How Can I Browse the Internet Safely?
Safely enjoying the Internet starts not with the computer, but with the person behind the keyboard.
That's right. Before we go over anything you can do to the computer to enhance security, we're going to blame everything on you. Or your kids. Or your nephew from across the street. Whoever sits behind the keyboard of your computer, that's the biggest security flaw your computer has, and there's no cute little downloadable thing-a-ma-bob that will fix that problem. You have to understand why the computer's user is the biggest danger faced by the computer before you even think about how to lock down the software!
Your computer will generally not do very much that can get it into trouble without someone telling it to. A computer with no one touching it doesn't browse the Internet all by itself, and it certainly doesn't click on clever ads that infect your computer of its own free will. It's a machine, and it does exactly what the person between the keyboard and the chair says. Before anyone sits at your computer, they need to take the time to understand what to watch out for while browsing, and how to avoid or "bail out" of those things before they slip up and wreck the computer with just a couple of clicks. Share the rest of this document with everyone that uses your computer. Make sure they read it and understand it well! A couple of paragraphs of educational reading can make the difference between months of fun Internet experiences and dropping $90 or more on a seriously nasty virus repair job that could have easily been avoided.
So, HOW Do I Browse The Internet Safely?
First and foremost, if you do nothing else, this little tip might just save your bacon:
When you're online, change your "mental default" to NO, CANCEL, [X], (POWER BUTTON) instead of YES, OK, YEAH BUDDY, INFECT ME!
Just answering anything that you aren't 100% certain about with a negative response instead of a positive one can stop almost any disaster online cold in its tracks. That's right, "just say NO" works as well online as offline. Way too simple, isn't it?
The trick is this: most nasties are actually downloaded by the user themselves without even knowing it. Typically, some evil page comes up as a web search result, and you visit it in search of, say, information on a famous celebrity's recent mishaps in the media. Instead of getting a page about this celebrity's antics, you get kicked over to something else, often made up to look so extremely official as to be nearly impossible to tell it's a website. It will fake a "virus scan" with lots of "results" and tell you that to fix them, you need to "download the latest anti-something-or-another, CLICK HERE TO DO IT." Other sites may just automatically throw up a "download file" window which the user blindly "runs" without even thinking it over.
If you do what they say, you're toast, but if you say NO by default, you're okay! You get multiple chances to abort this infection, yet most people are fooled by the "official" appearance of such things and blindly do what they're told. Remember, it came up WHILE YOU WERE BROWSING THE INTERNET. You didn't run the scan. Its name doesn't match that of any product YOU have installed on your computer, so why trust it? You can always just not click to download the file (if it doesn't automatically force it on you). Then, you can not click "Run" or "Save" if the download box does appear. Heck, you could have just killed the browser or powered down the computer and avoided it altogether that way! This is why you always respond negatively unless you're 100% sure that what you're doing is okay to do, period!
Beef Up Your Browser
Beyond just saying "no," you can harden your Internet browser to help you avoid the plague that is malicious software entirely. First and foremost, switch to Mozilla Firefox immediately. Why Firefox? Because pairing Mozilla Firefox with the add-ons Adblock Plus, NoScript, and any of a number of available link scanners such as McAfee SiteAdvisor provides the ultimate protected Internet browsing experience. You avoid the security problems and high attack rate of Internet Explorer by using Firefox, and many malicious programs actually come in through advertisements, which Adblock Plus can completely remove from view so it's not even an option. NoScript is even stronger than Adblock Plus, allowing blocking of almost any annoyance you can imagine with very fine-grained control. Link scanners like McAfee SiteAdvisor will analyze links in a website such as the results of a Google or Yahoo! search, and place a rating under or beside the link to indicate how safe the link is to follow, helping you identify the bad ones even before you touch them in the first place.
Check Your Security Software
So many of us use out-of-date or severely buggy security software to protect our computers and don't even know it. It pays to check your security software out at least once a month to see if it's updating itself properly. If you run an anti-virus, anti-spyware, anti-malware, anti-whatever program, it doesn't work against new threats if the descriptions of those threats (often known as "signatures") aren't ever delivered. Also, if the software engine itself isn't the latest version, you aren't reaping the benefits of new scanning and threat detection techniques that could save your bacon. Find out how your specific security software works and check on it once in a while. Don't have security software, or yours has stopped updating or is just broken entirely? Tritech strongly recommends the absolutely awesome (and 100% free to home users) avast! Antivirus over all other products.
Do You Have A Hardware Firewall?
What is a firewall? It's a piece of software or hardware that sits between your computer's networking core and the rest of the Internet, filtering out nasties every step of the way. Why do you want a hardware firewall instead of a software firewall? It's quite simple, actually: a software firewall still requires that "evil" data packets from the Internet enter your operating system's networking core before the firewall software can analyze and filter it. Plus, software firewalls are software, and software has bugs. Once upon a time, the BlackICE software firewall was found to have a severe flaw which opened up users of the BlackICE product to immediate infection. Why does it matter? Because a worm called "Witty" took full advantage of this flaw and infected loads of BlackICE "protected" machines! The "firewall" actually enabled the infection of the machine instead of protecting it! This doesn't mean all software firewalls are useless, but it explains why a real piece of equipment that blocks off random data from the Internet and sits outside of your computer is essential.
Having a "hardware firewall" sounds mighty expensive, doesn't it? So you need some $150 "black box" just to stay safe online?! No, actually, it's far easier than that. First of all, do you have a wireless router on your high-speed Internet connection? If you said "yes," you already have a hardware firewall. If you just have a cable, DSL, or satellite modem, but it only works with one computer at a time and has no router whatsoever, you may not have a hardware firewall built in. Cable modems typically don't have a built-in router. Because of how DSL works, though, most modern DSL modems actually have a built-in router (and thus hardware firewall) to hide the "dial-up" that the DSL modem does behind your back to simulate an "always on" DSL connection. In any case, you can buy a simple $45 wireless router and hook it up, and you're immediately protected. (Plus you can sit on the couch with your laptop and browse the Internet! Rock on!)
How does a router act as a firewall? It's complicated, but let's just say it's not something that's there by design. Routers use a technique called Network Address Translation (NAT) to trick one single Internet connection into allowing multiple computers on it at the same time. Because of how NAT works, the only stuff from the Internet that can talk to your computer is stuff that you started, such as when you visit a website and the website responds with the site contents (like what you're reading now!) Certain numbers get associated inside the router with each "conversation" your computer has to the outside world. Anything coming in from the Internet is checked against those numbers. A matching set of numbers gets sent to the appropriate computer, but if anything doesn't match (and the chances of a "false positive" getting through are practically zero) then the router shrugs its digital shoulders, says "I dunno where this is supposed to go..." and throws out the information entirely. Basically, the attack never reaches a computer because the router doesn't know which computer it's supposed to send it to! It's a very neat side effect of NAT routing, and it means years of hardware firewall protection for every computer in your home is a mere $45 away. That's a pretty sweet deal, no?