Re: Identity Theft

["tv.debian@googlemail.com" <tv.debian@googlemail.com>]

Le 21/12/2021 à 14:24, Eike Lantzsch ZP6CGE a écrit :
> On Dienstag, 21. Dezember 2021 09:43:42 -03 Kenneth Parker wrote:
> > On Tue, Dec 21, 2021, 3:15 AM local10 <local10@tutanota.com> wrote:
> > > Dec 21, 2021, 02:13 by jeremy@ardley.org:
> > > > You can mitigate XSS by having a single browser that is used
> > > > solely to>
> > > access high value sites. e.g. if you routinely run Firefox, have a
> > > copy of Vivaldi that you use to access your banks - one at a time.
> > >
> > >
> > >
> > > Installing NoScript also may help as it has an option to sanitize
> > > cross-site suspicious requests. NoScript also speeds up the browser
> > > by disabling all the tracking and spying scripts many sites load
> > > nowadays. Just make sure to disable all the garbage it has enabled
> > > by default after the installation.
> >
> > +1 on NoScript.  I particularly like the White List capabilities,
> > where you can allow Scripts by Website, and even only one time.  I
> > only know it to work with Firefox, at this time.
> >
> > Kenneth Parker
>
> Is this
>
> *No-Script Suite Lite by AdblockLite[1]*
> (this one has a whitelist feature) or
> *NoScript Security Suite by Giorgio Maone[2]*
> (has a whitelist feature too) or other?
>
> I'm using Privicy Badger among other means
> like limiting and redirecting DNS requests. But that does not avoid JS.
>
> Cheers
> Eike
>
> --------
> [1] https://addons.mozilla.org/en-US/firefox/user/11285580/
> [2] https://addons.mozilla.org/en-US/firefox/user/143/

To follow up on myself, shamelessly ;-) , noscript and umatrix are 
packaged in Debian (depending on your version), and both protect from 
cross site scripting. Packages are "webext-umatrix" and "webext-noscript".