Adblock+noscript, FTW!
-
-
That's also assuming you're just blindly whitelisting every site they ask for - which makes the whole thing pointless anyway. Actually checking them all would take even longer, making it even more of a time sink.
Just automate it. Whitelist any site that gets rejected. Problem solved!
-
@RaceProUK said:
You're the one who's failing to suggest an alternative.
You're the one suggesting it's the only line of defense
I never said that.
-
Then no other steps should be taken.
This hole discussion is getting rather ridiculous in any case ... Environments are different and security practices should be adapted to that.
-
Yes, because Flash and Java have so much to do with Javascript.
I am almost positive that the delivery mechanism for executing the payload, was script based.
And NoScript is what I use to block Flash and Java, smarty pants
-
You do realize that you can disable such plugins without gimping your browser at the same time?
I have to use them occasionally. I YEARN for the day when all browsers stop supporting them, and FORCE various sites to stop using them. In the meantime, NoScript is fast/easy way to enable/disable them without futzing with things.
-
a core feature of every major browser.
A core feature NOW ... not when NoScript came on the scene, though. And I am used to doing it that way now, instead of messing with the browser plugin settings. So there
-
If they start grabbing domains with "cdn", we might all be in trouble.
Oh man, don't do that to me! I just shivered like someone was walking on my grave o_O
-
Environments are different and security practices should be adapted to that.
Agreed. The topic of this thread was for individual use, and specifically computer experts (such as ourselves) use. Students in a school setting .... WHOLE other situation. If they were older, then maybe I would trust the little buggers to self police and use NoScript, etc. But frankly, I wouldn't want them to have the power to nuke themselves. Yami's solution of a self-wiping system and isolated drives/network would be my preferred solution as well, for students.
But, for the rest of us (and those who can be trained) NoScript + AdBlock FOR-EVAH! >_</*
-
oh, wait, it's just a few button clicks.
For each site. On each computer. And don't forget, his students eat paste, so the keys are probably all sticky.
-
You're the one who's failing to suggest an alternative.
You, ah, wanna show where in his job description it says he needs to, cow
boywhatever?
-
I think the better thing for schools is something like hard drive snapshots restored daily.
other interesting thing when the internet is all blocked are services like web-capture.net that converts a URL to an image
-
when the internet is all blocked are services like web-capture.net
And how would someone access that if the Internet is blocked?
-
s/all/too
-
a core feature of every major browser.
Off by default because WHERE IS GRUMPY CAT?!?!/
-
If I use a pupil-managed whitelist I might as well not bother because I'll only train them how to whitelist a site very fast.
Oh can I join in?
You can't come up with a 15 minute lesson "responsible whitelisting", you lazy ass-fuck?
-
Because no-one would lock down the Internet but also lock down things designed to get around the blocks, right?
Username: loopback Client-IP: xxx.xxx.xxx.xxx URL: http://web-capture.net/ Category: Proxy Avoidance Proxy: corp-proxy-overlord Error message: Your system policy has denied access to the requested URL.
-
Depends, at wtfbank this isnt blocked. I dont see why it should, because png are usually safe
-
They prefer to block dangerous things there like msdn and openssl.org :/
(The cdn msdn uses for css and js to be fair, sites are frequently broken because our it sec hates cdns there)
-
(The cdn msdn uses for css and js to be fair, sites are frequently broken because our it sec hates cdns there)
So, you can't see avatars on Discourse?
-
Some avatars dont show up there, I didn't connect the dots, because so much stuff renders broken there that I got used to it
-
other interesting thing when the internet is all blocked are services like web-capture.net that converts a URL to an image
But then how would the students copy-paste from Wikipedia?
-
On further thought...this would be a great idea for StackOverflow in workplaces. At least if shitty devs had to actually type it all out they might learn something.
-
@Lorne_Kates said:
@Rhywden said:
If I use a pupil-managed whitelist I might as well not bother because I'll only train them how to whitelist a site very fast.
Oh can I join in?
You can't come up with a 15 minute lesson "responsible whitelisting", you lazy ass-fuck?
That's not the problem. Let me explain the problem by giving a somewhat related example:
The pupils have to sometimes write a text about some topic. They are told explicitly (and have those rules in writing, too) that not providing any sources will automatically fail the task. Guess how many are still surprised when they see the "F" under their text?
And care to guess how many of those who provide sources don't provide complete sources? (yes, they have that in writing as well)
So, given the fact that when confronted with an even stronger incentive to adhere to the rules, how effective do you think such a 15 minute lesson will be?
-
how effective do you think such a 15 minute lesson will be?
On second thought, that lesson isn't even required. Students these days are DIGITAL NATIVES. They live their lives on the Internet, and inherently understand everything about technology better than you. You need to communicate with them in the style that they understand, so they'll be engaged. Otherwise they might get stressed, and we can't stress students. Ever. Students automatically adopt any and all digital technology at an expert level, and if your lessons aren't tailored to them, then you've failed as an educator.
The above paragraph is 100% true and accurate. Go ask any Principal or Administrator (especially those gunning for Superintendent, or earning a "Masters of Education").
-
@Lorne_Kates said:
You need to communicate with them in the style that they understand, so they'll be engaged.
http://i.imgur.com/9dEQrdO.png
Am I doing it right?
-
I dont think what you say apllies very well for security
-
@Lorne_Kates said:
Off by default because WHERE IS GRUMPY CAT?!?!/
Whadda ya want? I ain't doin' it!
-
So, given the fact that when confronted with an even stronger incentive to adhere to the rules, how effective do you think such a 15 minute lesson will be?
Kids
Amirite?