I'm glad you included the bit about distributions packaging extensions. As I noted in the big thread, Debian's package of noscript disabled the annoying open-a-tab behavior long ago -- without precipitating an arms race.
It is worth noting, though, that few distributions could keep up with the constant release churn of noscript. From its FAQ:
Q: Yes, I love NoScript, but releasing new versions every few days is getting tedious, can't you limit updates to once a month?!In contrast, the Debian packages of noscript have never been updated more frequently than monthly, and generally less often.
A: NoScript is a security software, hence its users expect it to do every effort to keep their browsing experience as safe as it can be, always. This means that every time a new browser weakness is reported, a new kind of web threat is discovered or a bug is found in NoScript itself (hey, no software is perfect!), NoScript is immediately updated to react as needed.
I wonder, though, if needing constant code releases to deal with issues is a symptom of noscript not being very well designed. Compare with things like adblock and clamav, which do not require frequent code releases, and rely on frequently updated blacklists and virus signatures, which can be downloaded periodically. Alternatively, perhaps the set of issues that noscript is dealing with are so varied (due to the insane web programming mess) that it really does need new code to deal with new issues. I'd be curious if someone knows.
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds