivial software project?

Surrogates. The arms race is going on more than one front. From what I understand, on sites that use returns from ad-tracking scripts like google-analytics or yieldmanager to block access, NoScript has the ability to run surrogate scripts that give the appropriate return without the ad-tracking. This seems non-trivial.

However, now knowing how embroiled the author of NoScript is in getting his own ads viewed, users may lose their trust in his surrogate scripts.

Re:Its GPL licenced, someone should fork it. (1)

Chris Acheson (263308) | more than 5 years ago | (#27794945)

GNoScript?

Shhhh! (0, Offtopic)

TopSpin (753) | more than 5 years ago | (#27794487)

Don't talk about NoScript, damn it.

It's a nice little sekret that even many reasonably knowledgeable people don't know about and those who do don't want it popularized. I don't care if a couple adds show up on NoScript's site, particularly if that means it remains free and updates continue. Stop talking about it.

Thanks.

Re:Shhhh! (4, Insightful)

int2str (619733) | more than 5 years ago | (#27794519)

It's somehow okay now that an extension goes behind the users back and circumvents other plug-ins? Especially a plug-in that most users use presumably to protect themselves against malware and intrusive JavaScript driven ads?

I sure hope the community will step up and create a new open source plug-in that goes "back to the basics" (disable JavaScript per site + whitelist) and people ditch NoScript faster than you can say "WTF!"....

Apparently the NoScript developers (which is btw. the most obnoxious plug-in I currently have installed; re: updates...) heads have gotten a bit to big for their own good.

I can't wait to see the fallout from this one. Hopefully at the end NoScript in it's current form won't exist anymore!

Re:Shhhh! (-1, Offtopic)

Anonymous Coward | more than 5 years ago | (#27794635)

I am capable of bringing you to a state of freakstasy that no other man could ever bring you to. You can try to find this level of sexual satisfaction with some other man, but know that if you break from Smoove, I cannot guarantee that I will still be single when you realize that only I can satisfy all your senses. Then, you would be living in a cold, cruel, Smoove-less world, and I would not wish that upon you. You are too special to me.

Damn, girl, you need to take the rest of the day off so I can break you off doggy-style in my bathroom.

Ever since we met two weeks ago, I knew you were the one for me. Your style, your booty, and your class are beyond all compare. In a world populated with many fine women, you are without a doubt the most fine. Let Smoove take you out tonight or, if you are busy, tomorrow night to show you how I treat a lady as exceptional as you. Allow me to break it down:

First, I will pick you up from your house in a white limousine and take you to the finest dance club in the entire city. The people at this club will be attractive and the beats will be crazy. We will not be in the club for a minute before we get on the dance floor. Even though the other people will be good dancers, we will be the best. When you bump, I will bump. When you grind, I will grind. We will move together like twins who happen to like to freak.

When you have had your fill of dancing, I will take you by the hand and lead you to the most romantic corner of the entire club and sit you down on one of the plush, red-velvet couches. While you rest, Smoove will go the bar and purchase a drink for you. Before I bring it back to you, I will taste it, demanding finer gin should it fall short of my expectations for you. Also, I will ask for less ice so that your gin and tonic is not diluted.

While you sip your drink, I will stroke your hair and tell you such complimentary things as "You are like a fine statue carved out of brown marble," and "Your eyes are like pools of creamy Italian butter," and "You have beautiful shoes." You will know that I mean these things because they come from the heart, and the heart is always true.

At this point, we will go back to my place, where I will prepare a dinner specially suited for one as lovely as you. While I am cooking the meal, we will talk about your life, your hopes, and your dreams. At this point, I will unthaw a deluxe bag of jumbo shrimp for you to sample as the appetizer.

There will also be cocktail sauce.

Finally, my dinner of lobster, shipped to me that morning in only the coldest of ice from the finest lobster region in all of Maine, will be completed and placed on the table. Along with the lobster will not only be melted butter, but also side dishes. Some of them will be corn, peas, and baked potato. When the meal is over, we will have dessert and coffee.

