Tuesday, June 22, 2004
Stay out of bad neighborhoods
Firewalls won't always protect you.
The latest example showed up in ZoneAlarm Professional. That's a good product but someone recently discovered a gap. ZoneAlarm Pro has a feature which (if you turn it on) is supposed to prevent Web sites from installing programs on your computer(*). The reported hole is that if you make a "secure" connection, like you do when you enter a credit card number, ZoneAlarm stops checking whether the web site is trying to install things on your computer.
Be careful of the word "secure". If the web address begins with https: instead of http, and if you see a closed padlock in the lower right corner of your browser window, that just means the connection is scrambled and that your browser thinks it's proven you're connected to the site you think you're connected to. It's not "secure" in any other way, and the scrambled connection makes it hard for security software to check what's going on.
Your best defense is probably to avoid questionable web sites. If you haven't replaced Internet Explorer yet, you can change its settings under Tools/Internet Options/Security to make it more resistant. If you've already switched to a safer browser like FireFox, that helps too (and blocks popup ads). Windows XP Service Pack 2 will be less promiscuous about running programs from the Web. But technology keeps changing and street smarts stay the same. Next year I don't know what the technology will be but porn sites will still be sleazy and many will still try to install nasty things on your computer.
(*) If you have ZoneAlarm Pro, you can find this feature in the control panel under Privacy, Main, Mobile Code Control.
|
The latest example showed up in ZoneAlarm Professional. That's a good product but someone recently discovered a gap. ZoneAlarm Pro has a feature which (if you turn it on) is supposed to prevent Web sites from installing programs on your computer(*). The reported hole is that if you make a "secure" connection, like you do when you enter a credit card number, ZoneAlarm stops checking whether the web site is trying to install things on your computer.
Be careful of the word "secure". If the web address begins with https: instead of http, and if you see a closed padlock in the lower right corner of your browser window, that just means the connection is scrambled and that your browser thinks it's proven you're connected to the site you think you're connected to. It's not "secure" in any other way, and the scrambled connection makes it hard for security software to check what's going on.
Your best defense is probably to avoid questionable web sites. If you haven't replaced Internet Explorer yet, you can change its settings under Tools/Internet Options/Security to make it more resistant. If you've already switched to a safer browser like FireFox, that helps too (and blocks popup ads). Windows XP Service Pack 2 will be less promiscuous about running programs from the Web. But technology keeps changing and street smarts stay the same. Next year I don't know what the technology will be but porn sites will still be sleazy and many will still try to install nasty things on your computer.
(*) If you have ZoneAlarm Pro, you can find this feature in the control panel under Privacy, Main, Mobile Code Control.
# posted by Frederick @ 10:05 AM Email to a friend:
Haloscan: they provide trackback