Firefox plug-in NoScript 2.0 released
According to its developer, the latest version of the NoScript add-on for Firefox is even more reliable, has an updated user interface synchronisation system that's more efficient than previous versions and includes several improvements against cross-site scripting (XSS). Maone is especially proud of the new feature in version 2.0 that builds on the add-on's Application Boundaries Enforcer (ABE) module and provides cross-zone CSRF protection for flawed routers which expose their WAN IP on their LAN interface, saying that it "saves your router's ass even if it's so flawed to expose its UI on the LAN with its WAN IP". Other changes include the addition of an import / export feature, better handling of mixed permissions pages and improved support for Firefox Mobile, also known as "Fennec".
More details about the release can be found in the change log. NoScript 2.0 is available to download from the project's site or from the Add-ons for Firefox portal and supports Firefox 3.0 or later. Users running older versions of Firefox must use the previous 1.10.x branch of NoScript. NoScript is licensed under version 2 of the GNU General Public License.
- ABE Patrols the Routes to Your Routers, blog post by Maone.
- 26C3: Protection against Flash security holes, a report from The H.