At this point, you will be so turned on by this night of dancing and lobster that you will be dying to sex me wild. But instead of taking you to my bedroom to knock boots, I will build your desire even more. I will do this by leading you to my living room, where I will light a fire and hand-feed you the finest strawberries available. If you do not enjoy strawberries, I will have other types of berries at my disposal that can be fed to you in a sexy manner. Between bites, I will offer you sips of champagne in a glass made specifically to maximize your champagne-drinking pleasure.

As much as you want to, you will no longer be able to control your desire. Neither will I. This is when I will lead you to my polar-bear-skin rug so we can do it all night long. You will cry for more, and you shall receive it. I will hit it until you can take no more. Then, when you are 100 percent satisfied, I will stop. After that, I will kiss your belly button and tell you how beautiful you are until you fall asleep in my arms.

Damn.

In the morning, I will make you waffles that have chocolate chips embedded in them. There will coffee waiting for you, and there will also be a cup with cream and two sugars, just the way you like it, cooling on the breakfast bar. If you want toast, I will make it for you and offer you a staggering array of exotic French jams.

Through this display of caring and thoughtfulness, you will see that I am the one for you. We are like two slightly different colored beads on a single ancient necklace. We are so right together, it hurts to even speak your name when you are not around me. Do not doubt my words. Believe me when I say this to you. Smoove's love will rock your world.

Re:Shhhh! (0, Interesting)

Anonymous Coward | more than 5 years ago | (#27794659)

Apparently the NoScript developers (which is btw. the most obnoxious plug-in I currently have installed; re: updates...) heads have gotten a bit to big for their own good.

I can't wait to see the fallout from this one. Hopefully at the end NoScript in it's current form won't exist anymore!

Perhaps you shouldn't be cheering on a developer losing their income? Granted he went too far, but so did the new maintainer of Easylist.

And if the guy who made NoScript for free finds he can't make any money from it, maybe his next project will be proprietary, with a license fee.

Be careful what you wish for.

Re:Shhhh! (0)

Anonymous Coward | more than 5 years ago | (#27794725)

incessant updates are as viral as the sites are....
someone shoot this suffering horse.

Re:Shhhh! (5, Funny)

Anonymous Coward | more than 5 years ago | (#27794785)

Parent is correct; NoScript is EVIL. It will install malware, upload \My Pictures\ to a russian server and molest your children. The frequent updates the parent complains of are required to keep the NoScript's keylogger signature ahead of the anti-virus databases. NoScript was funded by Scientologists and developed by Sony. Users of NoScript are providing bandwidth to global botnets and have copies of all IM and email forwarded to the NSA.

STAY AWAY

Re:Shhhh! (4, Informative)

Tubal-Cain (1289912) | more than 5 years ago | (#27794853)

(which is btw. the most obnoxious plug-in I currently have installed; re: updates...)

Set noscript.firstRunRedirection to False and it won't open the homepage after every update.

Re:Shhhh! (1)

maxume (22995) | more than 5 years ago | (#27794705)

Look at the freaking homepage:

http://noscript.net/ [noscript.net]

It has been mentioned in Forbes and the New York Times. Anybody who wants to mess around dealing with blocking javascript already knows about it, no one else even cares.

That the author is apparently a bit of douche makes it even less interesting.

now the question is (0)

Anonymous Coward | more than 5 years ago | (#27794515)

what else does it do ?
trust once lost is rarely gained again
years ago people had dignity and having adverts on your site was seen as poor form, after all you just got people to your site and now you want to send them away to your competitors ?

i guess the lesson is advertising and the pursuit of advertising dollars is the biggest threat to your security, welcome to my firewall

I Would Have Allowed It (4, Insightful)

SpottedKuh (855161) | more than 5 years ago | (#27794533)

Like many Slashdot users, I run both NoScript and AdBlock Plus.

Had NoScript asked me if I wanted to whitelist adds on their site (in my AdBlock preferences) to support NoScript development, I would have happily clicked "Yes."

As it is, I've left the NoScript whitelist intact in my AdBlock preferences, because I do want to support their development (NoScript leaves a comment in the AdBlock preferences indicating that this whitelist can be disabled easily). That said, I would have been much happier had my permission been asked!

