No scripts!
One of the most common ways your computer gets compromised, is by malicious scripts opened by your web browser. This means you go to a website that might look normal, but it’s doing bad stuff in the background that you don’t see, potentially giving the attacker full access to your computer. This is a particularly nasty problem, as when you go to a site, you want everything to work as the website developer intended, but allowing all scripts on untrusted site creates a risk.
The most popular way to avoid this is to block scripts by default, but take note it moves the responsibility on to you to decide what sites to trust… or not.
There are various no script plugins, depending on your browser:
- If you use Firefox, download the NoScripts plugin.
- While not quite as good as NoScript, Google Chrome has a the NotScripts plugin.
- Opera also has a NotScripts plugin.
- Internet explorer has a cross side scripting (XSS) filter
Once you have installed the plugin, restart your browser. You should notice a new icon or bar at the top or bottom of your browser, for your new plugin. If you click your mouse over that icon on any given website, you can allow scripts to run on that site, either temporarily (as long as your browser is open that session) or permanently. Don’t allow scripts to run on websites you’re not sure whether to trust. It’s better to be safe than give a stranger full access to your computer!