 Number 246 - November 2003 |
|
| Pop-Up and ActiveX Tips 'n Tricks | |
| Compiled by Charlotte Semple, LACS President | |
|
Pop-Up Epidemic
The pop-up ad epidemic is irritating and it's a security threat. The ads, which are Web pages, may contain dangerous programs or scripts; they can hijack your home page or install adware that sprouts more pop-ups. In fact, a booby-trapped pop-up could even steal or delete your data, or install a dialer to seize your Internet connection and reroute it to a dollars-per-minute 900 number. To eliminate these hazards in Internet Explorer, you must check settings for ActiveX controls; in Netscape, Mozilla, or another browser, you must change a JavaScript setting. Internet Explorer For Internet Explorer (IE) users, the dangerous code in pop-up pages often appears as an ActiveX control that presents itself for your approval before downloading. Though it looks similar to many safe browser plug-ins that you may have accepted from reputable sites in the past (it may be signed with a certificate, even), the sneaky control actually installs software that displays ads on your PC. IE can download ActiveX controls and run them much as any other program runs on your PC. By default, IE is configured to ask your permission before downloading and running an ActiveX control from the Internet. If you or anyone else using the computer has changed those settings, however, unwanted programs could launch automatically. To check your security settings in IE, choose TOOLS, INTERNET OPTIONS, click the Security tab, select the Internet zone, and confirm that the 'Security level' slider is set to Medium. This setting instructs IE to block the controls that aren't signed with a certificate, and to prompt you for approval before launching ActiveX controls. |
Multiple Users
If you share the computer with children (or with adults who download first and ask questions later), set the slider to High. This blocks ActiveX content, Java and JavaScript code, and file downloads. Note that disabling these features may cause reliable Web sites not to work as expected--or at all--in your browser. Other Browsers Because they support Java and JavaScript instead of ActiveX, the most recent versions of IE competitors Netscape, Mozilla, and Opera are safer. But they are not immune to scripting shenanigans. The default security settings in Mozilla and Netscape--Java enabled, and JavaScript enabled for Web pages but not for e-mail--are sensible. If you want to block the many unscrupulous Web sites from changing your home page, however, simply disable JavaScript altogether: Choose EDIT, PREFERENCES, expand the Advanced category, select SCRIPTS & PLUGINS, uncheck Navigator under `Enable Java for', and click OK. If you'd like to do the same in Opera, select FILE, QUICK PREFERENCES and then uncheck ENABLE JAVASCRIPT. As with the high security settings of Internet Explorer, you'll find that disabling JavaScript reduces functionality at certain Web sites. Finally, when you've finished tweaking your browser's security settings, visit one of the many browser security-check Web sites. Scanit and Qualys will point out any chinks in your browser's armor and suggest a fix. From PC World.com. |
|
Number 246 - November 2003
|
|