Browse safely using Internet Explorer or Firefox

Set the Internet-zone security of Microsoft's browser to high, and use free security add-ons for Mozilla's browser, to defend against malicious Web sites.

Dennis O'Reilly Former CNET contributor
Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.
Dennis O'Reilly
3 min read

The second of my three-part update of the 10-Step Security story I wrote three years ago shows that some tech advice stands the test of time. (A post earlier this week freshened up tips one, two, and three from that story, which focus on Windows updates and security features.)

Step 4: Ensure that you can see file extensions and all Windows system files in Windows Explorer and folder windows.

These days, you're less likely to encounter a dangerous executable file masquerading as a harmless type of file, but viewing file extensions and hidden files remains a good idea. The steps in the original article for making this change in XP are the same in Vista's version of Windows Explorer, though you may have to press the Alt key to show the Tools menu.

Step 5: Set the security level of Internet Explorer's Internet zone to High.

There's nothing stale about this advice. Of course, you should now be using IE 7 rather than IE 6, which is much less secure than its successor. The steps to reset your Internet zone security level are a bit different in IE 7: click Tools > Internet Options > Security, choose Internet in the box of zones at the top of the dialog box, move the security-level slider to High, and click Apply or OK.

Microsoft Internet Explorer 7 security-settings dialog
Set Internet Explorer 7's Internet zone security level to High. Microsoft

As the original article stated, this security level will generate pop-ups whenever you try to open a site that's not on your approved list. To add sites to this list in IE 7, choose the "Trusted sites" icon in the zone box at the top of the Security dialog box, click the Sites button, type the site URLs in the top box one at a time, and click Add. Keep the option on the bottom to require server verification unchecked.

Microsoft Internet Explorer 7 Trusted Sites dialog box
Add the sites you trust to Internet Explorer 7's whitelist. Microsoft

Step 6: Use the NoScript add-on to block scripts in Firefox on a page-by-page and element-by-element basis.

Of course, the simplest way to improve your chances of staying safe on the Web is to use a browser other than IE. I'm not saying Firefox, Opera, and other browsers don't have flaws of their own. It's just that those programs aren't targeted by the bad guys as often as IE is.

Giorgio Maone's NoScript add-on for Firefox lets you decide which scripts are allowed to run before the page loads. NoScript was relatively new back in 2005 when that article was written, but the program has stood the test of time. Note that the program's author accepts donations to offset the cost of maintaining and updating the application.

Another option for blocking Flash content in Firefox is by using Nicolas Martin's Flash Killer add-on. Apart from ensuring that no malware finds its way onto your PC via a Flash file embedded on a Web page, the program speeds up your browsing by blocking Flash ads from loading along with the regular content of the page.

In my next post, I'll revisit the last four tips in 10-Step Security, which deal with e-mail safety.