Roles Of Information Security In Web Browsing
In the present day, many people depend on the Internet for just about everything. Whether it is shopping, looking for information or directions, social media, pay bills and more. Basically it is used for everything, but what the basic user does not know is that the web browser that they might be using isn’t secure. Many people buy a laptop, plug in the power cord, connect to the Internet and they are on there way browsing the World Wide Web. They don’t make any security settings to their web browser, just using the default settings. What they don’t know is that they are leaving their web browser vulnerable for attacks and exploits. That’s were I come in, I am going to discuss the different ways in which web browsing has become secure, the different ways exploits that are being used attack users. I will also talk about the different web browsers and the various security features they offer. Finally, I will give my opinion of which browser I would recommend to my friends, family, and peers. By the end of this article, readers should have an in-depth understanding of web browser security and vulnerabilities/exploits.
What is a Web Browser, and what makes it secure? According to itsecurity.com, a web browser is “a software application that allows the user to view and interact with content on a webpage, such as text, graphics or other materials.” A web browser makes access the Internet literally, one click of a button (maybe, a double click if you use windows). So, what makes web browsers secure? Is it the little lock you get on the top corner of the address bar, or is it the green website certificate that appears? Does security patches and plug-ins really help secure a users web browser? In most cases, security patches updates and security plug-ins can help secure your web browser, but it still doesn’t mean that you are out of the clear for exploits and attacks.
Writers, Dübendorfer Frei and May M. Olimann conducted a recent study, and they found that “approximately 45% of people surfing the Internet were not utilizing the most secure version of their web browser”. This is an astonishing number, when you think that half of the Internet users are not using secure versions of their browsers and the number of hackers that are out there preying on novice users. Users that don’t know that a web browser is like software and it to needs security patches that are vulnerable to attack and exploits. Although most web browser attacks are from “not-trusted” websites, now attackers are exploiting bad security coding, in which, they have had a great deal of success in compromising some trusted websites. One of the various ways hackers do this is by, adding some scripts into the website’s source code. A script that does not change the appearance in anyway, shape or form. These scripts can do various things including, a redirection to another website, tracking and storing cookies and more. When a user gets redirected to another website, they could be downloading dangerous programs/applications to their computer without knowing. According to itsecurity.vermont.gov/threats/web_attacks, they noted that, “April 2008 Panda Labs, a computer security and anti-virus publisher, announced that more than 280,000 web sites had been altered to redirect computers to malicious websites which would attack them in a variety of different ways”. Thus, making it really hard for the average user (who is using IE that is not updated) to be able to be able to distinguish between a trusted and non-trusted website. And hackers aren’t just stopping there; they are getting better and more advance. They are beginning to more to new means of hacking like, smart phones, not just the average desktop or laptop. Some other ways hackers are exploiting certain web browsers are insider attacks, bots, spyware, and web applications exploits.
So know I bet you are wondering what do you have to do to secure your web browser. Well first, maybe make the switch from Internet Explorer to any other browser, except Netscape. Just that step alone could help out with your web browser security. But if you don’t want to make to switch or if you have one of the other web browsers, you could always keep your browser updated by using the latest patches and plug-ins. And not only by keeping your web browser updated, you have to keep your operating system updated with the latest updates. Your antivirus software should always be updated, and applications like MS Office, iTunes, and others should also be frequently updated with the latest version. Make sure that you have a firewall installed. A firewall that is installed in between your CPU and the Internet can help with limiting attacks and traffic that comes in and out of your network. Also, you would need to edit your browser’s security settings. This can be one of the easiest things to do; you could disable Java, JavaScript, and some ActiveX controls. Also, edit your privacy, pop-up blocker and content settings. All of these steps and changes that I stated above could help you secure your web browser and your overall secure experience on the Internet.
Now it is time to evaluate some of the web browsers. I am going to evaluate 5 web browsers (Firefox, Google Chrome, Opera, Internet Explorer, and Safari), in which, I am going to go over some background information and some of the security features that each browser can implement. First, lets start of with Mozilla Firefox. Mozilla Firefox is an open source software project; it offers customizable themes, personas, and add-ons. Since Firefox is open source, it means that online security researchers are always involved in fixing bugs and security. They mention on their website, that user should keep their version of Firefox up to date. That they automatically will tell you when that update is necessary, and they also suggests that users update their plug-ins using their new tool that detects outdated plug-ins. Firefox lets its users do private browsing, which is really effective if you want to do online banking using a shared/public computer.
Next, we will look at Google Chrome, which uses a Webkit layout and application framework. It does download updates for phishing and malware. It has multilevel security. Chrome also has a private browsing feature called, Incognito, in which, prevents the browser from letting the website know you were there. Things like, preventing browser history, and cookies.
