Browse safely using Internet Explorer or Firefox
The second of my three-part update of the 10-Step Security story I wrote three years ago shows that some tech advice stands the test of time. (A post earlier this week freshened up tips one, two, and three from that story, which focus on Windows updates and security features.)
Step 4: Ensure that you can see file extensions and all Windows system files in Windows Explorer and folder windows.
These days, you're less likely to encounter a dangerous executable file masquerading as a harmless type of file, but viewing file extensions and hidden files remains a good idea. The steps in the original article for making this change in XP are the same in Vista's version of Windows Explorer, though you may have to press the Alt key to show the Tools menu.
Step 5: Set the security level of Internet Explorer's Internet zone to High.
There's nothing stale about this advice. Of course, you should now be using IE 7 rather than IE 6, which is much less secure than its successor. The steps to reset your Internet zone security level are a bit different in IE 7: click Tools > Internet Options > Security, choose Internet in the box of zones at the top of the dialog box, move the security-level slider to High, and click Apply or OK.
Set Internet Explorer 7's Internet zone security level to High.
(Credit: Microsoft)As the original article stated, this security level will generate pop-ups whenever you try to open a site that's not on your approved list. To add sites to this list in IE 7, choose the "Trusted sites" icon in the zone box at the top of the Security dialog box, click the Sites button, type the site URLs in the top box one at a time, and click Add. Keep the option on the bottom to require server verification unchecked.
Add the sites you trust to Internet Explorer 7's whitelist.
(Credit: Microsoft)Step 6: Use the NoScript add-on to block scripts in Firefox on a page-by-page and element-by-element basis.
Of course, the simplest way to improve your chances of staying safe on the Web is to use a browser other than IE. I'm not saying Firefox, Opera, and other browsers don't have flaws of their own. It's just that those programs aren't targeted by the bad guys as often as IE is.
Giorgio Maone's NoScript add-on for Firefox lets you decide which scripts are allowed to run before the page loads. NoScript was relatively new back in 2005 when that article was written, but the program has stood the test of time. Note that the program's author accepts donations to offset the cost of maintaining and updating the application.
Another option for blocking Flash content in Firefox is by using Nicolas Martin's Flash Killer add-on. Apart from ensuring that no malware finds its way onto your PC via a Flash file embedded on a Web page, the program speeds up your browsing by blocking Flash ads from loading along with the regular content of the page.
In my next post, I'll revisit the last four tips in 10-Step Security, which deal with e-mail safety.
Dennis O'Reilly has covered PCs and other technologies in print and online since 1985. Along with more than a decade as editor for Ziff-Davis's Computer Select, Dennis edited PC World's award-winning Here's How section for more than seven years. He is a member of the CNET blog Network, and is not an employee of CNET.
I would also be hesitant to suggest NoScript. So much of the web uses JavaScript now that it is almost impossible to enjoy the appropriate experience when it is disabled.
-
by interestorx
December 19, 2008 8:36 PM PST
- Using Firefox, I uninstalled flash long ago. I did it to have a less hyperactive browsing experience. It is relieving to not have every corner of my screen strobing inane worthless ads at me. I keep an old version of IE on my computer if I have to see something on youtube, which I enjoy, or if I have to go see some loser's flash-only website. I recommend this setup.
-
Reply to this comment
-
(4 Comments)