For IE you don't have to add anying to get script protection, though it is off by default.
Simply lower the trustworthyness for internet sites and use the "trusted sites" as they are supposed to be used and you are 1000 times safer than the stock way it ships.
But "Dr Watson" how do you know IF a site is dodgy -- these days they aren't all designed by "amateurishly simple young folks just venturing out into their first piece of geekdom".
Some sites these days are DEVILISHLY SMART and you have to be quite knowlegable to spot if the site you are looking at is the real one and not a "Socially Engineered cloned one".
There's BIG money in this - so its now way beyond a few spotty youths creating simple viruses / trojans -- it's now sophisticated ORGANISED CRIME -- and these people can pay THE BEST MONEY that research can buy which is why only giants like MS will have the resources to compete with these people.
That's why MS's URL check -- while of course not 100% secure is better than anything else out there at the moment.
You've only got to see how firms by changing their keywords etc on their sites manage to "poodlefake" the Google search engine for putting them up higher on the search list than they would otherwise be.
So long as scripts run inside a browser -- any browser -- it's vulnerable.
All we can do is hope that the integrated checks that MS and others build in make the browsers secure.
Personally I always use an ISOLATED SEPARATE machine for Internet browsing that ONLY has the browser on it -- NO other apps at all -- straight Windows OS install from the box plus any video / print drivers I need. NOTHING ELSE installed.
These days you can pick up a machine that is good for this purpose for almost NOTHING at a local tip (or "re-cycling center") - otherwise just create a Virtual machine for your browsing and downloading and scan the downloads.
Using an Isolated Real or Virtual machine for Internet browsing will protect against personal data etc being "lifted" by malware etc - and in the event of infection you haven't got to "cleanse" it or anything -- just wipe the disk and restore another image from backup.
No applications hosed up etc - especially if you CHECK and DOUBLE CHECK everything you download BEFORE moving to your Real working machine.
Cheers
jimbo
i apologise, you are right about social engineered sites, i was taking objection to the fact that the person i was replying to was implying that all you need to do to stay safe online is run IE8 and if you run firefox then you are automatically lesss secure,
i would argue that my machine which is running Firefox and is properly secured, is probably alot safer than quite a few peoples machines running IE who dont know what their doing.
the fact is no user "automatically" became more secure SIMPLY by switching browser,
for instance: the user wants to watch a movie with a dodgy codec,
it doesnt matter if your running IE Firefox, Safari, Windows, Mac Osx, etc. the user WANTS to watch the video, he/she will jump through the hoops required,
thus i repute the original statement
How many IE users know there is an option called "Script Protection" and how many of those who know it, know how to turn it on?
The same logic applies for "Trusted Sites".
Even if it is there, its useless unless its turned on.
I agree with that severedsolo. Just because someone switches the browser they are using doesn't mean they are safe. The user has to take the extra step to protect themselves, no matter which browser they use.
And the same applies for average FF users adding NoScript.
All too often I hear people say that JUST installing FF makes you safer and it really doesn't.
As others have said the USER is reposnsible for securing and using their browser in a safe manner with ALL current browsers.
Instead of the pointless arguing over who is safer than who, (here and everywhere). Discussions about the ways to quickly secure your broswer of choice and make safe browsing descisions (email too) are FAR more productive in keeping the general populace safe.
Governments, websites and even people mandating browser choices are COMPLETELY off base WRT internet safety
Give a user a "safe" browser and he'll be safe for two days. Teach a user to browse safely and he'll be safe his entire life...
agreed, i have to admit, so called "browser security" doesnt influence my choice of browser, i use firefox because i like firefox.... i have an NAT firewall with built in DOS protection, an anvtivirus, antispyware, a Software firewall, threatfire, and most importantly a huge dollop of common sense if someones really wants to do some harm to my computer and they can get beyond all that, then my choice of browser isnt going to make much difference....
I'm so glad, because it sure stopped a mutated version of Vundo that I am still working to get rid of.
Seriously, what a fat load of crap.
Quote
