Following are some suggestions for minimizing your security risks when surfing the Internet.
Change Browsers
Switch from Microsoft Internet Explorer to an alternative browser like Firefox, Amaya, or Opera (Camino or Safari for Mac OSX users) for these reasons.
- Internet Explorer is a very vulnerable browser. It allows many trojan-horses, worms, spyware and adware and other viruses through without the user doing anything wrong or knowing that anything has gone wrong.
- In June of 2004, the US Government's Computer Emergency Response Team (CERT), produced an article which advised users to stop using Microsoft Internet Explorer.
- In fairness to Microsoft, they have released patches for the more serious weaknesses in a timely fashion. However new flaws seem to spring up very often, and computers that have not yet applied patches are still vulnerable.
Disable Bells and Whistles
If you cannot switch browsers, then disable all of the bells and whistles for unknown websites.
- This means the fancy drop-down menus, the scrolling text, the fancy flash sites, etc., all go away. If you really cannot live without those features, then you can make your use of them safer with a little work. You need to make use of the "Trusted Sites" in Internet Explorer (I'm sure Firefox and other web browsers have something similar, but if you are not using IE then you can probably figure out how to find them!). Internet Explorer has several zones available (Click on Tools/Internet Options then click on the "Security" tab). Most websites are in the "Internet Zone." What you need to do is set the Internet Zone to a really high setting (i.e. HIGH) or customize the settings so that Java, JavaScript and Active X code is never run. Then, set the "Trusted Sites" to "Medium."
- When you have a website that you use often (f.g. webaccess.umail.ucsb.edu):
- Click on "Tools/Internet Options" then the "Security" tab.
- Click on "Trusted Sites" and then click on the "Sites" button.
- Uncheck the "Require server verificationâ" checkbox.
- Add the site by typing, without the quotes: "webaccess.umail.ucsb.edu"in the "Add this Web Site" field, then click on "Add".
- Click OK until you close all the windows.
- You may need to "Refresh (F5)" the web page if you were looking at it before doing this.
- By doing this, you ensure that if you get redirected to a hacker site or happen to click on a bad link (like when Googling), you won't get whacked by a client-side attack. Since most Microsoft products use IE settings, this should help with your other often attacked Microsoft applications too. It's more work, but once you start doing it, you'll get used to it and it will seem natural. Think of it as clutching your purse or watching your surroundings when you are walking in a bad neighborhood. You don't have to do it, but it's probably best to.
Things to Avoid
- Don't load non-essential programs off the Internet, especially things like toolbars or search bars, screensavers, or audio or video programs. These programs frequently install additional, malicious software ("malware") that causes problems and often requires a rebuild to remove effectively.
- Don't click on anything in a pop-up, except the X in the upper right corner that closes it. Clicking on the "No, thank you" button often triggers an unwanted installation.
- Don't click on unsolicited links received in email, instant messages, Web forums, or chat rooms, as it might install malware.
More Safe Browsing Tips
Click the links below for more safe browsing tips from US-CERT.gov.
Additional tips for web surfing safely can be found at Stay Safe Online and OnGuard Online.
Back to Guide Index
ETA