Reply to comment

Safe Browsing Tips

This article is intended to be a brief, concise, guide for beginner and intermediate web users regarding safe browsing habits and tips. You may also want to check out the Private Web Browsing article as it does go hand-in-hand with safety.

Please note that nothing will make your browsing completely safe and secure. If your computer is connected to the internet and someone wants to get into your computer, given enough knowledge and time they can.

This guide will give you a few tips that will make your browsing safer and generally make the work for a bad guy to get into your computer difficult enough that they will simply pass on you and opt for someone a bit easier.

Safe Browsing Tips

  • The browser you use is very important. You may be used to one browser or another but it is well worth it to learn another if yours is not safe. For the last two years Chrome has lead the pack in regards to safety with Firefox very close behind. Microsoft's Internet Explorer is generally not even in the ballpark and has consistently been there for the last 5+ years. The reason has two parts:
    • IE is the most widely used browser, so if a bad guy knows how to hack into it he can hack more people
    • Microsoft is very slow to update their browsers to newer, better technology standards. I dont mean they are slow to patch their browser, I mean they are slower at addopting new security standards (think sandboxing). Chrome and Firefox adapt much quicker which means they can impliment better security practices quicker and this also makes a fast moving target for hackers as they address vulnerabilities quicker
  • Use browser extensions. Nearly all webpages have things embedded within them to track and monitor your usage of the sites you visit. Generally speaking, the things embedded within the pages are safe, but this is one of the most common things hackers target to get your data. There are 3 extensions everyone should use which will make your browsing much safer:
    • NoScript - noscript simply blocks javascript on a webpage until you 'allow' it. Javascript is by far the most used tool by hackers to get at your information. NoScript simply blocks the script until you tell it to allow it. See the link for a full article on NoScript.
    • Ghostery - ghostery is similar to NoScript but rather than blocking JavaScript it blocks common / known bad things on the internet such as cookies from sites that are known to be unsafe. See the link for a full article on Ghostery.
    • AdBlock Plus - adblock plus is similar to Ghostery but primarily blocks ad related tracking items. See the link for a full article on AdBlock Plus.
  • Disable Unused Features / Items. The extensions above block common exploits which often exploit features of your browser that you do not even use. A quick and easy way to avoid the problem is to simply disable these features. Most users can disable the following features and find little to know impact to their web experience:
    • Java - most browsers come with a plugin for Java, generally speaking most user do not need this. If you use websites that require java you probably know enough about it to know to leave it on or turn it off and on when you need it. The average user should be able to disable Java and not see any difference. To do this in firefox simply go to: Menu > Tools > Addons. Select the Plugins tab in the left menu and you should see Java listed there. Select it and choose to disable it. If you need it back on simply enable it.
    • Flash - a lot of sites use flash, more are moving away from it and opting for HTML5. I suggest to turn on Flash until you need it and simply turn it on when you need it. To do so, go to Menu > Tools > Addons. Select the Plugins tab again and Disable Flash (often listed as Shockwave Flash or something similar). If a page you try to visit complains about needing Flash or the need for a newer version simply re-enable flash and you should be good.

Summary

Although Chrome tends to lead in security, I choose and recommend Firefox due to its openness, security and bug related history, and privacy policies (see privacy article for more info). Most of the features I mentioned above are available in all browsers with exception to the Extensions. The extensions I listed are available for firefox and I believe most are available in Chrome as well.

If you would like more information about safe browsing and safe computing I highly recommend the Security Now podcast which is a weekly podcast that does a great job of discussing safety and security related items.

If you have any questions or comments feel free to leave a comment and I hope the information is useful.

Reply