Improve your browser’s security and privacy in 5 steps

No matter which source for statistics you take, all agree that the most used browsers are Chrome, Firefox and Internet Explorer.

ie_7Google Chrome Logofirefox

 

There have been many studies and tests done to find out which is the most secure of them.

However, the tests are able only to show how each browser is matching a set of fixed tests, usually called “security baseline”. And that baseline changes radically every month.

No browser is 100% bulletproof even if some browsers fix the security vulnerabilities faster than others.

Here is how you can make your browsing experience better. “Better” in this context means more secure, more private and maybe even a bit faster (indirectly).

 

1.  Keep the browser up to date

This is the first step in hardening the browser because a vulnerable browser can be exploited by just visiting certain websites without you knowing anything.

Always allow the automatic updates and install them as soon as they are available. In case of uncertainty, install free tool that monitors your software for vulnerabilities. Read more about this here.

 

2. Increase the built-in security of the browser

This is the second step in hardening the browser and can mean a lot of things:

  • configure to reject third party cookies
  • deactivate the plugins that you usually don’t need, like: ActiveX, Java, Flash and so on.
  • enable the already built in anti-phishing and anti-malware protection
  • configure the browser to send a “Do Not Track” request with your browsing traffic
  • whenever possible, deactivate active scripting. Be aware though that some websites will simply not function without scripting (especially Java Script).

In Internet Explorer many of these settings can be set up by choosing in Settings the “Security” and “Privacy” levels to High.

  • Turn on the built-in popup blocker
  • Disable any old-school toolbars that don’t bring you any kind of benefit (do you really need to see the weather or have a translator at hand all the time?)

 

3. Choose careful what plugins you install

The plugins or addons are a very powerful mechanism to easily extend the functionality of the browser. But, having so much power comes with the other side of the coin as well. There are many plugins even in the official browser stores which are either malicious or have very big security and privacy issues. The worse part is that for the normal user these issues are not visible until it is too late. Always keep in mind that a plugin has full access to everything what you click and see in the browser. Yes, including everything that you browser over encrypted connections. The plugin resides in the browser, and it has access to what the user sees. So, the content is already decrypted and there is absolutely nothing that can prevent a malicious plugin to send everything (bank information, personal data, etc.) to a certain internet address.

Always have a look at the ratings given by other users before you install an addon. Also, keep an eye on the permissions requested by the addon as well. For example, if an instant messaging addon requires access to all your URLs, this might be suspicious.

 

4. Install security and privacy plugins

There are some addons which improve your security by doing some filtering on the URLs that you visit or even dynamically analyze the content of the webpages.

If you prefer to choose the extensions by yourself, here is a longer list to prevent tracking and here to prevent advertising.

You should also give Web of Trust (also known as WOT) a try as it is based on crowdsourcing and promises an independent view on the status of the URLs.

 

5. Force the usage of SSL whenever possible

Addons such as HTTPS Anywhere try to choose the HTTPS connection over the HTTP one whenever available.

 

All these and many more topics are in the free eBook "Improve your security" available here: www.improve-your-security.org.

About the Author

ImproveYourSecurity
Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since 2000 in the IT Security industry and until 2014 for Avira as Product Manager, where he was responsible for the known products used by over 100 million users world-wide. Serving the security needs of so many different users made him think that there are other ways of to help the users: teachning them about security.

Comments are closed.

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close