I got now Noscript addon for mozilla because I got paranoid over viruses and my computer tech guy friend recommended it, now I*m kind of confused about what I did just do .-. What exactly does preventing scrips do?

Java? Something to do with coffee.

Well, ok, it does seem to block other scrips too :P But virus was something to do with java script...*shrugs*

Anyway, so what do scrips on sites do? .-.

Javascripts are often used for interactive media, e.g. search functions, logging in/out, videos, buttons, and games. As far as I can tell. I don't know what scripts actually are or what else they're used for, though.

In a nutshell, JavaScript is small snippets of code inside the webpage that can modify the page in various ways, access other websites and other such things. Mostly, it's used for good these days; Google Maps, Facebook and a bunch of others wouldn't work properly without it. But there are ways to write malicious JavaScript snippets that can do things like redirect you to sites with viruses on them.

Older versions of IE have it even worse; they allow usage of Visual Basic scripts, which can access Windows COM objects (including parts of Windows itself, like the Windows Shell) and cause all kinds of trouble. No one uses them much anymore because they only work in IE (though Active Server Pages written in VB or C# are still common, since they output normal HTML like any other active page), and they're something of a relic of the time when the only other choice was Netscape 4 (which was even worse still).

This is the addon I got now, what exactly are "clickjacking attacks" and such?

Clickjacking, as far as I can tell, is a kind of click fraud where you click on one ad and a competitor redirects it to their ad using shenanigans.

Dude, downloading shit that you don't know what it is intentionally is probably rather a lot worse than just leaving things be.

edited 27th Apr '12 12:23:34 PM by Exelixi

Basically, scripts are computer code built into a web page that allows the web page to do stuff, rather than just be displayed for reading. Without scripts, a web page is just a bunch of text and images. With scripts, it can do things like display different information for different people, play videos, run games, etc.

The problem is that if the code is written maliciously it can sometimes also be used to instal viruses on your computer or things like that. NoScript stops scripts from running until you give them permission, so you can only allow scripts if you trust them and there is a good reason for them.

EDIT: mega ninjad. But yeah, scripts are generally a good thing except when the person making them isn't trustworthy. NoScript is a reputable plugin that lets you run only the scripts you want to run.

edited 27th Apr '12 12:26:25 PM by EdwardsGrizzly

Noscript is lovely especially when used in conjunction with adblock. Yes your browser becomes a bit soulless looking and you have to enable scripts on various sites to get things working again (photobucket as an example). In exchange you get lovely things like a faster running browser and freedom from many viruses that otherwise would have hit you. Like the hell that is the VISTA SECURITY SUITE 2012 and related things. This thing seems very fond of getting people through scripts. I haven't run into the rat bastard since the ad block and noscript combo of doom.

Should you somehow get a virus still them Malware Bytes should get it and fuck its shit for you. Which is lovely.

It's a very reputable and easy to use little addon as well. Just takes a bit of time enabling certain scripts to get certain sites running again.

edited 27th Apr '12 12:28:09 PM by Aondeug

@Exelixi: I trust my computer savvy tech guy best friend

@Aondeug: Good that I had addblock already ^_^

Spooky: Also, if you don't have some sort of antivirus installed, you should have one. We use AVG 2012 here at work, but Avast and Microsoft Security Essentials are okay too. No one likes Norton, and we've had issues with Trend.

I have Microsoft Security Essentials, thanks to computer tech guy friend

Also should you ever get the VISTA SECURITY SUITE 2012 or a similar virus that is selling itself as malware protection while closing everything you're running saying that its corrupting your computer...You can typically still run programs by opening them as administrator. Do that to run malware bytes and get rid of the bastard.

I don't ever click suspicious pop ups Besides, my computer is in Finnish, so sudden English pop ups are rather suspicious.

Unless they are well made pop ups and are according to language setting of computer

Really, I have no clue where I got virus from in first place =/

edited 27th Apr '12 12:37:04 PM by SpookyMask

JavaScript is a scripting language for websites; doing almost anything dynamic on a website requires JavaScript. For example, show/hide buttons use a small script to change the visibility of some text or whatever. Similarly, if you want the website to change dynamically without reloading the whole page — say, to load more comments in place (like on Reddit or Twitter), or to show search results live (like Google) — you'll need JavaScript.

However, JavaScript also opens up the potential for malicious or obnoxious stuff (popups use JavaScript, for instance), and while modern browsers are generally good about security, disabling JavaScript eliminates a major potential attack vector entirely.

By default, Firefox only gives you the choice to turn JavaScript on or off entirely. NoScript is a very useful addon, because it lets you enable JavaScript on a per-site basis; you enable it for sites that need it, but most sites don't, so you can allow it where needed and not otherwise.

You'll probably notice a few sites not working properly; when this happens, try allowing JavaScript one site at a time until it works again. (Many websites load content from other, third-party websites — this is normal and rarely malicious, being used for a variety of things, such as showing a Twitter feed in a sidebar, Facebook integration, externally hosted images, etc. NoScript works based on the ultimate location of the script, which is why one website may have scripts from several other sites running. You can often guess which site needs JavaScript to work; for example, if you're looking at a page that's supposed to have an embedded video from YouTube, and the video isn't loading properly, try allowing scripts from YouTube.)

I hope my explanation made things clearer.

Just parroting the guy who recommended AVG. I wouldn't use anything else.

Are you a university student? Most universities provide some sort of anti-virus software for free.

And ninjas all around about javascript. Also, it can be annoying if you're used to object-oriented programming.

edited 28th Apr '12 1:30:31 AM by Autumncomet