My impression is that the "Security Level" (standard, safer, safest) has somewhat replaced NoScript.
NoScript is still an add-on but the icon does not appear as standard at the top of the browser as used to be the case. Also, the preset customization for "default" sites is to allow everything (except ping). In terms of TBB's "Preferences / Privacy and Security" section, many sites will not work unless the "standard" setting is chosen. Are there any serious security ramifications of "standard" that can undermine the TBB and thus acquire the user's real IP? I assume not or what would be the point of the TBB? I imagine that browser components that might be dangerous in a normal Firefox won't necessarily be operational in a hardened TBB. Hence, "standard" (which includes JS, WebGL, etc) is not a problem. Could someone e.g. Roger please clarify this fact. It does feel a bit odd using sites with JS, etc, freely working whereas in my non-TBB Firefox, I have to constantly allow NoScript to "temporarily trust" most sites. Thank you. -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
