Life, the Universe and Everything
Browse the Internet Securely
Oook, I'm tired of the fear-mongering I'm seeing surrounding this non-sense about the recent security flaws in Java. First off, this stuff happens ALL THE TIME folks, no need to panic. If you feel like making yourself a nervous wreck, you can check out the government website which tracks ALL current vulnerabilities here:
http://www.us-cert.gov/cas/bulletins/
I know, scary right? Don't worry yourself, us computer geeks know how to protect ourselves against this stuff without fretting about it. Apparently it's time to share this information again. Don't worry, it's pretty painless.
Step 1) Almost none of you will want to do this. So don't. Get rid of Windows and install Linux. 98% of all the vulnerabilities on your computer are part of Windows. If you want to be rock solid secure from any hacker, this is where you start. In all actuality if you don't make yourself the target of a hacker, you don't really need to worry about it. I'll leave it at that. If you can't figure out how to install Linux, don't worry about it, k?
Step 2) Firefox PWNS all other browsers. Firefox has nearly ironclad security -within- the browser. It obviously is NOT going to protect you if you open up a virus in your email program. So, if you already have Firefox, great! Now update it. The very newest versions of Firefox now auto-update when there is a security update. If you don't already have Firefox, get it:
http://www.mozilla.org/en-US/firefox/new/
NOTE: Apparently everybody on the planet is downloading this stuff right now, you may have the pages time out a couple of times before you get through. Firefox served 5 million downloads in one day before, so it will be fine.
'But I LOVE Chrome.. Safari.. whatever..' Do you want to be secure, or not. The head of security for the NSA uses Firefox, get the picture? At least use Firefox for your daily browsing, and only switch to Chrome or whatever when you REALLY have to.
Step 3) We need to add a couple of things in to Firefox to make it rock solid. Note that things are going to force you to be aware of when you are trusting some new website to run scripts on your computer. That's ok. Once you tell it to trust Facebook and Yahoo and Google and stuff you use every day, you will find that you have completely forgotten about these things.. until you need them! The first one, you'll thank me for, AdBlock Plus:
https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/
AdBlock Plus is going to speed up your internet, block all the stupid advertisements before you ever see them, and keep you from accidentally clicking something you shouldn't have, because it won't be there for you to click. The next one is the one that will be a hassle at first, but you'll forget it's even there after a while. NoScript:
https://addons.mozilla.org/en-US/firefox/addon/noscript/
Once you install this and restart Firefox, you will see a little yellow bar across the bottom or the top of the page that says 'Scripts Currently Forbidden...' on the left side with an 'Options' button on the right side. First things first, click the 'Options' button, and un-check 'Place message at the bottom'. Once you forget that this is installed, it's much easier if the bar appears right there at the top of the webpage. ;) Now click the little circly arrow in the Firefox address bar to reload the page, and the bar will be at the top of the page. Perfect!
So, what this does is automatically block EVERY script from running in your browser. Fortunately, you don't need to be able to figure out what all those scripts are. All you need to do is click the 'Options' button, then click 'ALLOW facebook.com' (for example), then NoScript will ALWAYS allow all scripts made by facebook.com! Woo-Hoo!! One more step for facebook. You should see one that says 'Allow fbcdn.net' This is another domain that facebook uses. Go ahead and allow it. Awesome! That's it, you never have to worry about Facebook working right again. The yellow bar will disappear until it sees something else on the Facebook website.
Why would it see something else? Two reasons. Either you go to a game or app you want to play.. or it's for advertising. Just use your common sense. If you try to play Farmville, you will have to allow Zynga the first time. You will NOT have to allow akamaihd.net. Akamaihd.net is an advertiser. Baaad advertiser!! To get rid of the yellow bar, click 'Options' then point at 'Untrusted' then click on 'Mark akamaihd.net as Untrusted'. Now NoScript will never bother you about that advertiser again!
That's it, it's a simple 2 step process
1) Allow the website, and it's other domains
2) Untrust any freaky advertiser domains.
