I remember reading somewhere (probably before the [populous] Internet revolution, I'm thinking early or pre-1990's) that astronomers changed the official pronunciation of "Uranus" to make the "a" in "Uranus" short or unstressed. This was done for obvious reasons.
From Wikipedia:
The preferred pronunciation of the name Uranus among astronomers is [jrns], with the first syllable stressed and a short a (rns);[34] this is more classically correct than the alternate [je.ns], with stress on the second syllable and a "long a" (rns), which is often used in the English-speaking world.
BTW: NO, I will not enable javascript. Fuck them. Like some Web sites insist that you can only view their content with Internet explorer, and some sites (a vast minority) insist that you can only view their sites with Firefox, I build my sites to test if Javascript is enabled, and if it is enabled then I give instructions on how to dis-enabled it so that they can view the content on my site.
That's the point. I shouldn't have to. It's lame if I can't view a site because of poor design philosophies or principles. Some people decide to have navigation JavaScript oriented to impress their boss or to look keen or to introduce exploits. Their is no need or excuse to have poor Web design.
Are you seriously labeling email address as ID a security vulnerability? Usernames are not supposed to be sensitive data. That's what passwords are for.
First off; a username/ID is half of the security equation (the password being the other half); you can't have access without the other. It makes cracking at least twice as easy if you have both.
Second; Email addresses are easy to harvest, guess, crack, forge etc. I rarely use email and when I do it is mostly of a disposable and expendable kind.
Third: Using email addresses on multiple accounts makes you more vulnerable to - spam (yes even by big "respected" companies). Whether it be through ignorance, malice or laziness companies, friends, etc will CC (carbon copy) their messages (instead of BCCing [Blind Carbon Copying] their messages), thus giving your email more and more potential to be found and harvested by spammers (who tend to be mainly crackers and criminals these days) - There are also more points of failure (the more companies that have your email address (that is login ID), the more likely it is to get compromised) - Also you are not only risking your bank accounts but your email address itself could be cracked thus leaving you even more vulnerable (as I will emphasize I avoid using email all together) - Also companies that have poor security policies with user IDs and passwords probably have poor defenses in terms of network penetration and Web site login exploits (sql injections, etc) as well. Emails (login IDs and hashed/encrypted passwords) can and will be harvested through these exploits as well.
- It also exposes you to multiple attacks because once a cracker realizes a person is using an email address as a user ID they will deduce that this person is also probably using that same user ID on multiple accounts. Crackers see patterns in behavior and often exploit the most vulnerable.
In regards to PGP and the like I was referring specifically to email (which I think should have been apparent since I mentioned unsecured email in the quote that I was discussing).
As I've implied by my parent post I've applied "safe computing" to my Internet use for many years already. To me it is common sense. You don't have to believe me however, because much of what I have stated is in the PDF and has been noted by the experts.
They should fine and imprison those people who drive cars, motorized boats, snowmobiles, etc (largely unneeded and wasteful devices of leisure); as well as barbecues, and religion that exposes me to much more pollution than a finger long cigarette could ever create. And yes if we run propaganda campaigns in the schools and on television and radio long enough then I'm sure the populace will eventually be persuaded. People will go to extreme lengths to point out any alleged flaws of their political opponents but will be hypocritical in their own life style, behavior and politics. Sugar causes more illness and diseases than tobacco and yet I see no warning labels, restrictions, or extra taxes. I don't see candy banned from stores where children are allowed to have access. The reason for this is because people have a political fetish with "Drugs", and tobacco still being legal it upsets a lot of fanatics and evangelists of the Just-Say-No mentality.
Sometimes the majority or the cultural norms rule. That's life. No shoes, no shirt, no service.
What an arrogant thing to say. Your points are smug and self-aggrandizing. The "majority" and "cultural norms rule" phrases are the norm and not just sometimes. Unfortunately people will tend towards simplistic and authoritarian rules. This is the way the world is headed. The lowest common denominator political attitudes will survive like cock roaches. Simple, sad and depressing.
Fair enough but I'm not really thinking about rhetoric or persuasion. I'm thinking about purely logical arguments. I'm generally not interested in persuasion to begin with because I don't have anything to sell and people are generally too stubborn and stupid to think outside of their personal Weltanschauung.
