455
edits
CFA/Security-Notes: Difference between revisions
→General capabilities
| Line 21: | Line 21: | ||
* Protected Mode - runs in isolation from other applications in the OS. Restricts exploits and malware from writing to any location beyond Temporary Internet Files without explicit user consent (IE7) | * Protected Mode - runs in isolation from other applications in the OS. Restricts exploits and malware from writing to any location beyond Temporary Internet Files without explicit user consent (IE7) | ||
* Warn me when sites try to install add-ons (FF) | * Warn me when sites try to install add-ons (FF) | ||
* Prevent malware attacks in real-time with behavior-based profiling algorithms (Haute Secure) | |||
* Prevent malware attacks using virtual machine techniques (GreenBorder) | |||
=== Anti-Phishing === | === Anti-Phishing === | ||
| Line 40: | Line 42: | ||
** Disallow visiting sites by IP address (IP anywhere in URL) | ** Disallow visiting sites by IP address (IP anywhere in URL) | ||
** Allow local LAN IPs | ** Allow local LAN IPs | ||
* | === Content Enabling === | ||
* NoScript - allows JavaScript, Java and other executable content to run only from trusted domains of your choice (FF extension) | |||
* Enable plug-ins (Safari) | * Enable plug-ins (Safari) | ||
** Block flash animations (Camino) | ** Block flash animations (Camino) | ||
| Line 60: | Line 62: | ||
* Block web advertising (Camino) | * Block web advertising (Camino) | ||
=== Cookies === | |||
* Accepting cookies (FF) | * Accepting cookies (FF) | ||
** Exceptions (FF) | ** Exceptions (FF) | ||
| Line 67: | Line 69: | ||
** Only from the current site (OmniWeb) | ** Only from the current site (OmniWeb) | ||
=== Passwords === | |||
* Remember passwords for sites (FF) | * Remember passwords for sites (FF) | ||
** Exceptions | ** Exceptions | ||
| Line 73: | Line 75: | ||
* Use a master password (FF) | * Use a master password (FF) | ||
** Change master password | ** Change master password | ||
=== Warning Messages === | |||
* Secure Defaults/No Security Pop-ups - remove security pop-ups because users are trained to click on the default button to complete their task. Use secure defaults instead, and only provide notifications at the top of the browser (FF brainstorm) | * Secure Defaults/No Security Pop-ups - remove security pop-ups because users are trained to click on the default button to complete their task. Use secure defaults instead, and only provide notifications at the top of the browser (FF brainstorm) | ||
* Fix my settings - instantly reset internet security settings to "medium-high" default by clicking option in Information Bar. The browser warns user with Information Bar when current security settings may put you at risk. The bar continues to remind you as long as settings remain unsafe. Internet Control Panel highlights critical items in red when they are unsafely configured. (IE7) | * Fix my settings - instantly reset internet security settings to "medium-high" default by clicking option in Information Bar. The browser warns user with Information Bar when current security settings may put you at risk. The bar continues to remind you as long as settings remain unsafe. Internet Control Panel highlights critical items in red when they are unsafely configured. (IE7) | ||
| Line 86: | Line 89: | ||
** Moving from a secure to an insecure page (Camino) | ** Moving from a secure to an insecure page (Camino) | ||
=== Encryption (Protocols and Certificates) === | |||
* Lock icon - provides detailed information about the site's security certificate (in FF) | * Lock icon - provides detailed information about the site's security certificate (in FF) | ||
* Digital signature information - provides more information about the publisher of a program and whether the program is digitally signed (IE Screenshot) | * Digital signature information - provides more information about the publisher of a program and whether the program is digitally signed (IE Screenshot) | ||
| Line 95: | Line 98: | ||
* Certificate options (FF) | * Certificate options (FF) | ||
=== Other === | |||
* Automated update - always checks to see if you're running the latest version, and notifies you when a security update is available (FF) | |||
== NOTES == | == NOTES == | ||