Re:I Would Have Allowed It (1)

stinerman (812158) | more than 5 years ago | (#27794699)

That's all great. More power to you.

However, I'm trying to think of the last time I've been to the NoScript site. I think the last time I was there was when I installed NoScript. Ever since then, Iceweasel has updated the program without ever going to the site.

Re:I Would Have Allowed It (5, Informative)

ahsile (187881) | more than 5 years ago | (#27794787)

Currently you can't actually delete the list, only disable it. If you delete the list, it will come back the next time you load firefox. I have actually tried this myself and it is very obnoxious.

I was looking on the noscript forums, and I did find this [informaction.com] :

On the other hand, I guess I'll have to work overnight to release 1.9.2.5 immediately: it prompts users beforehand (something I announced 10 minutes after 1.9.2.4's release), and also fixes the bug which allows the filterset only to be disabled, rather than removed. That's a genuine bug, but is being nonetheless singled out as a malicious behavior by Wladimir...

While I don't know if I believe this or not, it's at least the way it should have been from the start.

Stupid trick (3, Informative)

Pinckney (1098477) | more than 5 years ago | (#27794567)

It's a stupid trick, but the whitelist can be disabled easily. Go to Adblock preferences and disable the "NoScript Development Support" filter. It doesn't seem to re-enable the whitelist on restart. It may when it updates.

Re:Stupid trick (1)

AnalPerfume (1356177) | more than 5 years ago | (#27794891)

Thanks for pointing this out, I have since done it. I wonder if this trick will backfire on them. I wonder if the list reads like CSS, in that if you make a manual copy of the list and add it as a new filter below the NoScripts one, it will read your manual one AFTER theirs and disable even if they decide to re-enable after an update?

Sleazy and disgraceful (5, Insightful)

d_jedi (773213) | more than 5 years ago | (#27794609)

If I have ad blocking software installed, that means I don't want to see ads (unless I explicitly approve them).
If I have script blocking software installed, that means I don't want to run scripts (unless I explicitly approve them).

How difficult is that to understand?

I don't care if the Noscript developer relies on ads for revenue. If I have ad blocking software installed, I don't want to see ads, period.. that doesn't mean "except on noscript's site, of course!". If the Noscript developer doesn't like that, it's too fucking bad.

This behaviour is disgraceful, and Noscript should be blocked by Mozilla (is this possible? Or, at least, not hosted on their site..) because at this point, it's clearly malware.

Re:Sleazy and disgraceful (1)

hannson (1369413) | more than 5 years ago | (#27794971)

Cross-extension scripting anyone?

Is this a behavior that could be disabled with new security features in Firefox?

If a extension wants to modify/extend another extension it has to get permission first or something like that... meh... I'm pissed off

Re:Sleazy and disgraceful (1, Flamebait)

TinBromide (921574) | more than 5 years ago | (#27795053)

I run adblock with filterset and all that good stuff. But I'm going to play devils advocate here. Something about the tone of your post makes me feel like I need to ask this question: If you feel entitled to read someone's content, why do you feel entitled to read it without ads? While I agree that most flash/gif ads are obnoxious, they spent time creating the content and money on hosting it for your consumption, that's not exactly information wanting to be free.

I used to read a website where behind the banners, the author had a simple text graphic worked into the background with text along the lines of "If you can read this, you are hurting my ability to pay for the hosting of this site". Granted he ran punch the monkey type ads for the 10 minutes I white listed him, but it doesn't feel right to be able to be entitled to read everything on the net without ads.

I realize that ads can bring scams, drive by installs, monkey punching, and malicious behavior, and that should be blocked, but I don't see the problem that people have with the simple applied text based concept embodied by google ads (well, I won't when google steps up and removes scams and malware type ads from their advert list).

n/m (0, Offtopic)

windwalkr (883202) | more than 5 years ago | (#27794619)

Posting to remove moderation. Please ignore.

adblockers suck (-1, Troll)

bluefoxlucid (723572) | more than 5 years ago | (#27794621)

Ad Blockers suck, plain and simple.

