ZD Net runs through the instructions for securing Internet Explorer from exploits and drive by downloads. The advice largely relies on disabling Active Scripting which is fair enough as this is way most malware gets on. The problem with this advice is that takes most functionality from IE.
Many secure sites, such as banks and stockbrokers, need Active Scripting to run properly. This is why those sites often don't work with Firefox, Safari or Opera.
To get around this, the advice is to add the secure sites you want to your trusted user list. There's a number of problems with this.
The first is many sites aren't consistent in their domain names. Your bank's online transaction site might have a completely different address to their main name. To further complicate things, the login page might be completely different to everything else.
A further problem is the risk that even trusted sites can be compromised. The Sydney Opera House fell to this and a number of Italian sites have hacked recently. So you can't necessarily trust trusted sites.
The final, and telling blow, to this advice is that Active X is not the only way to get infected. If you've been infected through another avenue, then you'll be in trouble anyway. What's worse some of the better spyware is watching as you type your password.
The best solution in my view is to surf the net in a restricted user profile. That is, a profile that doesn't have the rights to change the system settings or install anything new.
Spyware is the biggest problem facing Windows users. The reason for this is the total access most users have as administrators. By running as a limited user, you stop those problems.
Thursday, June 21, 2007
Subscribe to:
Posts (Atom)