I'm sure I could probably make better arguments in support of cannibalism than any detractors for example, but I doubt if I will persuade anybody that my arguments are in fact better. In this case I know I would have won the argument but my detractors would be too biased by their own prejudices to believe otherwise.
For something more historically significant Galileo Galilei won the argument (IMHO) that the Earth travels around the sun. In one of his celestial proofs he asked the Church to look through a telescope, whereby the Church declared that the telescope was giving them false information. So for me the Logic of a premise and its follow through is more important than mere persuasion.
"Lies, damned lies, and statistics" and "There are three kinds of lies: lies, damned lies, and statistics." Of course statistics don't lie, but magicians and con men often use science combined with the irrationality of a typical mind to believe (or perceive at least) what isn't true. In the end it's up to the audience to believe whatever their mind tells them to believe which is something I can ultimately not change (to any great degree) nor is it something I am personally interested in. If people truly believe the Earth is flat then it's not worth it for me to even bother arguing, and so it seems pointless for me to argue about what operating system sucks the most on a forum like Slashdot (I sometimes take the opposing view not to Troll but to point out faulty and biased reasoning).
In the end I may never become a Politician, a Manager, a Salesman, a Copywriter, a Public Relations person, a Customer Service Representative or any of the other types of dubious professionals that excel at the art of persuasion, but in my own simplistic way I will have peace of mind knowing that I am honest and true to myself. It's not much, but it's something important to me.
Thanks for the info. I was highly skeptical of the data in the first place (as I would suspect most Republicans would be as well:)). I was alluding to the fact that IQ tests really only make sense when the population sample is similar in nature (age, education, etc... although I admit I'm no expert on the theory of IQ tests). Basing IQ tests based on large geographical areas or differences seems bogus to me.
Let's also assume that they have different physics and that FTL travel is possible and routine.
If "they" have different physics than us then they aren't from our universe. You'd not only be talking about intergalactic travel but inter-universe travel (assuming that there are things like parallel universes). And assuming these two things would be possible then one would also have to assume that their physics (that would control their being, like the strong force controls the atoms in our bodies) would be compatible with our physics. For example if these creatures lived in a one or two dimensional universe then how could they exist in a 3 dimensional universe?
You can read the stories on CBC. The CBC is controlled by the government, and will rewrite or remove stories as requested by the Calgary Police Department.
If the CBC will remove stories as requested by the Calgary Police Department then how can we read these stories on the CBC?
As a crown corporation, the CBC operates at arm's length (autonomously) from the government in its day-to-day business. The corporation is governed by the Broadcasting Act of 1991, under a Board of Directors and is directly responsible to Parliament through the Department of Canadian Heritage. General management of the organisation is in the hands of a President, who is appointed by the Prime Minister.
- Wikipedia (bold emphasis is mine) I remember hearing the last 4 latest Prime Ministers stating that they didn't like what the CBC was reporting about them. Every new PM doesn't like the CBC. The corporation certainly isn't immune from political interference, but neither is anything else.
I don't know the validity of the claims this person has purportedly made against the police, but you claim that she lost in court. So either:
a) There was a conspiracy against this person by the Calgary Police, the CBC and the courts b) This person had a bad lawyer c) This person was talking shit on her Web site d) Maybe you are talking shit
I don't know, it could all be true but you offer no evidence.
Just remember that 100 is the average IQ. There are as many on the bottom half of the bell as the top. If you need proof, spend some time in a grocery store. I'm actually surprised that some adults can tie their own shoes.
If the population sample that you are deriving an IQ from can't figure out how to tie their shoes then "100" doesn't really mean that much to me in the first place.
Before I get marked a Troll I will be emphatic in stating that this is not a slight to you or IQ tests in general, but rather I am stating that the concept of IQ (tests) does not necessarily mean intelligence but rather it means relative intelligence. It would be somewhat interesting if IQ stats could be listed by country or by state for example. The results may be dubious but entertaining. On that note I actually Googled "IQ statistics by State" just out of curiosity and I found this: http://chrisevans3d.com/files/iq.htm.
I wasn't sure if this was for real or just a satire. It's hard to tell these days. You offered no references. Then I double checked and noticed "BBC News April 2nd 2010".
It's scary when one can barely tell satire from real world events. It's too real. Your fiction and reality are barely separable.
However, it would seem that if you really want to be sure if a bank's Website is secure you would need to test it yourself with programs like nessus, etc.
