Re: Web Browsing Security

[Isabelle Graham <graham () AMERICAN EDU>]

We've gotten Ad Block added to our default image for Firefox, but many 
users run IE or install Chrome, so it's really guarding against one vector.
I've long been a fan of Firefox myself, since you can configure it to 
purge cookies, cache, history, etc. on close. I find doing this along 
with Ad Block, Ghostery, and HTTPS Everywhere to be a decent balance 
between "The internet is broken" and "I just got randomly infected" but 
I'm not sure it's something I would recommend to end-users. I also find 
No Script to be a little ungainly and would welcome a "Allow this domain 
and any referenced domain, but only from this domain" (essentially trust 
anything this site does) feature.

Isabelle Graham
Information Security
American University

On 09/26/2013 06:54 PM, Jeff Kell wrote:
> On 9/26/2013 6:18 PM, Omen Wild wrote:
> > Paranoid? Maybe. Overly? I don't think so.
>
> I've been in the security business since the old Slammer/Nachi/CodeRed
> days... and it gets worse every year, and more difficult to defend.
> Yesterday it was "plug your computer into the network".  Today it's
> "Click here to infect your computer" (if even that, doesn't include
> drive-bys).
>
> If you're not paranoid, you should be.  Or your already pwned :)
>
> Jeff