Security Corner

May 4 2010   12:37AM GMT

Secure Computing: Harden Your Browser



Posted by: Ken Harthun
Tags:
14 Golden Rules of Computer Security
Browsers
Internet Explorer
javascript
Scripting
Secure Computing

ActiveX – probably the worst idea Microsoft ever came up with – isn’t the only problem with browsers even though its vulnerabilities are probably the most frequently exploited. If you’ve been reading this blog for any length of time, you know where I stand on that issue. That’s not to say that any of the alternatives are inherently more secure; they’re not. Every modern browser supports JavaScript and there are plenty of exploits that rely on it. That’s why it’s essential that no matter what browser you use, you make every effort you can to harden it against attack.

Why is this necessary? Unfortunately, most of the time the browser that comes pre-installed on new computers, the one that the computer owners will use, is not set up in a secure default configuration. This is one of the worst ideas ever when it comes to security. If I had my way, I’d set the default configuration such that warnings would be issued for any website that wasn’t built with simple, benign HTML. I realize this isn’t practical on today’s interactive Internet and it would break nearly everything out there today (except a site like this one, composed only of an image and some text with a hypertext link).

Fortunately, there are plenty of free resources (including this blog and my free eBook, “14 Golden Rules of Computer Security“) that have good information on what to do. The best one, bar none, is CERT’s “Securing Your Web Browser.” All of the details anyone needs to secure the major browsers – Internet Explorer, Mozilla Firefox, and Apple Safari to name the top three – are all there with general tips on what to do with virtually any of the others you may encounter.

Tell everyone you know about it. Make it part of the setup routine when you deploy PCs or set them up for your family. The Internet will be a safer place if you do.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: