[stephengillie]

This is yet another benefit to whitelisting JavaScript. Faster page load, more lightweight pages, less advertising and spying and crapware, less information going out.

And if you like a site you can enable it.

Go ahead, call me crazy like most people do.

[jakeogh]

The web is so much better without it. It's downright annoying to use someone else's JS enabled browser.

Rough config for surf: https://gist.github.com/jakeogh/b23aac080c5c74310c88

[antsar]

I agree that this is better. Unfortunately, whitelisting is tedious so I often resort to enabling all JS when I quickly need to use a site or five that require it. Many don't have the patience to keep doing this, so disabling plugin enumeration might be a nice middle ground for them.

Security/privacy doesn't have to be all-or-nothing.

[stephengillie]

We should be able to make "Security Groups" where we can apply less-restrictive settings (JS on, cookies) to trusted sites.

The Internet Explorer security model has 4 levels (Internet, Local Intranet, Trusted Sites, Restricted Sites) and you can choose a preset security settings package, or build your own, for each level.

Maybe Chrome/FF/Safari need something more similar to that, where we can specify different groups or levels, and then assign those to websites we visit.

The biggest problem with the IE method is that the UI is more tedious to add a site to a zone in IE11, than to add a site to the JS whitelist on Mobile Chrome.

[Tanath]

uMatrix from the creator of uBlock makes JS management easy (along with other things).

[thiagowfx]

https://addons.mozilla.org/en-us/firefox/addon/noscript/

[RexRollman]

NoScript is a great extension. Even if you never used it to block anything, it is a real eye-opener on just how much stuff is being loaded when you visit a website.

[JadeNB]

The functionality is great, but see https://en.wikipedia.org/wiki/NoScript#Controversies. As https://news.ycombinator.com/item?id=9999411 points out, browser extensions have an enormous amount of power, and the developer doesn't demonstrate that he deserves the trust that that power requires.

[greenyoda]

Since NoScript is open source, I assume that people are keeping a closer eye on the code after these incidents. The author has to be aware that if he tries something like this again, people could fork the code and move on without him (like what Adblock Edge did to Adblock Plus).

[idlewords]

You're crazy!