Opera is a web browser, as well as an Internet suite. It has a lot of features and can run on a variety of platforms including, Windows, Mac OS X, Linux, FreeBSD, Solaris, and the iPhone. Opera security features include, encrypting data in either TLS or SSL 3, deleting private data, also checking the blacklist for phishing or malware.
Now it is time to look at the infamous Internet Explorer. Most of us know by now that IE comes installed on basically every PC now, and that it is the most used web browser on the market. Why do so many people use IE? It has been know to have many problems with its past versions. So what makes this new version better? Microsoft says that IE 8 has a new way to protect against phishing and malware, and their new Smart Screen Filter does that. It also implements Cross Site Script Filtering, which detects malicious code on websites that may be compromised. And, it also implements private browsing. Since, IE is the most commonly used web browser, it is common that their bugs and defects are detected quicker and easier by hackers, since it is used so much more.
Finally, we are going to review Safari. Apple developed Safari. It is said on the Apple website that Safari has 150 features, and some of the security features are, phishing protection, safe downloads, parental controls, private browsing, pop-up blocking, secure encryption and standard-based authentication, just to name a few.
Now after listing all of those features for those five web browsers, I know your wondering that they all sound like they listed the same thing. The fact of the matter is that they did list very similar features, but to me there is a clear-cut better browser. In one of my senior level classes we did a lab, which consisted of four of these browsers in a typical man-in-the-middle attack. And, when the attack was happening or not happening it was clear that Firefox was correct each time. It gave security warnings and described why it gave the warning, allowed the user to be able to see the certificate and wouldn’t let you connect to the webpage unless you click “yes, I understand the risk”.
So I hope that this article motivates web browser users, whether using a desktop, laptop, or Smartphone, to take one second and make sure that you are browsing the Internet in a secure manner. And, not just make sure that you changes some settings, sometimes it take a different type of change, maybe even to a different web browser. There are many hackers out there that are finding new ways to exploits novice and intermediate users using vulnerabilities in web browser. So make sure that your web browser are update, and your OS
Work Cited
Frei, S., Dübendorfer T., Ollmann G, May M., “Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the ‘insecurity iceberg’ “
“Chrome – Learn about Chrome.” Google. Web. 19 Apr. 2010. .
“Firefox Browser | The Safest Web Browser | Free Download.” Mozilla | Firefox Web Browser & Thunderbird Email Client. Web. 19 Apr. 2010. .
Greene, Tim By. “Hackers Increasingly Target Browsers – PCWorld Business Center.” Reviews and News on Tech Products, Software and Downloads – PCWorld. Web. 19 Apr. 2010. .
“SANS: Top Ten Cyber Security Menaces for 2008.” SANS: Computer Security Training, Network Security Research, InfoSec Resources. 9 Jan. 2008. Web. 19 Apr. 2010. .
“Storm Worm Is Basis for Most Cyber Attacks, Says IBM – 14/02/2008 – Computer Weekly.” ComputerWeekly.com | Information Technology News & UK IT Jobs. Web. 19 Apr. 2010. .
“Web Browser Attacks | Information Security.” Welcome to IT Security | Information Security. Web. 19 Apr. 2010. .
“Opera Web Browser | Faster & Safer | Download the New Internet Browsers Free.” Opera Browser | Faster & Safer Internet | Free Download. Web. 19 Apr. 2010. .
“Security in Internet Explorer 8 | Safe Web Browsing | Windows IE 8.” Microsoft Corporation. Web. 19 Apr. 2010. .
“Safari – 150 Features – Learn about the Features Available in the World’s Fastest and Most Innovative Web Browser.” Apple. Web. 19 Apr. 2010. .
About the Author
Does Cell Spy Work? Does E-Stealth Work?
|
|
Erector Spykee – The Spy Robot $299.99 Spykee, the spy robot, is a crafty ‘bot that you control via the WiFi connection in your computer. This means you can give Spykee commands from virtually anywhere in the world! Plus, he does just about everything except feed the dog.Spykee moves, watches, hears, speaks, takes pictures, records video and sound, and can act as a surveillance camera. What’s more – when he begins to lose steam, he aut… |
|
|
Is My Cell Phone Bugged?: Everything You Need to Know to Keep Your Mobile Conversations Private $11.02 “Can someone…” * eavesdrop on my cell phone calls? * get my text messages almost as fast as I do? * access my voice mails? * steal my contacts list? * send fake messages from my phone? * make my phone dial someone else? * receive a text revealing the length of my calls? * receive a text alert whenever I use my phone? * send me texts using a fake number? * get my new number, although I … |