If you somehow get yourself jammed up, you can always go back and trust yahoo or whatever you did to mess it up. Now if you ever get in a corner, and a webpage won't work (perhaps a coupon website that makes you use an advertiser??) You can click the 'Temporarily allow all this page' button. You may have to click it again when the page reloads, these advertiser people try to be sneaky and track you by making one script start another one, then another one and etc. Never EVER click 'Allow Scripts Globally' If you ever run into a website that says it needs global permissions, IT'S A SCAM!! Global Permissions let the script do whatever it wants to on your computer. -I- might allow it to test a script I am writing. -YOU- should never need to use it. If you ever run across a valid website (college or a bank) that claims they need it, write them a nasty letter. They are being lazy about writing their website correctly, and they should know better, in this day and age.
Step 4) Go to Add / Remove Programs, and scroll down to 'Java' Uninstall all of them. The older versions of Java stayed there on purpose, to make sure that business people didn't show up to work one day and discover that their programs they use were broken because something updated. You're not a business and the new ones auto-update (so you'll never have to do this again). Uninstall them. K, now go here and install the new one:
http://www.java.com/en/download/manual.jsp
Now that we've got that out of the way let's check the other browser plug-ins:
https://www.mozilla.org/en-US/plugincheck/
Update anything that needs it. If you have junk at the bottom that says 'Unknown Plug-in', you probably don't need to worry about it.. but if you want to, knock yourself out.
Step 5) Pat yourself on the back for a job WELL DONE!! Seriously. It may not seem like much now that you've done it, but most people will put it off and forget, then call me and ask if I can come help them uninfect their computer in a few months.
If you like you can install a better Firewall, I recommend searching Google for ZoneAlarm. AVG makes a great free anti-virus program. The rest of it you really don't need to bother with. You should still steer clear of porno sites and other seedy websites, and don't give them your email address! If you feel yourself compelled to do these things, go back to step 1 and install Linux! :P
As I final note, Firefox really is an amazing thing. Install it on your android phone, and install ABP as well. Surf faster! Explore some add-ons and all of the cool features it has to offer! Enjoy, and peace out!!
http://www.us-cert.gov/cas/bulletins/
I know, scary right? Don't worry yourself, us computer geeks know how to protect ourselves against this stuff without fretting about it. Apparently it's time to share this information again. Don't worry, it's pretty painless.
Step 1) Almost none of you will want to do this. So don't. Get rid of Windows and install Linux. 98% of all the vulnerabilities on your computer are part of Windows. If you want to be rock solid secure from any hacker, this is where you start. In all actuality if you don't make yourself the target of a hacker, you don't really need to worry about it. I'll leave it at that. If you can't figure out how to install Linux, don't worry about it, k?
Step 2) Firefox PWNS all other browsers. Firefox has nearly ironclad security -within- the browser. It obviously is NOT going to protect you if you open up a virus in your email program. So, if you already have Firefox, great! Now update it. The very newest versions of Firefox now auto-update when there is a security update. If you don't already have Firefox, get it:
http://www.mozilla.org/en-US/firefox/new/
NOTE: Apparently everybody on the planet is downloading this stuff right now, you may have the pages time out a couple of times before you get through. Firefox served 5 million downloads in one day before, so it will be fine.
'But I LOVE Chrome.. Safari.. whatever..' Do you want to be secure, or not. The head of security for the NSA uses Firefox, get the picture? At least use Firefox for your daily browsing, and only switch to Chrome or whatever when you REALLY have to.