We have pop-up blockers, so what did we get? Annoying flashy banner ads. Flash thingies that track us. Other nasty stuff all over the page, inserted between text, every 3 paragraphs, dozens of ads to a page. It's so utterly horrible.

So now what do we do? We block everything. Not just the annoyances, but anything that's "an ad." Everything from pop-ups to stupid flash things to a harmless link sitting in a div somewhere. It's an ad, it needs to die!

What message are we sending? We're sending the message that advertisers have to try harder to make money off of us. They need to either charge subscriptions per site, or they need to start breaking our filters. Sorry, it's not enough that you only have 3 ad boxes on a page, of fixed size, with just text, eating a few hundred bytes of bandwidth on page load, with no tiny embedded flash applets to track us down; you serve an ad, we block your revenue stream.

This is another implementation of The Great Socialism that is Welfare, socialized health care, socialized housing (where I live, if you have no job, they will automatically give you a house if you're really lucky-- it's strange, you pay like $100 a month and the government subsidizes the realtor $1000 a month). At some point, you get out of "public services" like schools and police, and you get to "The Government is supposed to do everything for you" and start taxing 100% over $x and redistributing so everyone can be middle class.

Ad Blockers are not analogous to "public services," they are directly analogous to worst-case socialism: we don't think advertisers have a right to make money, so we are going to take money away from them. This has a trickle-down economy effect: The advertisers are now poor, they don't have money (or desire, due to no impressions and no click-through) to pay the ad-supported ("Free") services you were using, and the "Free" services you were using now don't have any money. Those "Free" things you enjoy now have to close or start charging a door fee ("Subscription"). This means you are now directly poorer, by reduced capital (subscription fee) or reduced value service (access to a site/program).

You know all those economic theories are right though. There's no regulation here; we use an unregulated free market model, and that means the advertisers will use dirty, underhanded tricks like this to get around your thrashing and flailing with such ad blockers. When it becomes simpler and easier to appeal to reason and ship something less intrusive, they'll do that; otherwise they'll force ads down your throat in any way possible. This is basic economics on a level even Ronald Reagan could understand.

Re:adblockers suck (1)

gsgleason (1241794) | more than 5 years ago | (#27794649)

That's nice. Personally, I rather like my adblockers. I save bandwidth not downloading all those images, I save time in that it takes less time for a page to load, and everything is just...nicer. I disagree, though. I think it should be the user's choice as to whether they want to see ads or not, not yours, and not anyone else's.

Re:adblockers suck (1)

Achromatic1978 (916097) | more than 5 years ago | (#27794985)

That's fine. That's your choice. Here's a question: As long as it does not do so nefariously or maliciously, do you believe the site owner has a right to do whatever they can to prevent you viewing the site if you block ads? (Note, I'm not asking about the feasibility, and by malicious, I'm referring to temporarily or permanently damaging solutions, I'm talking about their 'right' to do so.)

Parent is a troll! (0, Offtopic)

mrraven (129238) | more than 5 years ago | (#27794767)

Mod accordingly.

Noscript (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27794623)

I have been using NoScript for a long time, and it proved to be a valid and good extension. However, as more and more sites move to Ajax based sites it is quite useless. What is the point of a little more security over total unusable websites. Now this extension is more of a nuisance than help. I disabled it about 6 month ago, and have not missed it. This report will make me uninstall it

Re:Noscript (1)

MrEricSir (398214) | more than 5 years ago | (#27794711)

Or another solution is to just avoid visiting websites you don't trust. It's kind of like only using bathrooms that are cleaned often.

Scum. (4, Insightful)

geekboy642 (799087) | more than 5 years ago | (#27794629)

NoScript will no longer be permitted on any of my computers, period. This is unacceptable behavior. If I'd payed for the addon, I'd be demanding a refund. As it is, all I can do is try to take back the favorable word-of-mouth I've been giving the author, and try to find a version without the invasive behavior.

Re:Scum. (5, Funny)

Anonymous Coward | more than 5 years ago | (#27794741)

Stick it to the man, Internet Tough Guy!

Re:Scum. (0)

Anonymous Coward | more than 5 years ago | (#27794865)

It's a bug, not a feature.

It's supposed to prompt you.

