Tag : Opera

Malware Protection In IE9

A comparison test of major browsers yielded this nugget: Microsoft’s Internet Explorer 9 proved to be the best at detecting socially-engineered malware. The test was run against Firefox, Chrome, Safari and Opera, and was conducted by NSS Labs, using malware campaigns that targeted European users during the month of April.

Another, similar test was performed during Q3 of 2011, testing against malware targeting users around the globe. Results if this later test were the same – IE9 performed drastically better than Chrome 12, Firefox 4, Safari 5 and Opera 11.

IE9 makes use of what Microsoft calls the SmartScreen Filter, which does a couple of things. First off, it offers Anti-phishing protection. Microsoft’s Phishing FAQ says that the SmartScreen filter analyzes pages as you surf, determining whether they display any suspicious characteristics. If any are found, you are alerted with a yellow warning, an d are advised to proceed with caution. If a site URL matches a list of reported phishing sites, you get a red warning notice that the site has been blocked for your safety. This is referred to as URL Reputation, and was introduced in IE8.

The next feature is called Application Reputation, and is new in IE9. This is to “remove all unnecessary warnings for well-known files, and show severe warnings for high-risk downloads.” It works with Download Manager, automatically blocking any potentially risky downloads and alerting you to this. You get a notice that allows you a choice of Delete, Run or Save the file in question, once you’ve made that decision. Applications known to be malware are blocked, and applications recognized as being non-problematic are passed. Apps with no reputation are treated with suspicion – the user can run it, but has to actively permit the app to run.

These features work with embedded links in emails as well as when browsing directly. The entire SmartScreen feature can be switched off from within IE, but is enabled by default and Microsoft advises keeping it enabled.

MAXA Cookie Manager Pro 5.0

It always amazes me how some people create a tool that makes things easier for people and then other BAD people come along and take advantage of that tool to benefit themselves.  Browser cookies were invented to make surfing simple HTML Web sites easier. A cookie can store any personal information you’ve given to a site, so you don’t have to enter it again when you click a different page on that site. Nosy webmasters have invented methods to steal your private information using cookies.   New cookie types that aren’t easily deleted have emerged. MAXA Cookie Manager Pro 5.0 ($35, direct, for two licenses) identifies and manages all types of cookies including the self-restoring “evercookie”. It protects your privacy and security, though the implementation is a little sloppy.

Cookies can also store preferences and other information that you’ve entered on a site, so you don’t have to enter that data again. The cookie itself is a simple text file that’s stored on your computer and that, in theory, is only accessed when you revisit the corresponding Website.   For example, the site can identify what browser you’re using, tell what page you linked from, and even get a rough idea of your physical location. Combining this data with any information you’ve actively shared, a site can find out quite a bit about you.

Given the possibility of inadvertently revealing private information, some users may be tempted to disable cookies entirely. Unfortunately, many perfectly valid Web sites just won’t work without cookies. Even when standard cookie handling is disabled, Web sites can utilize non-standard technology or browser-independent cookies. One researcher has created what he calls the “evercookie,” which stores data in multiple local repositories and uses this redundant storage to rebuild any deleted components. In the modern world, you can’t thoroughly control cookies using browser settings and manual deletion.  MAXA supports seven popular browsers: Internet Explorer, Firefox, Opera, Safari, and Chrome. On installation it ensures that the supported browsers are configured correctly for cookie management. It also checks settings for Flash, Silverlight, and Skype, all of which include cookie-like technologies.

During installation, the product lists several dozen popular Web sites and invites you to check off any that you use regularly. Checked sites are whitelisted automatically, meaning the product never meddles with their cookies. Naturally, you can edit or add to the whitelist at any time.  After installation, MAXA scans the computer for cookies of all kinds. When I ran it on the system I use for e-mail and editing, it turned up over 3,600 cookies. Most were ordinary browser cookies, but it found several examples of advanced-technology cookies specific to Internet Explorer and Firefox. It also found a few Silverlight-based cookies and a slew of Flash-based ones.