Security Questions...

[MrLinux]

Hi All, I have two questions I'd like to ask...

1) as a recent IRC user (mainly restricted to #debian and related channels) I am somewhat unhappy that my IP address is announced to other channel members every time I join; I'm sat behind a fully stealthed firewall in my modem, another firewall in my router, and IP tables on my PC (all set to "paranoid"), but to me it appears to be an unnecessary exposure and a potential risk; is there any way to hide or mask my IP address while connected to IRC? BTW: I'm currently using KSirc as a client.

2) with all the bad press and vulnerabilities being found in JavaScript, is there a FireFox plug-in which allows me to select which web sites are allowed to run JavaScript and which aren't; at the moment I'm disabling it for general web browsing and then having to re-enable (and restart FireFox) when I need it (this site for example).

OK, yes I'm paranoid about security; I take the attitude that the world is full of people like me, and that makes it a very frightening place!

 

[MrLinux]

Ok, Ignore the first question (IRC anonymity); just found Tork, looks like solves that little problem...

 

[btk1w1]

http://noscript.net/

 

[linux_0]

Also https://addons.mozilla.org/en-US/firefox/addon/722.

The official https mozilla addon site is recommended over the author's site.

 

[MrLinux]

Many thanks Guys, thet was just what I was looking for.

 

[Zorak]

Be careful though. If you add websites to your NoScript whitelist and they get hacked, you are pretty much hosed. Also, sometimes it is a major "PITA" to figure out which site to temporarily allow so that the web page will work properly, which may tempt you to just click "temporarily allow all this page". This is very dangerous! I know because I have been tempted to do this many times. A lot of times it is not obvious which sites need allowing and which are safe to allow. For example, if you run no script on this site, not only do you have to allow the tomshardware sites, but you also need to allow "bestofmedia" or else some of the javascript stuff on this site gets all messed up. I hate having to do that, so it is tempting to be lazy, but you must be vigilant lest you develop a false sense of security! Best of luck.

--Zorak

P.S. Be careful if you decide to do anything with TOR (i.e. host a TOR server). Sometimes "mean people" use TOR servers to cover their tracks and you could get a nasty visit from the authorities. Of course, if you do decide to run a TOR server, kudos to you for providing a way for the common man to protect himself from prying eyes!

 

[MrLinux]

Yep, I'm finding allowing/blocking to be a right pain on some sites, the log-in script for TomsHardware.co.uk doesn't appear to be coming from TomsHardware.co.uk (?), to log-in I have to allow all scripts on this site (including the advertisers)...

I'm also finding TOR to be very S-L-O-W, averaging 1.5k a second; it's big-time useful to be able to change your location (to another country) as some (news) web sites serve different content based on location; but the speed makes web surfing imposable.

 

[sub mesa]

Noscript is great, i miss it on every Firefox install not at home, because without it i no longer have control over my browser; the website has control over my browser. These include Javascript dialog-spam or "jokes" which loop forever and you have to kill firefox and all your 400 tabs with important info, no thanks. Also, it lowers the CPU usage considerably because alot of junk scripts/ads are now disabled. I do enable genuine scripts though, that run on the same domain as the site i'm visiting.