Facebook, Twitter, Pinterest, etc. tabs appearing!!!!!

"Bouncing bar"?

i usually use F/F w/ adblock plus..it does not stop that stupid bouncing bar from happening..hate it..have tried to rid it w/only marginal success, cant rid all of them..will try noscript 5

fj12ryder wrote:
From jscripters.com:

"Like most good things however, there is a catch. Javascript has been responsible for several security vulnerabilities over the years. While the language is widespread and has been continually tweaked and undergone several revisions it is still insecure. One prime example is FredsCars.net, a popular car auction site that was turned into a small static html page simply because they couldn't control the site's behavior due to the JavaScript vulnerabilities..."

From stackoverflow.com in answer to the question "What are the risks of using Javascript and how to avoid them?":

"One of the most common errors is HTML injection, allowing third parties to inject JavaScript into your security context. That allows an attacker to control what a user does on your site, completely breaking account security."

From veracode.com:

"Since its release, there have been several JavaScript security issues that have gained widespread attention. For one, the way JavaScript interacts with the DOM poses a risk for end users by enabling malicious actors to deliver scripts over the web and run them on client computers. There are two measures that can be taken to contain this JavaScript security risk. First is sandboxing, or running scripts separately so that they can only access certain resources and perform specific tasks. The second measure is implementing the same origin policy, which prevents scripts from one site from accessing data that is used by scripts from other sites. Many JavaScript security vulnerabilities are the result of browser authors failing to take these measures to contain DOM-based JavaScript security risks."

These were just a couple of literally thousands of pages on the risks of JavaScript. But you do whatever you feel is best.

I don't care how much a "seasoned" IT person is, I have PERSONALLY watched not once but twice my PC getting malware via 3rd party inline text ads which USE Javascripts.

Javascripts are able to take complete control at administrative level easily bypassing security INSPITE of what the level the user is set to including rights passed on by the IT department and the Domain Controller..

I learned the hard way that inspite of having a fully up to date fully patched PC the BEST security is to stop it at the browser level..

Now days I use FireFox with AdBlockPlus and NOSCRIPT..

NoScript PUTS you back in control of your PC by only allowing the Javascripts that are needed for the website to work..

Yes, it can be a pain but it is worth it..

For the OP, I don't think AdBlockPlus would fix that, perhaps NoScript just might do it though.. Just be aware that NoScript will stop other needed scripts from running.. You may need to re-enable some to make the website functional..

I've not noticed on this, or any other, site.

If I understand correctly, this same social network bar is appearing on several websites at random? It doesn't appear when I visit the above referenced site, so assume its browser related. Specifically, a hijack of some type?

You can generally manually remove it. Or try using AdwCleaner app which targets common hijacks. It doesn't need to be installed.

From jscripters.com:

"Like most good things however, there is a catch. Javascript has been responsible for several security vulnerabilities over the years. While the language is widespread and has been continually tweaked and undergone several revisions it is still insecure. One prime example is FredsCars.net, a popular car auction site that was turned into a small static html page simply because they couldn't control the site's behavior due to the JavaScript vulnerabilities..."

From stackoverflow.com in answer to the question "What are the risks of using Javascript and how to avoid them?":

"One of the most common errors is HTML injection, allowing third parties to inject JavaScript into your security context. That allows an attacker to control what a user does on your site, completely breaking account security."

From veracode.com:

"Since its release, there have been several JavaScript security issues that have gained widespread attention. For one, the way JavaScript interacts with the DOM poses a risk for end users by enabling malicious actors to deliver scripts over the web and run them on client computers. There are two measures that can be taken to contain this JavaScript security risk. First is sandboxing, or running scripts separately so that they can only access certain resources and perform specific tasks. The second measure is implementing the same origin policy, which prevents scripts from one site from accessing data that is used by scripts from other sites. Many JavaScript security vulnerabilities are the result of browser authors failing to take these measures to contain DOM-based JavaScript security risks."

These were just a couple of literally thousands of pages on the risks of JavaScript. But you do whatever you feel is best.

fj12ryder wrote:

C7XR7 wrote:
I think the only way would be to disable javascript in your browser.

And that should be done anyway, it's a big security hole.

As someone who has worked in IT security and computer forensics for well over a decade, I can say that I agree that this statement could be "technically" true from time to time but is mostly based on lack of understanding of Network security. Yes JavaScript is a security risk, as is Java, Flash, Shockwave, Acrobat, and even HTML, while we are at it avoid IE, Chrome and Firefox as they do have security holes from time to time too. Come to think of it NutraSweet cause cancer, so lets avoid Diet Coke. Cell phones case tumors so avoid them as well. While we are at it lets stop using cars because they are the biggest risk of them all. It is a little like killing a mouse with a sledge hammer.

To stop using JavaScript to stop a specific undesired feature is one thing, but to block it based on an unknown potential future fear is not something that I would endorse. Just because a local NBC affiliate decides to do a 15 second spot on the risks of JavaScript should not be the only reason to make such a broad decision. User education and avoiding sites you would not want your friends or family knowing you surfed is a far more potent tool in your personal IT security than fear.

Log in to the RVParkReviews forum and complain about the sidebar, or use the "Contact Us" form. The site owner is testing it to see how we like it. So far, the "nays" are winning, thankfully. Right after it appeared, I asked that it either go away or at least be made a user preference option.

C7XR7 wrote:
I think the only way would be to disable javascript in your browser.

And that should be done anyway, it's a big security hole.

I think the only way would be to disable javascript in your browser.