Aces High Bulletin Board
General Forums => Hardware and Software => Topic started by: Tarmac on September 13, 2005, 03:02:52 PM
-
In a lot of your posts, you refer to "unsafe" websites because of Javascript, activeX, cookies, etc.
I grabbed the "noscript" extension for firefox, and I never realized how many sites use this kind of stuff. Nothing works without it. In my ignorance, I end up manually allowing most sites to do their thing anyway.
For those of us who don't know carp about how webpages work, can you explain how you deal with these sites?
-
Javascript is not neccessarily a bad thing. Our site uses some Javascript for the pop-up menus, for example.
ActiveX is evil. It is how 99.9% of all spyware/malware propagates. Anyone running IE (I do not think FireFox supports ActiveX) with ActiveX enabled is asking to be buried with spyware/malware programs.
Cookies just track your movements around the net, which is the worst case. But cookies are also useful. The board here depends on cookies to function properly.
===
I review the source of the page when Javascript is required to see what they are doing (most sites will not attempt to hide what they are doing in java scripts, those that do are usually doing it for a reason). If it is innocent, then I allow them (I may still block the cookies though).
I put sites in the restricted zone of IE when they use ActiveX, or if they use hidden scripts. If they need Java, not javascript, I put them in the Restricted zone too.
In the last 3 years, I have yet to get any spyware/malware programs or bad cookies. My computers have not caught any viruses either.
You see, the "Internet Options" in IE also apply to Outlook and Outlook Express too. Oh, if you use Outlook Express, disable HTML email (it strips HTML code leaving the pure text). Another measure of safety is gained.
I am an odd duck. The Internet is something not too important to me. I can live without being able to reach a site. I prefer my computer stay lean and clean. It is a higher priority for me.
-
Cool, thanks for the info. I was thinking that Javascript was bad too.
Also, good to know that ActiveX doesn't work with firefox.
-
What about windows update. I think it uses activex?
Activex is also used by some other "safe" places and you cant ignore it totally. I use it manually.
-
For the Windows update site, just put "*.microsoft.com" in the "Trusted" sites zone and leave ActiveX enabled, or put it in the "Restircted" zone and set the security low and do not put anything else in there.
I wish MS would allow custom zones in IE. It would make it much easier to setup things like that.
And because MS's update requires ActiveX, you cannot use any other browser to use the auto-updater. However, you can always grab the updates and manually install them from the MS downloads site.
They mirror the patches on it. That is what I do, so I can build a CD with all the updates on it.
-
the way bill is going pretty soon we are going to need dual layer dvds to store patches on