Free Computer Courses Training Tutorials Intelligentedu.com Home  ->  Learn About Computers, Software Development & Information Technology  ->  Table of Contents



Chapter 14: 
Securing Your Browser


 

Introduction to Web Browsers

Have you ever accidentally typed in the wrong URL and all of a sudden a strange search engine-type website came up. Then, that website just wouldn't go away. It became your homepage,and every five to ten minutes your computer would automatically go back to that page. Tons and tons of ads opened on your computer and there was seemingly nothing you could do to make it stop? Then you have been the victim of browser hijacking.Although this won't destroy your computer, or allow others to see your personal files, it is still a gross invasion of your time and space as well as a huge inconvenience. In this chapter, we will look more closely at this phenomenon and how to protect your computer from browser hijacking.


What is a "web browser"?

A web browser is a program that let the user navigate and interact with information available on the Internet. A web browser uses the HTTP (Hypertext Transfer Protocol) to request of the websites over the Internet. When a user clicks on any link on a web page, a request id being made. The browser sends this request and address of the computer to the server that contains the information. The server replies by sending the requested information to the browser, which is identified by the computer address of the user. The web browser then translates the information to the format that can be read by the user.

Accessing Internet via browser uses 'client server' architecture. While the client side of a communication involves the operations managed by the web browser, the 'server' side of the communication includes functions or programs that run in the computer that sends the web browser on user computer the HTML files for display. This computer sending HTML files to the user's web browser is called a web server. So, it could be said that a web browser is nothing but an interface between the user and the web server.



Major Web Browsers & Their Features
Microsoft Internet Explorer

The Internet Explorer, or Exploder as it is sometimes called, is the web browser by Microsoft, which came into being in 1995. Code-named Chicago, Windows 95 was developed in tandem with Internet Explorer 1.0. Version 2.0 of Internet Explorer introduced emerging Internet technologies, such as Secure Sockets Layer (SSL), HTTP cookies, RealAudio, Virtual Reality Modeling Language (VRML) into the marketplace. In the summers of 1996, Microsoft released the next version, IE 3.0 which became an overnight sensation. It included features that support video and audio multimedia, Java applets, cascading style sheets, and Microsoft's ActiveX Mind controls. In 1997, Microsoft released IE 4.0 that was fully integrated with Windows 95, Windows NT and Windows 98 (released later). IE 4 was so popular that during the first 24 hours of its release it was downloaded once every 6 seconds. By the time IE 5.0, in 1999 and IE 6.0, in 2001 were released, Internet Explorer was the clear leader in the browsers market facing almost no competition at all.

The current version of Internet Explorer, IE 6 includes many enhanced features and supports aspects of CSS2, HTML4, JavaScript and Dynamic HTML. Users can also view MP4 streaming video files, use MP3 and other audio add-ons using this browser. Internet Explorer 6 Service Pack 1 (SP 1) is latest update to Internet Explorer 6.

Features of Internet Explorer 6:

Web Privacy: Provides protection to the privacy of the user and allows controlling the personal information that websites collect about the user.

DHTML Platform: IE 6 provides DHTML features to build a powerful user interface for web based applications.

Full CSS Level 1 Support: Provides full support for Cascading Style Sheets, Level 1 (CSS1) including borders, padding, and margins which are now supported for inline elements.

Content restricted IFrames: IFrames display HTML content to provide Web-based e-mail applications or build browser applications. Developers can make it more difficult for malicious authors to launch e-mail or content-based attacks that catch users unaware.

XML: Includes support for Microsoft XML (MSXML) 3.0, providing better performance and up-to-date XML standards support.

Fault Collection: Enables users to extract information about an Internet Explorer problem and upload the data to Microsoft for analysis. This information can help identify potential issues Microsoft needs to address in future Internet Explorer Service Packs.

Image Toolbar: Allows user to quickly and easily save, e-mail, and print pictures from the Web page, as well as view all the saved pictures in the My Pictures folder.

 

Security Features

The Internet Explorer web browser offers a number of features, which helps to protect your privacy and make your computer and your personally identifiable information more secure.

The Privacy features of Internet Explorer allow you to protect your personally identifiable information by helping you to understand how Web sites you view may be using this information. It allows you to specify your settings by determining whether or not you want to allow Web sites to save cookies on your computer.

Internet Explorer's Privacy features include:


Security settings

Preserving the security of your computer when you browse the Web is a balancing act. The more open you are to downloads of software and other content, the greater your exposure to risk, for example, the risk of downloading software that could damage your data. However, the more restrictive your settings, the less usable and useful the Web becomes.

The security features of Internet Explorer aim to strike an effective balance. When you first install Internet Explorer, it corrals all Web sites into a single zone, which is known as the Internet zone and stands guard with a medium level of security. This helps you browse securely, but should prompt you before downloading potentially unsafe content.

Internet Explorer also offers three other zones, including Trusted and Restricted zones, to which you can assign Web sites that you trust completely or that arouse your suspicion. For example, you might put well-known entertainment or shopping sites in the Trusted sites zone with its low levels of security.


Netscape Navigator and Mozilla

The Netscape Navigator allows you to access all major Internet resources with a single, easy-to-learn graphical user interface (GUI). With the help of Netscape Navigator you will be able to browse information on the web and conduct secure electronic commerce easily on the Internet. All the features of Netscape Navigator are common and work across Windows, Macintosh and UNIX environment.