Step 3) We need to add a couple of things in to Firefox to make it rock solid. Note that things are going to force you to be aware of when you are trusting some new website to run scripts on your computer. That's ok. Once you tell it to trust Facebook and Yahoo and Google and stuff you use every day, you will find that you have completely forgotten about these things.. until you need them! The first one, you'll thank me for, AdBlock Plus:
https://addons.mozilla.org/en-US/firefox/addon/adblock-plus/
AdBlock Plus is going to speed up your internet, block all the stupid advertisements before you ever see them, and keep you from accidentally clicking something you shouldn't have, because it won't be there for you to click. The next one is the one that will be a hassle at first, but you'll forget it's even there after a while. NoScript:
https://addons.mozilla.org/en-US/firefox/addon/noscript/
Once you install this and restart Firefox, you will see a little yellow bar across the bottom or the top of the page that says 'Scripts Currently Forbidden...' on the left side with an 'Options' button on the right side. First things first, click the 'Options' button, and un-check 'Place message at the bottom'. Once you forget that this is installed, it's much easier if the bar appears right there at the top of the webpage. ;) Now click the little circly arrow in the Firefox address bar to reload the page, and the bar will be at the top of the page. Perfect!
So, what this does is automatically block EVERY script from running in your browser. Fortunately, you don't need to be able to figure out what all those scripts are. All you need to do is click the 'Options' button, then click 'ALLOW facebook.com' (for example), then NoScript will ALWAYS allow all scripts made by facebook.com! Woo-Hoo!! One more step for facebook. You should see one that says 'Allow fbcdn.net' This is another domain that facebook uses. Go ahead and allow it. Awesome! That's it, you never have to worry about Facebook working right again. The yellow bar will disappear until it sees something else on the Facebook website.
Why would it see something else? Two reasons. Either you go to a game or app you want to play.. or it's for advertising. Just use your common sense. If you try to play Farmville, you will have to allow Zynga the first time. You will NOT have to allow akamaihd.net. Akamaihd.net is an advertiser. Baaad advertiser!! To get rid of the yellow bar, click 'Options' then point at 'Untrusted' then click on 'Mark akamaihd.net as Untrusted'. Now NoScript will never bother you about that advertiser again!
That's it, it's a simple 2 step process
1) Allow the website, and it's other domains
2) Untrust any freaky advertiser domains.
If you somehow get yourself jammed up, you can always go back and trust yahoo or whatever you did to mess it up. Now if you ever get in a corner, and a webpage won't work (perhaps a coupon website that makes you use an advertiser??) You can click the 'Temporarily allow all this page' button. You may have to click it again when the page reloads, these advertiser people try to be sneaky and track you by making one script start another one, then another one and etc. Never EVER click 'Allow Scripts Globally' If you ever run into a website that says it needs global permissions, IT'S A SCAM!! Global Permissions let the script do whatever it wants to on your computer. -I- might allow it to test a script I am writing. -YOU- should never need to use it. If you ever run across a valid website (college or a bank) that claims they need it, write them a nasty letter. They are being lazy about writing their website correctly, and they should know better, in this day and age.
Step 4) Go to Add / Remove Programs, and scroll down to 'Java' Uninstall all of them. The older versions of Java stayed there on purpose, to make sure that business people didn't show up to work one day and discover that their programs they use were broken because something updated. You're not a business and the new ones auto-update (so you'll never have to do this again). Uninstall them. K, now go here and install the new one:
http://www.java.com/en/download/manual.jsp
Now that we've got that out of the way let's check the other browser plug-ins:
https://www.mozilla.org/en-US/plugincheck/
Update anything that needs it. If you have junk at the bottom that says 'Unknown Plug-in', you probably don't need to worry about it.. but if you want to, knock yourself out.
Step 5) Pat yourself on the back for a job WELL DONE!! Seriously. It may not seem like much now that you've done it, but most people will put it off and forget, then call me and ask if I can come help them uninfect their computer in a few months.
If you like you can install a better Firewall, I recommend searching Google for ZoneAlarm. AVG makes a great free anti-virus program. The rest of it you really don't need to bother with. You should still steer clear of porno sites and other seedy websites, and don't give them your email address! If you feel yourself compelled to do these things, go back to step 1 and install Linux! :P
As I final note, Firefox really is an amazing thing. Install it on your android phone, and install ABP as well. Surf faster! Explore some add-ons and all of the cool features it has to offer! Enjoy, and peace out!!
posted by - T at 20:02
There are 0 comments
