what scripts does /j/ recommend with tampermonkey?
>>8781Hotpocket helper is kino >>7036I also use https://greasyfork.org/en/scripts/28486-tripcolor and https://ponepaste.org/raw/683
>>87814chanX, HPH, Oneechan, "4chan External Sound" or other sound scripts and there's more scripts you could get online.Without going super deep into any one thing, if the script was made by someone who's adversarial to our moderation it's safer to run it in a completely separate environment from any janny shit (namely a separate browser, some schizos use virtual machines but that's a nuclear option to a problem that geriatrics easily solve on a daily basis by accidentally installing multiple browsers on their machines [and then asking you to remove them]). With that said it's entirely possible to neutralize MOST if not all attack vectors by editing the script's header or auditing the code for spooky shit, most importantly, doing all of that AND NOT POSTING will also go a long way in preventing ANY FORM of communication with the outside world if the script did manage to sniff you out as a concierge sans salaire. So keep in mind what it says it does, what it actually does and what you want it to do.Too retarded to read code? No problem!>Don't want scripts to run on janny stuff?Remove/edit @match and @include or add @exclude for certain domains (actually check if the websites listed are the actual websites you think they are, don't fall for gmaiI.com tier shit [that was an uppercase i, not an l]).>Don't want scripts to talk to spooky websites? Remove @connect (definitely remove "@connect * " [which means "connect all " in plain English]), check what websites the script wants to access before clicking any pop-ups like an ADDfag or block those websites in the script's exceptions.>Don't want your scripts doing spooky shit? Remove @grant, namely unsafeWindow, look up what the others do if you're ever in doubt.>Don't want to place your trust in some faggot that might maliciously edit the code down the line? Remove @updateURL.
>>8783I'm mostly writing this because:1) The userscript enjoyer experience is the superior moderation and end-user experience;2) I can't agree with some people outright saying that you shouldn't use any userscripts even on VMs out of ignorance and even others who'll say to only use them on VMs or separate browsers only (again, some of these SHOULD be used this way, especially those written by malicious actors, but not all of them);3) Rather than our opsec policy being "don't do X" it should probably be "you can do X, here's how to safely do X, here's our homegrown safe copy of X you can use with most of the dangerous shit already neutered out". I'd even go so far as saying that maintaining and distributing safe versions of the most popularly user scripts should be done and there's definitely a lot of janitors that use them and have an interest in digging into these even the ones that people think might be malicious, so more eyes on something is better than no one looking at it and everyone just nodding along with one person saying "okay well there's like 20k lines of code so I'm not reading all that shit, let's say it's malicious forever". For example, I don't believe that PEE is malicious because ~15K of those lines of code are actually publicly available libraries and the actual portion of code written by the guy did not seem to be doing anything malicious, the permissions of the script were the actual biggest offender but they seem to be set for functionality rather than malicious intent, so upon removal of said permissions it should be safe to lurk with (THIS IS NOT AN ENDORSEMENT TO USE THIS SCRIPT WITHOUT A SEPARATE BROWSER OR A VM). Point being that we shouldn't be as lazy to say that something is malware forever because that'll actually stifle our understanding of it and how to combat newer versions of it.
>>8781does anyone have a one click ban for [reason] script? there is a serial evader that shows up from time to time and i'd like to make my job a little easier
>>9087It's called keyboard shortcuts, you click the button, press 9 and enter.