Of course the biggest question is, why doesn't the report list which banks fall in the 24% that didn't have any of the security issues they tracked? I want to know so I can switch.
Probably to prevent the bad guys from finding out what banks are vulnerable through the process of elimination. There are enough banking problems occurring as it is now. However, it would seem that if you really want to be sure if a bank's Website is secure you would need to test it yourself with programs like nessus, etc. I predict that 76% of the banks you scan for security vulnerabilities will not even realize they've been scanned.
There extra security in having hard to guess logins and passwords, but you're also making it difficult to the point of uselessness to make people remember endless amount of logins and passwords where they're just going to start writing them down on stick-it-notes at their work desk.
One can easily enough save a password with a password manager, or save a login straight from a Web browser or using something like Microsoft's newer CardSpace feature (available with XP and Vista). All these options are better than crackable passwords. If these aren't possible for something like work (if you decide to do your banking at work, which I wouldn't do for many reasons) then I would write down my ID and carry it with me. Having to be inconvencienced by one logon account would be worth it for me.
- logons etc on insecure pages
This is often a misunderstanding. One that I had at a point as well. Your login form has to submit to a SSL page, not reside on an SSL page to be secure. This is why several banks have login's on non-SSL pages, because their main informational site doesn't need the extra overhead of SSL to transmit their advertisement stuff.
Various quotes from the PDF:
Presenting secure login options on insecure pages: Some sites present login forms that forward to a secure page but do not come from a secure page. This is problematic because an attacker could modify the insecure page to submit login credentials to an insecure destination.
Also:
Contact information/security advice on insecure pages: Some sites host their security recommendations, contact information, and various other sensitive information about their site and company on insecure pages. This is dangerous because an attacker could forge the insecure page and present different recommendations and contact information.
Also:
Login pages and options displayed on insecure pages leave users vulnerable to man-in-the-middle attacks.
Many times we will have some security firm come in and look at our public facing web site, and come back with a list of 25-30 items that are 'security issues'. Most of them are complete crap, and maybe 1 or 2 are legitimate concerns... even when many items make no sense or are even counterproductive to implement.
What are the security concerns that you consider to be "complete crap" and "make no sense" and are "counterproductive"?
I am neither a Web designer or programmer nor am I a cracker. In many respects I'm just a typical computer geek who knows enough to stay out of trouble. I am wondering why these banks don't hire competent employees (or contractors) though. Some of the problems mentioned in the PDF seem very obvious to me:
Break in the chain of trust: Some websites forward users to new pages that have different domains without notifying the user from a secure page. In this situation, the user has no way of knowing whether the new page is trustworthy.
Inadequate policies for user ids and passwords
(i.e. email addresses for IDs and short crackable passwords)
E-Mailing security sensitive information insecurely
(I always found it BIZARRE that banks and its employees aren't trained to use PGP and the like for even large moneyed account holders and more sensitive information)
So now the police need protection from the police. The privacy issues which they seek to deny civilians in the pursuit of justice they will adamantly defend for themselves. Of course there is a difference between Managers and Employees, but the symbolism is striking.
I think one or two of twitter's sockpuppets got mod points today.
Although the parent post was expected to get a Funny rating (do to the bizarre modding I was eluding to), I am now starting to believe it: "Re:Unbelievable (Score:0, Offtopic)"
It must be some kind of awful to be that paranoid about people snooping on you.
It's only paranoia if the people who are trying to gain information about you aren't real. With me it's not just about security and privacy but it is about respect as well. The security issues should be obvious to people on Slashdot, although many programming languages like Java, etc have security features and measures built into their run-time framework they will almost always be defeated (or so it seems). But as I said and as I will emphasize the respect issue comes into play. If I wish to see a video then I will download it myself and watch it, and if I wish to click on a link I would rather know the URL that I'm going to beforehand rather than have it obfuscated by JavaScript. At least something like NoScript with FireFox gives a user a more explicit choice in the matter.
Slashdot Mirror
I remember reading somewhere (probably before the [populous] Internet revolution, I'm thinking early or pre-1990's) that astronomers changed the official pronunciation of "Uranus" to make the "a" in "Uranus" short or unstressed. This was done for obvious reasons.
