07.24.18

5 things you might not have known about web browser security

The web browser was the internet’s first breakthrough app. Although internet connectivity had existed in limited form since late 1960s, it wasn’t until the arrival of tools like Mosaic, Netscape Navigator and Microsoft Internet Explorer in the 1990s that it first became practical for almost anyone to access documents over a network connection.

Today, web browsers are still vital despite often being overshadowed by the native applications on smartphones and tablets. They’re still the default options for opening links, plus even many mobile apps incorporate their own browser-like viewers and rely on web languages such as HTML so they can run easily on multiple platforms.

Unsurprisingly, the central roles of web browsers in both mobile and desktop connectivity makes them magnets for cyberattacks. Popular browsers have received many modifications over the years to make them safer, but there’s still a lot that can go wrong when using them. Here’s what you need to know to have the safest possible experience:

1. Some of the riskiest features can be turned off

In February 2018, researchers at Cisco discovered a flaw in Adobe Flash Player that put machines running outdated versions of the plugin at risk of being hijacked. Flash, ActiveX and other web add-ons can create such problems if they are not regularly updated or simply deactivated (in the case of a zero-day exploit with no resolution currently). JavaScript, the programming language enabling many of the web’s advanced features, is also pivotal in injection attacks against vulnerable websites.

Check if your browser gives you an option to turn some or all of these utilities off until you absolutely need them. For example, both Mozilla Firefox and Apple Safari will default to asking you if you really want to run Flash each time, which is much safer than having it activate automatically.

web browser security

2. You can control who’s monitoring you

Have you ever looked up a product on Google, then visited Amazon only to see advertisements for the same thing you just searched for? That’s web tracking at work. Sometimes, it’s useful in presenting you with quick access to items you already intended to buy or research. However, it can also be an unwanted intrusion.

Perhaps the best example of the latter is the enormous amounts of information that many Facebook users send to the social network when they’re not even on the main site. A recently developed Firefox extension called Facebook Container shows the issue: Only by logging out of Facebook, deleting all of its cookies and isolating its traffic from other tabs you have open can you ensure Facebook isn’t seeing almost everything you do online. Fortunately, that browser add-on and others make the process relatively simple.

3. It’s possible to get an HTTPS connection almost everywhere

Connecting to the a site over HTTPS is always preferable to plain HTTP, since you get the added protection of an encrypted connection. From 2015 to 2017, the share of Google Chrome traffic that was HTTPS-secured rose steadily, a key sign of progress toward a safer web. Still, it’s likely you visit at least some webpages without HTTPS, potentially putting your data in danger.

The good news is that you can maximize your protection through extensions like HTTPS Everywhere, which forces an HTTPS connection on sites that support it. Check for a padlock or green box in the address bar to see if you have HTTPS active.

4. Not all browsers are created equal

The vast majority of websites are visited via a handful of major browsers. These programs generally do a good job of keeping their features up-to-date and patching security issues. At the same time, they don’t go as far as some more obscure alternatives in protecting your privacy and security across the web.

Tor is a prime example of a browser with advanced protections not available in mainstream applications. It routes a user’s activity through a complex set of connections to anonymize his or her identity, making it harder to determine exact location via IP address. However, it comes with tradeoffs in terms of overall performance.

5. Private browsing is useful, but has its limits

Just about every browser has a private or incognito mode that works more or less the same as the normal setup, with a few differences including lack of site history, no autofilling of credentials and no saving of HTTP cookies (i.e., the stored files that help websites remember you). It’s a useful feature, especially on shared computers where you wouldn’t want someone else to have easy access to your saved logins.

At the same time, it’s not sufficient protection on its own. You can still fall victim to web-delivered or be surveilled by third-parties while in a private tab.

For that reason, it’s reasonable to invest in security software such as Total Defense Unlimited Internet Security that provides enhanced protections from malware, spyware and identity theft while browsing. Check out the product page in the link today to learn more!