Features of Netscape Navigator and Mozilla:

Enhanced bookmark interface. This feature provides a drag-and-drop, folder-based interface for storing and accessing your favorite Internet sites. All the users are allowed to drag and drop links from any Web page into the bookmark window and arrange them according to their needs.

Improved FTP interface. This feature provides the user with greater feedback on the status of an FTP download, it allows you to route the file to a particular destination, and also holds the ability to perform multiple downloads simultaneously.

High Performance. Initially Netscape Navigator was designed from the ground up for low-bandwidth (14.4k bps) environments. As a result, it offers excellent performance. Some of the methods that enhance performance include:

Open Standards And Interoperability. Netscape Navigator offers an integrated network browsing solution for corporate or personal use, regardless of the specific requirements:


Security Features

The Netscape Navigator web browser uses the open Secure Sockets Layer (SSL) protocol and RSA encryption technology to enable commerce and secure communications on the network. This multiprotocol security method is currently implemented to provide secure versions of NNTP (news) and HTTP. Major Internet venders, financial institutions, and certification authorities have adopted SSL. It provides:

  1. Server authentication, it verifies the identity of the server through a certificate and a digital signature

  2. Encryption, it ensures the privacy of client/server communications by encrypting the data stream between the two entities

  3. Message integrity, it verifies that the contents of a message arrive at its destination in the same form as it was sent.


 Security settings

Netscape Navigator allows you to set your cookie preferences by using the cookie manager in order to specify how cookies should be handled. It provides you the following options:

  1. Enable all cookies: If selected, this will allow all web sites to set cookies on your computer and receive them back during subsequent visits.

  2. Enable cookies for the originating web site only: Foreign cookies are not accepted or returned. Cookies received through email are treated as foreign cookies.

  3. Disable all cookies: Choose this to refuse all cookies. If you want to be notified when a web site tries to set a cookie, select "Warn me before accepting a cookie."

 

Opera

Opera is a user-friendly, fast and versatile Internet/Intranet browser that also includes a newsreader. Keyboard is considered to play an integral role in surfing, which can make moving around the Web easy and fast. Multiple windows can be run even on start-up, and special features are included for users with disabilities. Opera also supports CSS, Java, JavaScript SSL (128-bit), TLS (Transaction Layer Security), and more.

Other features of Opera includes:


Security Features

Opera has been named the most secure browser available, and for good reason. It natively supports a wide range of security protocols and methods; indeed, Opera is often at the technological forefront. Unlike Internet Explorer and Netscape Communicator, whose security loopholes are detailed in periodicals on a regular basis, Opera has been designed from the beginning with security and privacy in mind. Its common security features are as follows:

  1. Strong Encryption

  2. SSL and TLS

  3. Authentication

  4. Certificates

  5. Security Password

  6. E-mail Security


Security settings

Security settings of your Opera browser can be changed to comply with your Internet security wishes. Although they might appear confusing and daunting at first, most settings are actually easy to figure out once you have a little bit of background information, and should present no major obstacle.

Opera allows you to manually select the encryption methods you wish the browser to be able to make use of. This is the menu in which you configure the SSL v3 and TLS 1.0 protocols. The reason these two technologies share the same menu is that they are too closely fitted to be split up.

 

Securing Web Browsers

The first thing to know about browser hijacking is how it happens.Most of the browsers available in the market are vulnerable to one or more security issues. Most of these issues are the result of design flaws (such as the Cybersnot, MIT, UMD problems), while some are bugs and others the result of third parties such as the Java security problem reported by CNet. 

Basically you are at the mercy of the hijacker and its 'scumware'.Sometimes you don't lose control of your browser, but that does not mean there is nothing wrong.� 'Spyware' could have been installed on your computer, and the hijacker could be watching your every single online move, including the sites you visit and the passwords you punch in.

Fortunately, there's a lot of software available to help protect your browser from being hijacked. To name a few, there's Browser Hijacker Blaster, Guard-IE, IE-Spyad, Spyware Blaster, and Setting Sentry.� For more information, please see Chapter 17, Spyware.

Here are several things you can do to keep your browser from getting hijacked in the first place.

  1. Tighten your browser's security settings.Most browsers have security options built in as detailed above in this chapter.� This web page will help you find out how to more fully tighten security on your browser.

  2. Install the latest security fixes from Microsoft as often as possible.I don't know if I will ever get tired of saying this.For the security of your computer and your own piece of mind you must install the latest upgrades as soon as Microsoft or the company in question, sends them to you.� 

  3. Install some of the software referred to in Chapter 17. Like in all aspects of computer security, it is important to layer, to not just rely on one security piece to totally protect you.Installing the appropriate software is just one step in keeping your browser safe, but it is also one of the most important.

In addition, accessing your e-mail using a Web browser is also considered to be a major security threat. Once you have initially entered your Exchange server password, access to your mail account remains open as long as the browser session itself remains open. To prevent anyone reading your mail messages, you should always remember to close the web browser once you are finished reading your e-mail, especially if accessing your e-mail from a public terminal.





 

Copyright 2006 by DeepSearcher Inc. - All rights reserved