Quote Originally Posted by 'Ifalna',index.php?page=Thread&postID=64389#post64 389
Use firefox and noscript for internet browsing,
Agreed.

Until recently, I foolishly thought Firefox alone would be enough to protect me from malicious websites, but then I heard of people getting their accounts ripped off even though they claimed to be secure. I've since added AdBlock and NoScript addons to ensure that my browser only downloads and runs what I tell it it can.

NoScript is pretty damn useful but it can be a bit annoying when you first start using it, as it'll be very spammy with warnings about javascript or flash on nearly every website you visit, but as time goes by and you allow/block sites it'll quieten down.

One example of how to use it:

Visit http://www.wowhead.com/ for example.
The Wowhead homepage will load up with a big message saying that "This site makes extensive use of JavaScript. Please enable JavaScript in your browser". JavaScript is probably already enabled but NoScript has prevented the scripts from running.
Then look at the notification bar that has popped up at the bottom of your browser window. Click the 'Options' button and a menu will pop up, with the following entries:

Allow wowhead.com
Temporarily allow wowhead.com
-
Allow google-analytics.com
Temporarily allow google-analytics.com
-
Allow quantserv.com
Temporarily allow quantserv.com

The key here is to allow only those script sources that are required for the wowhead site to function correctly, so I start by allowing wowhead.com. This is sufficient for wowhead to work fully, so I leave the other two script sources blocked. Google-analytics is probably trustworthy, but I would guess it's something to do with analysing web usage, which I don't really care about so it can stay blocked. No idea what quantserv.com does, so I leave that blocked too.

For most websites, you'll have to make similar decisions. Often you'll need to allow scripts coming from the website that you're actually visiting, but scripts from third parties are probably better left blocked.

NoScript also blocks Flash objects, so if you visit youtube for example, no videos will be displayed because they're delivered using Flash. You'd need to allow "youtube.com" and "ytimg.com" on the NoScript options menu for that site to work properly.

Using AdBlock alongside NoScript will block a lot of Flash ad's before NoScript even sees them, so it'll reduce the number of scripts/objects that you need to consider allowing or denying.

Hope this is useful.