From Wikipedia:
The preferred pronunciation of the name Uranus among astronomers is [jrns], with the first syllable stressed and a short a (rns);[34] this is more classically correct than the alternate [je.ns], with stress on the second syllable and a "long a" (rns), which is often used in the English-speaking world.
BTW: NO, I will not enable javascript. Fuck them. Like some Web sites insist that you can only view their content with Internet explorer, and some sites (a vast minority) insist that you can only view their sites with Firefox, I build my sites to test if Javascript is enabled, and if it is enabled then I give instructions on how to dis-enabled it so that they can view the content on my site.
Best regards,
UTW
That's the point. I shouldn't have to. It's lame if I can't view a site because of poor design philosophies or principles. Some people decide to have navigation JavaScript oriented to impress their boss or to look keen or to introduce exploits. Their is no need or excuse to have poor Web design.
I only see a black screen with some links to the side.
Are you seriously labeling email address as ID a security vulnerability? Usernames are not supposed to be sensitive data. That's what passwords are for.
First off; a username/ID is half of the security equation (the password being the other half); you can't have access without the other. It makes cracking at least twice as easy if you have both.
Second; Email addresses are easy to harvest, guess, crack, forge etc. I rarely use email and when I do it is mostly of a disposable and expendable kind.
Third: Using email addresses on multiple accounts makes you more vulnerable to
- spam (yes even by big "respected" companies). Whether it be through ignorance, malice or laziness companies, friends, etc will CC (carbon copy) their messages (instead of BCCing [Blind Carbon Copying] their messages), thus giving your email more and more potential to be found and harvested by spammers (who tend to be mainly crackers and criminals these days)
- There are also more points of failure (the more companies that have your email address (that is login ID), the more likely it is to get compromised)
- Also you are not only risking your bank accounts but your email address itself could be cracked thus leaving you even more vulnerable (as I will emphasize I avoid using email all together)
- Also companies that have poor security policies with user IDs and passwords probably have poor defenses in terms of network penetration and Web site login exploits (sql injections, etc) as well. Emails (login IDs and hashed/encrypted passwords) can and will be harvested through these exploits as well.
- It also exposes you to multiple attacks because once a cracker realizes a person is using an email address as a user ID they will deduce that this person is also probably using that same user ID on multiple accounts. Crackers see patterns in behavior and often exploit the most vulnerable.
In regards to PGP and the like I was referring specifically to email (which I think should have been apparent since I mentioned unsecured email in the quote that I was discussing).
As I've implied by my parent post I've applied "safe computing" to my Internet use for many years already. To me it is common sense. You don't have to believe me however, because much of what I have stated is in the PDF and has been noted by the experts.
They should fine and imprison those people who drive cars, motorized boats, snowmobiles, etc (largely unneeded and wasteful devices of leisure); as well as barbecues, and religion that exposes me to much more pollution than a finger long cigarette could ever create. And yes if we run propaganda campaigns in the schools and on television and radio long enough then I'm sure the populace will eventually be persuaded. People will go to extreme lengths to point out any alleged flaws of their political opponents but will be hypocritical in their own life style, behavior and politics. Sugar causes more illness and diseases than tobacco and yet I see no warning labels, restrictions, or extra taxes. I don't see candy banned from stores where children are allowed to have access. The reason for this is because people have a political fetish with "Drugs", and tobacco still being legal it upsets a lot of fanatics and evangelists of the Just-Say-No mentality.
Sometimes the majority or the cultural norms rule. That's life. No shoes, no shirt, no service.
What an arrogant thing to say. Your points are smug and self-aggrandizing. The "majority" and "cultural norms rule" phrases are the norm and not just sometimes. Unfortunately people will tend towards simplistic and authoritarian rules. This is the way the world is headed. The lowest common denominator political attitudes will survive like cock roaches. Simple, sad and depressing.
Fair enough but I'm not really thinking about rhetoric or persuasion. I'm thinking about purely logical arguments. I'm generally not interested in persuasion to begin with because I don't have anything to sell and people are generally too stubborn and stupid to think outside of their personal Weltanschauung.
I'm sure I could probably make better arguments in support of cannibalism than any detractors for example, but I doubt if I will persuade anybody that my arguments are in fact better. In this case I know I would have won the argument but my detractors would be too biased by their own prejudices to believe otherwise.
