I’m moving to Firefox as my main browser, and the amount of sites that break because of me blocking JavaScript (with ublock) is staggering. I can understand SPA being JS only, but simple blogs and other content sites, no.
Using NoScript has been pretty eye-opening. I've come to learn that most of the time I'm happy unblock the primary domain. If the site doesn't work I'll look for a clearly-named CDN. If I can't identify one or, worse-yet, there is some kind of cdn.some-domain.com and unblocking that still doesn't make the site work, then I'm out.
I've stopped using NoScript because it was breaking my own apps. It was fine until Mozilla changed something in Firefox. The problem is that NoScript inserts a lot of JS into the web page and some of that JS gets broken by some sort security lockout. It may be a bug in Firefox and maybe it's been fixed but I wasn't satisfied with NoScript anyway. I'm now using uMatrix. It doesn't insert JS on every active element (just at the top) so it avoids buggy behaviour. The main thing I like about it is that it only blocks cross-origin scripts (NoScript blocks everything by default, including same-site).
I do not understand why this injecting js to block js is a thing. Why is there no way to just tell the browser engine not to execute any js here? if the functionality isn't there in the browser engine, why not?
I use 2 browsers, one with JS disabled and blocking everything (like 95% of the time), and second one for say "important" stuff like banking, youtube and facebook ;)
Good to know! I have seen how it injects JS into every page but so far it has not messed with my development, but I do use uBlock so I'll look into using it as a NoScript replacement as less the fewer plugins the better. Thanks!
I do also use my hosts file for stuff that will never, ever, ever get a pass, like google analytics.
You clearly haven't seen the sites that demand JavaShit just to load JPGs and PNGs that you told the browser to open directly. As in pointing the browser at a JPG or PNG and getting redirected to a page with JavaShit to load that JPG or PNG.
Why? Fuck if I know, I don't live in the same universe as whoever wrote and published that literal garbage.
I recently got a CD-rom from a hospital containing X-rays of my leg to share with my doctor. Upon finding a computer with a functioning optical drive I was dismayed to discover that the CD-rom contained not 3 simple images of the bones in my leg, but almost 400 megabytes of impenetrable binary data in over 30 nested directories and an .exe called MedicalImageViewer which I was unable to run on the latest version of Windows in my posession (win7) due to missing visual basic related dlls.
I was eventually able to run the app on a friend's computer, but finding no in-built option to export the images I was forced to take screen grabs to email to my primary care provider.
Linux has medical viewers. You can get the Ubuntu Mate 22.04 LTS DVD, install it.
Open Synaptic, which is the "advanced graphical package manager", search for "DICOM" in the dialogs and install a good viewer.
Guess what your doctor does to look at your X-rays: The chance is high that he'll just execute the .exe file on the CD-Rom too. I've witnessed that already multiple times and always cringe, because of the obvious security implications. It'd be so straight-forward to compromise a doctors office by handing them over a different CD-Rom with malware instead.
The one I worked for also included a viewer on discs burned for distribution (typic'ly to patients, but could go elsewhere if patient signed the right document), but we used a couple different viewers internally. If we received a disc, that DICOM data was imported using our viewers, never whatever was provided on the disc. Local network traffic was…closely monitored.
Occasionally, a remote doctor (not from our office) would call for help with the viewer we provided on disc. Usually, because some advanced feature they could have used at their office didn't exist in the patient viewer, or worked differently.
Normally, instead of discs, we just transceived images via PACS, or accepted physical films to be scanned into our PACS.
A lot of paywalled websites won't throw up a nag screen and will let you read the whole article if you turn off javascript. You won't see the pictures (probably because they want to discourage people from turning off JS) but that's fine with me.
But recently installed duckduckgo on my android phone and turned on their app tracking protection. The unnecessary requests made by apps I haven't used in months is jaw dropping.