Also want a cookie for not permitting it on your computers?

This suddenly explains a lot (5, Insightful)

Mortimer82 (746766) | more than 5 years ago | (#27794637)

For some time now, I have been getting more and more annoyed with the regularity of NoScript updates, especially as it would ALWAYS open the home page after every update, this is after the nuisance of me already having been asked to restart Firefox for the addon update.

Now it makes sense, they clearly artificially make this happen just for adrevenue. The addon probably doesn't even need that many updates.

Anyway, even though I know I can change the option to not go to the homepage after each update, I am tired of having to restart Firefox once a week for software which is for the most part adware. I barely use noscript, except on 1 site, I'll wait for someone else to make an addon which doesn't piss me off, or simply tolerate the minor annoyance of that one site.

As for the real world security benefits of noscript, they are questionable at best. If a website codes itself so it needs javascript, one would likely turn on noscript, and then the website could run malicious code.

Re:This suddenly explains a lot (2)

ahsile (187881) | more than 5 years ago | (#27794701)

Where is said option. I looked in NoScript and was unable to find it. Maybe I've just had too many tonight though...

Re:This suddenly explains a lot (1)

rts008 (812749) | more than 5 years ago | (#27794801)

I've looked for it unsuccessfully also. I haven't had any tonight, so I don't think that is your problem.

I say we were lied to!

Re:Disabling NoScript Update Notificaions (5, Informative)

Drafell (1263712) | more than 5 years ago | (#27794937)

In the Firefox address bar, type : about:config

Scroll down to: noscript.firstRunRedirection

Right click this value, and 'toggle' it to false.

Due credit goes to posts at http://adblockplus.org/blog/attention-noscript-users [adblockplus.org]

Re:This suddenly explains a lot (1, Informative)

DoktorSeven (628331) | more than 5 years ago | (#27794723)

You have no right to complain about it opening its home page if you know how to disable it. It's beneficial because it describes any changes, like THE VERY ONE BEING COMPLAINED ABOUT IN THIS ARTICLE.

"Barely use" noscript? You "use" it every single time you go to a page, unless you're dumb enough to use it as a script blacklister instead of whitelisting as you should.

I've said it many times in the past, and I'll continue to say it: people that complain about NoScript don't understand how it works.

Yes, I'm a rabid NoScript fan and will defend this awesome piece of software to my death if need be.

Re:This suddenly explains a lot (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27794773)

Yes, I'm a rabid NoScript fan and will defend this awesome piece of software to my death if need be.

Then how about you and the other NoScript fans fork over a few bucks now and then to fund development so that the rest of us don't have to deal with him dicking around with ABP?

Hello? Can y'all read? (0)

Anonymous Coward | more than 5 years ago | (#27794657)

This modification was right there plain as day under the "more information" section when the latest update rolled around. I would expect most /. users would be smart enough to actually see what's being changed before updating something.

"Without notifying users" my ass.

P.S. Used "y'all" in the title, and my CAPTCHA is "redneck".

Did you see anyting on the install? (1)

gsgleason (1241794) | more than 5 years ago | (#27794681)

The changelog says:

" ABP users are informed both on the install and on the release notes pages, so they can easily disable the filterset if they whish to."

I saw no suck information on the install. I just removed and reinstalled NS, and while the subscription is added, I don't see where in the install the user is informed.

Automatic updates are just security-holes. (1, Interesting)

Anonymous Coward | more than 5 years ago | (#27794713)

People mostly look at me funny when I tell them I allways turn "automatic updates" off.

This story is, apart from the more known MS horror-updates, a good example why someone should not blindly accept them (and should never believe in software that changes quicker/gets updated more regular than some people clean their toilets).

Good thing (3, Insightful)

elashish14 (1302231) | more than 5 years ago | (#27794781)

This is an exact example of why it's so important for source code to be freely viewed. The OSS model works - this demonstrates why and how. When developers are motivated by the wrong sources and use unethical means for obtaining their ends, users can be made aware of their digressions. Good work by the Adblock team.

Trust, once betrayed, cannot be mended. (1)

Requiem18th (742389) | more than 5 years ago | (#27794789)

NoScript will never be installed in my computer never again, alas, it has been disable for most of it lifetime in my profile.