For something more historically significant Galileo Galilei won the argument (IMHO) that the Earth travels around the sun. In one of his celestial proofs he asked the Church to look through a telescope, whereby the Church declared that the telescope was giving them false information. So for me the Logic of a premise and its follow through is more important than mere persuasion.
"Lies, damned lies, and statistics" and "There are three kinds of lies: lies, damned lies, and statistics." Of course statistics don't lie, but magicians and con men often use science combined with the irrationality of a typical mind to believe (or perceive at least) what isn't true. In the end it's up to the audience to believe whatever their mind tells them to believe which is something I can ultimately not change (to any great degree) nor is it something I am personally interested in. If people truly believe the Earth is flat then it's not worth it for me to even bother arguing, and so it seems pointless for me to argue about what operating system sucks the most on a forum like Slashdot (I sometimes take the opposing view not to Troll but to point out faulty and biased reasoning).
In the end I may never become a Politician, a Manager, a Salesman, a Copywriter, a Public Relations person, a Customer Service Representative or any of the other types of dubious professionals that excel at the art of persuasion, but in my own simplistic way I will have peace of mind knowing that I am honest and true to myself. It's not much, but it's something important to me.
Best regards,
UTW
Winning an argument on the Internet is really hard...
Nope, winning an argument on the Internet is easy. Convincing your opponent that you've won is often impossible.
Sorry mate, I had no idea you had a Slashdot account.
Thanks for the info. I was highly skeptical of the data in the first place (as I would suspect most Republicans would be as well :)). I was alluding to the fact that IQ tests really only make sense when the population sample is similar in nature (age, education, etc... although I admit I'm no expert on the theory of IQ tests). Basing IQ tests based on large geographical areas or differences seems bogus to me.
Let's also assume that they have different physics and that FTL travel is possible and routine.
If "they" have different physics than us then they aren't from our universe. You'd not only be talking about intergalactic travel but inter-universe travel (assuming that there are things like parallel universes). And assuming these two things would be possible then one would also have to assume that their physics (that would control their being, like the strong force controls the atoms in our bodies) would be compatible with our physics. For example if these creatures lived in a one or two dimensional universe then how could they exist in a 3 dimensional universe?
There can be no doubt that intelligent life exists on other planets.
Without doubt there is only faith.
It is also clear that our government could do nothing but request assistance if confronted by a society that has intergalactic travel capability.
It appears that the aliens either refused to help your government or they have a bizarre and ironic sense of humour.
Nope,
He said supposedly real-life ET's were similar to the traditional image of a small frame, large eyes and head.
Sounds more than likely he bumped into Ross Perot on a dark night.
Ref:
http://uncyclopedia.org/wiki/Ross_Perot
You can read the stories on CBC. The CBC is controlled by the government, and will rewrite or remove stories as requested by the Calgary Police Department.
If the CBC will remove stories as requested by the Calgary Police Department then how can we read these stories on the CBC?
As a crown corporation, the CBC operates at arm's length (autonomously) from the government in its day-to-day business. The corporation is governed by the Broadcasting Act of 1991, under a Board of Directors and is directly responsible to Parliament through the Department of Canadian Heritage. General management of the organisation is in the hands of a President, who is appointed by the Prime Minister.
- Wikipedia (bold emphasis is mine)
I remember hearing the last 4 latest Prime Ministers stating that they didn't like what the CBC was reporting about them. Every new PM doesn't like the CBC. The corporation certainly isn't immune from political interference, but neither is anything else.
I don't know the validity of the claims this person has purportedly made against the police, but you claim that she lost in court. So either:
a) There was a conspiracy against this person by the Calgary Police, the CBC and the courts
b) This person had a bad lawyer
c) This person was talking shit on her Web site
d) Maybe you are talking shit
I don't know, it could all be true but you offer no evidence.
Just remember that 100 is the average IQ. There are as many on the bottom half of the bell as the top. If you need proof, spend some time in a grocery store. I'm actually surprised that some adults can tie their own shoes.
If the population sample that you are deriving an IQ from can't figure out how to tie their shoes then "100" doesn't really mean that much to me in the first place.
Before I get marked a Troll I will be emphatic in stating that this is not a slight to you or IQ tests in general, but rather I am stating that the concept of IQ (tests) does not necessarily mean intelligence but rather it means relative intelligence. It would be somewhat interesting if IQ stats could be listed by country or by state for example. The results may be dubious but entertaining. On that note I actually Googled "IQ statistics by State" just out of curiosity and I found this: http://chrisevans3d.com/files/iq.htm.
