Xfce Forum

organicode

Member

Registered: 2026-04-01

Posts: 21

Who uses Tor Browser the old way... with NoScript in top bar?

I recently reinstalled Tor Browser and found that it no longer allows changing from Safest Mode (that blocks javascript) to Safer Mode (that allows it) without resetting the WHOLE BROWSER! How long has this been a thing? Tor Browser is now unusable without putting the NoScript button back into the toolbar.

With NoScript in toolbar Safest Mode can be used, but when a web site / domain needs javascript, it can be enabled just for that site without affecting all other sites.

NoScript has always been included in Tor Browser by default but in 2017 the devs, in their desire to simplify the UI, removed it from the toolbar meaning that all its functionality is hidden and outside the control of the user. I liked it in the toolbar, because it allowed me to approve javascript on a piecemeal basis for domains that I trusted. People are free to manually put the addon back into the toolbar themselves but how many actually do this? Well now a user cannot go from the Safest Privacy Mode to the Intermediate (Safer) Mode without totally restarting the browser! I can't expect any sane person to restart a browser everytime they want to watch a Peertube video. What user are these Tor Devs catering to today? If someone chooses Safest Mode, they should get NoScript in the toolbar by default.

Any Tor Browser users here actively put the NoScript Addon back in the toolbar?

Another question I have is about uBlockOrigin, The TailsOS developers put uBlockOrigin in Tor Browser. Would you like to have uBlock in all versions of Tor? I definitely would, not just for consistency across all versions, which is important against fingerprinting, but for it great ability to cut a lot of nasty stuff from websites.

Thanks for reading and at least thinking about these fairly basic user experience and privacy aspects. If you feel comfortable writing your thoughts on love to hear it. Tor Project say they want to be the browser for all who want privacy from the predator class, but they seem to drop the ball a lot.I can think of other bizarre choices too but there is plenty to chew on with these two aspects. As OP I'm happy to read about your own bugbears or positive experiences with Tor Browser. This is an important topic amidst the ever-inflating spectre of techofash.and slop anti-services. I feel we can probably quash a lot of technofassh by simply taking more things private, self hosting over onion services etc. and therefore starve them of the data they crave.

bggf

Member

Registered: 2026-04-13

Posts: 17

Re: Who uses Tor Browser the old way... with NoScript in top bar?

Hhhmmm yes, I remember the no-script addon. Honestly it broke too many websites for me and I didn't have the disciplin to configure it properly. (I remember youtube... )
I now use brave with tor.
I did however "discover" the program "opensnitch" and was amazed on how many servers are pinged by our browser for "no reason".
https://github.com/evilsocket/opensnitc … -in-action
even surprising ones:
https://user-images.githubusercontent.c … de2377.png

organicode

Member

Registered: 2026-04-01

Posts: 21

Re: Who uses Tor Browser the old way... with NoScript in top bar?

Anything we do to protect our data, Tor or i2p, is good, but yeah I can't use Brave. It might have some nice features by I have full-freedom objectives.

Apparently Brave use a farbling technique to make people more anonymous, which is what libre-browsers like IceCat do with addons like jShelter.

"opensnitch"

Fun name. Its on M$Github (M$G), will try to look into it one day tho. Addons that reveal website nasties are the way forward. Ublock is very popular but generally only blocks, doesn't expose. I'm at the point where people should be alerted if the hosting of a site doesn't match the domain suffix. So if someone is visiting a Belgium website with 'br' it will alert the user if the website is hosted from or leaks data to a U.S. network for eample, and the domain suffix doesn't cleverly finish a word in the language of the country it is hosted (or accessed?) from. I think that alone would eliminate A LOT of scams. When you start studying this stuff it becomes obvious what is going on... (one country basically operates a global and growing MITM attack since about 2009).

You've outlined Tor usability issues, yes, made worse by choices Tor devs took. If they made it easier, rather than harder, for people to switch on javascript for the top level domain that would go a long way. Random Invidious instances could be suggested when people try to visit gooTube (which is what IceCat Browser does too btw). Yes, as you've stated gooTube is a massive problem/psyop and has apparently gotten worse with the DRM malware google inject into browsers. I personally don't care for gooTube because I have my go-to Peertube channels now. If something is on gooTube and not Peertube, i see that as a political choice by that creator to support the predator class.

Also when people complain that a FontAwesome font ought be embedded in Tor Browser (ASIDE: DID YOU KNOW that 'fl' in TorBrowser means "Search"), and some other basic popular fonts, and that svg files should be made safe for display, it seems to fall on deaf ears at TorProject for some mysterous reason.

Meanwhile this month it seems Tor are busy celebrating "partnerships" with NGOs, and producing blog posts that feature these NGOs' Goolg/'scAm'azon/Cloudflare-hosted websites. Ugh.

Tor is okay, but... we are in a worse place today because of bad choices and priorities made at Tor Project post-2016. Mozilla are not blameless either, killing RSS with millions in funding from google. The epstine files make it clear today how and why the money-printers and techno-fascists have been scratching each others' backs ... literally AND figuratively. Here's hoping we can repair the tools we need to communicate, after a decade of, basically, bribery and vandalism.

Thanks for your input.

Last edited by organicode (Today 03:01:47)