NoScript proudly calls itself a security extension advertising itself as an extension with “whitelist based pre-emptive script blocking approach prevents exploitation of security vulnerabilities (known and even not known yet!) with no loss of functionality…”
Well, guess again. The author has a history of doing shady things, such as messing with AdBlock filters to whitelist ads on his own website. But what is even more serious is the fact that the author advertises on his website malware. Especially to Windows users. Every time NoScript updates itself, the users are shown the homepage of the extension.
If you’re a Linux user, change your browser’s user-agent to Windows in order to investigate. See that “PC slowing down?” banner? It’s hard coded by the author, who gets paid with every successful installation of malware crafted by UniBlue. Just look at the source how the banner is generated. It randomizes itself every time you refresh the browser in order to get away from Adblockers. This dogshit is something even ad networks would be proud of.
The author knows well what he is linking to and has made a great effort to obscure the code and created a mechanism to bypass Adblock.
Let’s see what VirusTotal has to say about the exe file you’re going to download.
Trojan.Win32.Generic!BT, Malware/Gen.Generic, Win32/SpeedUpMyPC.A potentially unwanted – just to name few.
NoScript is considered harmful! Why would you trust this “security suit” if the author is pulling tricks like that?
(The post has been translated with explicit permission of liltinkerer)