I wasn't sure if this was for real or just a satire. It's hard to tell these days. You offered no references. Then I double checked and noticed "BBC News April 2nd 2010".
It's scary when one can barely tell satire from real world events. It's too real. Your fiction and reality are barely separable.
However, it would seem that if you really want to be sure if a bank's Website is secure you would need to test it yourself with programs like nessus, etc.
Forgot the disclaimer, "Don't try this at home".
Of course the biggest question is, why doesn't the report list which banks fall in the 24% that didn't have any of the security issues they tracked? I want to know so I can switch.
Probably to prevent the bad guys from finding out what banks are vulnerable through the process of elimination. There are enough banking problems occurring as it is now. However, it would seem that if you really want to be sure if a bank's Website is secure you would need to test it yourself with programs like nessus, etc. I predict that 76% of the banks you scan for security vulnerabilities will not even realize they've been scanned.
You said,
There extra security in having hard to guess logins and passwords, but you're also making it difficult to the point of uselessness to make people remember endless amount of logins and passwords where they're just going to start writing them down on stick-it-notes at their work desk.
One can easily enough save a password with a password manager, or save a login straight from a Web browser or using something like Microsoft's newer CardSpace feature (available with XP and Vista). All these options are better than crackable passwords. If these aren't possible for something like work (if you decide to do your banking at work, which I wouldn't do for many reasons) then I would write down my ID and carry it with me. Having to be inconvencienced by one logon account would be worth it for me.
Various quotes from the PDF:
Presenting secure login options on insecure pages: Some sites present login forms that forward to a secure page but do not come from a secure page. This is problematic because an attacker could modify the insecure page to submit login credentials to an insecure destination.
Also:
Contact information/security advice on insecure pages: Some sites host their security recommendations, contact information, and various other sensitive information about their site and company on insecure pages. This is dangerous because an attacker could forge the insecure page and present different recommendations and contact information.
Also:
Login pages and options displayed on insecure pages leave users vulnerable to man-in-the-middle attacks.
Many times we will have some security firm come in and look at our public facing web site, and come back with a list of 25-30 items that are 'security issues'. Most of them are complete crap, and maybe 1 or 2 are legitimate concerns... even when many items make no sense or are even counterproductive to implement.
What are the security concerns that you consider to be "complete crap" and "make no sense" and are "counterproductive"?
I am neither a Web designer or programmer nor am I a cracker. In many respects I'm just a typical computer geek who knows enough to stay out of trouble. I am wondering why these banks don't hire competent employees (or contractors) though. Some of the problems mentioned in the PDF seem very obvious to me:
Break in the chain of trust: Some websites forward users to new pages that have different domains without notifying the user from a secure page. In this situation, the user has no way of knowing whether the new page is trustworthy.
Inadequate policies for user ids and passwords
(i.e. email addresses for IDs and short crackable passwords)
E-Mailing security sensitive information insecurely
(I always found it BIZARRE that banks and its employees aren't trained to use PGP and the like for even large moneyed account holders and more sensitive information)
- logons etc on insecure pages
So now the police need protection from the police. The privacy issues which they seek to deny civilians in the pursuit of justice they will adamantly defend for themselves. Of course there is a difference between Managers and Employees, but the symbolism is striking.
Parent post:
I think one or two of twitter's sockpuppets got mod points today.
Although the parent post was expected to get a Funny rating (do to the bizarre modding I was eluding to), I am now starting to believe it:
"Re:Unbelievable (Score:0, Offtopic)"
I think one or two of twitter's sockpuppets got mod points today.
It must be some kind of awful to be that paranoid about people snooping on you.
It's only paranoia if the people who are trying to gain information about you aren't real. With me it's not just about security and privacy but it is about respect as well. The security issues should be obvious to people on Slashdot, although many programming languages like Java, etc have security features and measures built into their run-time framework they will almost always be defeated (or so it seems). But as I said and as I will emphasize the respect issue comes into play. If I wish to see a video then I will download it myself and watch it, and if I wish to click on a link I would rather know the URL that I'm going to beforehand rather than have it obfuscated by JavaScript. At least something like NoScript with FireFox gives a user a more explicit choice in the matter.
Best regards,
UTW