Web Browser Security
Before you can accurately configure your Web browser's security, it is important to understand what some of the functions and features are that can significantly compromise the security of your browser. If you know what some of these are, and the potential risks they have on your browser's security, you can make informed decisions as to what features to enable and disable without sacrificing security.
Cookies
Cookies are files that are created by websites that you have visited. They contain various types of information with regards to the types of sites you frequently visit, your surfing habits, and even data related to accessing a website. There are cookies that are cleared when you close the Web browser and then there are cookies that remain in your computer until they are deleted by the PC user.
It is possible for an attacker to access cookies to obtain information about you, your access to websites, and what websites you log into. This is the reason your Web browser contains a feature that allows you to enable and disable the cookie function.
Plug-Ins
Plug-Ins such as Adobe Flash, are used to enhance the Web browsing experience. They are used solely for the Web browser and can contain vulnerabilities that are separate from your browser. Like vulnerabilities in Web browser design, there can also be vulnerabilities in the design of Plug-Ins that are left open to trojans, worms, and other types of malicious attacks.
ActiveX
ActiveX is primarily used by the Internet Explorer Web browser and is a technology that permits certain applications such as components from a website to be used by the Web browser. ActiveX can be pre-installed on your PC or some websites will offer it as a download to enhance the browsing experience.
Like other browsing enhancements, ActiveX contains its own vulnerabilities. Although it is designed for the Internet Explorer Web browser, it can also accompany any Windows download that you perform. Although the download may not be designed to be used in a Web browser, it can still be attacked via Internet Explorer.
JavaScript
JavaScript is a tool that is used to increase user interaction with websites. It is created through a scripting language and allows website publishers to create programs that allow their visitors to interact more with the website features.
While JavaScript creates some great website interaction it also opens up vulnerabilities to be exploited by attackers such as allowing them to interact with site trust relationships, breaching anti-virus detection systems, exploiting the security models on website domains, and other acts with malicious intent.
Most Web browser security systems contain tools that you can configure to control the actions described above. Although each PC user's surfing habits are different, if you know what these tools are you can make an informed decision regarding your Web browser security configuration settings.
Post a comment