Mozilla-Fu: Firefox Add-ons
The web is not what it used to be. Aside from being much richer, and useful. It is also much more annoying and dangerous. From seizure-inducing banner ads that distract attention away from actual content, to not being able to find any useful information amidst the onslaught of advertisements; there are many annoyances out there.
With more refined and effective client-side attacks emerging it is difficult to trust any website. From old-school Cross Site Scripting, to slightly newer Cross Site Request Forgery (I will be posting a how-to on XSRF attacks soon, so be sure to subscribe to my RSS feed), to emerging threats like Gifar (Great video here, on how it works.) Any site visited may be an attack vector–even sites that you may consider trustworthy.
The intent here isn’t to sound all gloom and doom-ish, really. There are some things that can be done about it. No, there isn’t a cure-all panacea available, but along side the threats and annoyances there have been some cool tools developed to help combat the constant spew of vile coming from the web :)
There are two Firefox Add-ons that I cannot live without, seriously I get really annoyed trying to surf without them:
Noscript is great, it does a couple of things that are noteworthy. First, it helps prevent XSS and XSRF attacks. It doesn’t prevent every type of attack, but it helps immensly. Second, it stops Flash, Java, and Silverlight from running automatically–the applets can still be started manually so it isn’t exclusive of watching the latest viral video, but one noticable advantage is how quiet the web suddenly becomes once these applets have been stopped from automatic execution.
Adblock plus does what is sounds like. It works quite well–I wouldn’t even consider visiting a social-networking site without these two tools!