Monday 5 October 2015

How To keep your browser safe from hackers

 
Browser exploits are one of the most commonly used tricks employed by hackers. Here's how to protect yourself against them:
 
Web browser have become one of the most important parts of our lives, as we are using them more often than any other application. Think about it: you send and receive emails , you watch videos, you listen to music, you buy things online, and you keep in touch with your friends: all of these are done from your browser. But how much time have you spent wondering how secure your browser actually is?

I have an anti-virus, should I keep reading this?

Having antivirus, anti-malware or firewall applications installed increases your overall security, but it's not always enough. This means that improving the safety of your browser will never be a redundant action. Most popular browsers like Chrome, Firefox, Opera or Safari have pretty strong default security settings, so you don't need to learn how to configure them from the get-go, but knowing how to keep yourself safe while using them is a totally different story.

Main risks for your browser

In case if you're curios about what kinds of things put your browser in peril, there are three main categories: browser vulnerabilities, the users and required third-party apps. Here's an explanation for each of them:

Browser vulnerabilities

As we all know, nothing in the world is perfect, so it's unjust of us to think that our web browsers could be completely hacker-proofed. Unfortunately, most common browser-related attacks were caused by a vulnerability which the cyber-attackers exploited to infect their victims' PCs, steal their data or damage important system files.

Users misuse

Even though we don't like to admit it, we represent a big peril for our web browsers. Whether you're an inexperienced user or simply because you don't care, there is a bunch of things that you can do that will compromise your browser's security. Here are some of them:
  • clicking on unknown links without caring where they lead to or who put them up and why;
  • unknowingly modifying security settings for wider / quicker Internet access;
  • accepting a website's request to install an additional application (from an unknown source) in order to be able to browser it;
  • installing applications or browser add-ons and then never taking the time to maintain them;
  • downloading bundled application and allowing the unnecessary ones to get installed without knowing exactly what they are.

Dangerous but (sometimes) necessary add-ons

  • ActiveX - Commonly associated with Internet Explorer's, ActiveX is required to browse and perform actions on certain websites. However, it's also often used by hackers who add malicious ActiveX software to websites and thus infect your PC.
  • Java and JavaScript - while both are necessary on a whole bunch of websites, JavaScript and a script for a virus can be easily intertwined and the Java browser add-on is full of security problems which allow cyber-attacker to gain access to private data saved on your PC.
  • Flash Player - the Flash browser add-on also has a lot of security holes that many hackers exploit. I've already talked about this in The Flash Player Revolution article, so you can find more data about this by following that link.
  • Cookies - originally used by websites to avoid overcrowding their servers, cookies have evolved into real dangers to your privacy.

Protection methods

Fortunately, keeping your browser as safe as possible isn't incredible difficult, but it sometimes (rarely) involves sacrificing some convenience and functionality. Here's what you can do to hacker-proof your web browser:

Updates are important

Everyday security researchers find new vulnerabilities, and new security patches are being released. The quicker you allow your browser to update itself, the sooner you'll have the latest security available. Waiting too long before updating allows the slower hackers to exploit vulnerabilities which have already been fixed and became public knowledge. The same goes for the add-ons /  plug-ins that you have installed, as they are vulnerable to exploits as well. Just leave the automatic updates setting turned on for Google or Chrome and don't use outdated browsers like Internet Explorer (unless you really have to), and you should be fine.

Click-to-play plug-ins

Flash content which automatically starts on webpages is generally annoying, makes websites load slower and forces your browser to take up a lot of your PC's resources. Furthermore, it can represent a security risk, so I recommend installing an extension that will help you avoid these problems. If you're a Mozilla Firefox user, an add-on like Flashblock can do the trick nicely. In case if you're a Google Chrome user, I recommend using the browser's settings instead of an extension (as the application already takes up enough resources as it is): Just go to Settings, press Advanced Settings and click on the Content button. Now navigate to the Plugins and check the box marked Let me choose when to run plugin content. Finally, Opera users should also go to their browser's Settings, click on the Websites button and then check the Click to play field.

Install anti-exploit applications

Over the course of this article I've used the word exploit more times than in the entire last month, so I probably don't need to tell you how beneficial it would be to have an anti-exploit application installed on your PC. Why are these tools so cool? They don't use blacklists and huge databases like the anti-virus applications do, but instead simply stop your browser whenever it acts suspiciously. As far as I know, the best anti-exploit tools currently on the market are Microsoft's EMET and Malwarebytes Anti-Explot. (Both of them can be used for free, so you don't have to worry about money.) If you're not an advanced user, I recommend using Malwarebytes Anti-Exploit as it's easier to understand and set up.

Additional advice

I have two more little tips for you which are not as effective as the previous ones, but were too important to ignore completely:
  • Firstly, if you can, always install a 64-bit version of any browser (instead of the 32-bit one). 64-bit applications have always had, and always will have, better protection than the others, so they will improve your system's security. At the moment, Mozilla doesn't have a 64-bit version for the main version of Firefox, but you can choose the Nightly build of the browser if you can cope with it.
  • And secondly, uninstall all the plug-ins / extensions / add-ons that you don't actually use. They don't only take up resources and can be annoying from a visual standpoint, but they also represent a security risk. It only takes a few seconds to remove them, so it's not that much of an effort.

Conclusion

The web browser is the application that you use most often and the one that's always interacting with the Internet, so it's constantly exposed to a lot of risks. Now that you know how, why not take a little time and make sure that your browser is secure? 

Eddy will keep saying more

No comments:

Post a Comment

Comments...