  I'd fork it if I actually cared for it, but still I invite people to down rate it in mozilla.org and uninstall it from their computers. In the FOSS world the only way to vote is with your feet.

Re:Trust, once betrayed, cannot be mended. (1)

brentonboy (1067468) | more than 5 years ago | (#27795009)

I invite people to down rate it in mozilla.org and uninstall it from their computers. In the FOSS world the only way to vote is with your feet.

Agreed. Also may I suggest giving it low ratings in the "trustworthiness" and "vendor reliability" categories of WOT and leaving a negative comment on the WOT noscript page [mywot.com] with a "Malicious Content" or other descriptive tag.

Ad Supported Ad blockers (2, Insightful)

basementman (1475159) | more than 5 years ago | (#27794861)

I find it incredibly ironic that two ad blockers are at war with each other over blocking ads that support their service. I hope this isn't a preview of what's to come if the use of ad blocking software becomes widespread.

Time for a fork? (0)

Anonymous Coward | more than 5 years ago | (#27794885)

While I appreciate the idea behind NoScript, the implementation has always bothered me, particularly with the fact that every time it pushes an update of the extension (and there are a lot of them...), when you restart Firefox it opens a focused tab to the extension's home page instantly.

At first I was only a tiny bit annoyed, but as they would do updates seemingly every other day, I started to get really irked. Eventually I wound up blocking access to their domain in my hosts file just to stop it. So they were already on my short list.

And now this. Fucking with someone else's plugin on purpose, particularly a well-known, respected plugin, is just a no-go, period. So maybe it's time that NoScript gets forked, by people slightly less dickish.

Indicative of more serious problem? (5, Interesting)

Redacted (1101591) | more than 5 years ago | (#27794889)

This highlights a security problem: if addons can affect/patch each other, how can you ensure the integrity of the browser?

Example: a malicious addon is released, and it takes some time before the malicious behaviour is discovered, and people delete the addon. But has it injected malicious code into other addons on the system? Now you have to remove all addons to be sure.

Is this outlandish or possible? Has Mozilla implemented any security against such an attack?

If they do this any more... (2, Insightful)

Evelas (1531407) | more than 5 years ago | (#27794923)

If NoScript screws with AdBlock any more, I'm just deleting it, AdBlock is the more valuable of the addons to me. I definitely don't like a developer screwing with someone else's addon, and then when it can't be deleted claims it's a "bug". No way it's a bug, just an undocumented feature.

Solution (I hope) (2, Interesting)

AnalPerfume (1356177) | more than 5 years ago | (#27794947)

Create a new filter with a copy of the NoScript developer filter, add it below the pre-installed one and make sure both are disabled. Hopefully then if it's re-enabled by an update your manual copy will still be disabled, nullifying the effect....assuming it's read like CSS from top to bottom.

Alternatively, look for another script control addon. Personally I've been getting rather pissed at the opening of new tabs on each update for a while now; not just NoScript either. Depending on whether my thinking will keep the block in place and how much longer I'm willing to accept the tab opening shit, I am close to removing it myself. There is YesScript and Controle De Scripts on the addon pages but I've not yet tried them.

It may help to let the NoScripts people know why their usage numbers are going down on their Mozilla addon feedback page. Perhaps if they see enough people are pissed off, it may change things.

bitch faggot linux shithead (-1, Troll)

Anonymous Coward | more than 5 years ago | (#27794991)

like sucking those dicks linux fag? take a big one up the ass? ubuntu 9 sucks more than any other os. suck on that faggot.

Entertaining... (1)

Elbis.Reverri (1544829) | more than 5 years ago | (#27794997)

Ad-blockers forcing the users into viewing the ads on their own sites, and blocking the competition ad-blockers.

If those are such useful extensions, maybe they should charge a buck or two per month and avoid all of this circus ?

There you go, so long and thanks for all the fish (1)

Pharago (1197161) | more than 5 years ago | (#27795051)

well, i ain't a noscript user no more, if the developer can't tell where the line is when building a trustworthy application, why should i pay the price?
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...