Malicious code on websites is a serious threat to privacy and security online.  Malicious code, can be used to steal personal information.  Web code can be used to track your location, and compromise your privacy.  This is especially worrisome if you are intentionally trying to hide your true identity.  Of course, the most common use for malicious web code is profit for the crooks who write the code.  Your computer may become “infected” with fake viruses that prompt you time and time again to buy useless “antivirus” software, or just for the heck of it, your credit card number or social security number could be lifted from web forms.  It is important to be vigilant against this threat, especially if you not a tech savvy computer user.

Fortunately, there are tools to help you protect yourself from these attacks.  NoScript is an extraordinarily useful plugin for Firefox that keeps your personal data private and protects you from unwanted intrusions into your computer.  NoScript is simple, easy to use, and intuitively blocks scripts, plugins and other code that could be used to compromise your computer during visits to a website.

After you install NoScript, you are going to notice just how prevalent scripts and java are on modern websites.  You will notice that most websites just do not work without them.  By default, NoScript blocks all scripts.  Fortunately, it is easy to allow scripts on a site by site basis.  If you trust a site, for example, your bank, you will allow all scripts to run. The benefit is clear.  The first time you visit a site, NoScript will completely block all scripts.  If you decide to trust the site, you can allow scripts, but if you are on a questionable site, you can decide to leave the scripts blocked.

A good example of the usefulness of NoScripts appears on the site stayinvisible.com.  With Javascript disabled by NoScript, Stay Invisible, can detect only your external IP address.  In my case, it is the IP address of my proxy server.  Stay Invisible, gives you are warning that you are “visible” because you have javascript disabled, but this is not the case.  Disabling Javascript has prevented the site from capturing a good deal of private information that you may not want disclosed.

When scripts are allowed, the site can gather your real IP address, and much more about your computer.  Malicious scripts can be written to gather much more personal information about you and your computer.  If you are interested in protecting your privacy, and you do not want certain sites that you visit to know who you are, you must disable certain scripts on that site.  There is another option as well.  If you use a VPN type proxy, the JavaScript will not be able to circumvent the proxy and your real IP will not be disclosed.  This makes a VPN type proxy superior to a regular HTTP or SOCKS proxy for web browsing.

NoScripts blocks unwanted and dangerous scripts