|
|
Configuring Microsoft products for safety, security and privacy
Internet Explorer - INTERNET ZONE SETTINGS - also see Advanced, Outlook Express
Just to re-iterate why this is so important - these are the SECURITY
SETTINGS FOR ANY UNKNOWN SITE or one that you have chosen to remain at this
'level'. You may want to 'promote' trusted sites to a higher level
using the instructions in How to trust a web site
to allow them more freedom to exploit interactive
and other features of your browser.
For anyone who thinks that Active-X controls are more trustworthy when
they are signed should see an old quote from the MS site - it shows what
the early designers had in mind (or not!)...
These are the changes to the settings for
the Internet Zone after they have been (Re)-set to High (security).
See images to right as an example of how to get to these settings
from Internet Explorer. Click on "Tools"
then "Internet Options" then "Security" (top Tab) then click on
"Custom level" while having "Internet Zone" highlighted (the "Globe" icon).
The easiest and safest way to achieve all these settings is to start
by selecting "High" in the "Reset Custom settings" and then click "Reset".
Doing this will switch off anything that is deemed (by MS!) as at all dangerous!
Then you can restore the basic minimum to allow web sites to interact with
you efficiently and effectively but without exposing the security flaws.
The ten images to the right are what you want to achieve and the changes
are hopefully highlighted in bright blue - enable Javascript and submit forms
on an insecure connection - screen shots 8 and 9 to the right if you
have already done a 'Reset to High'.
As good background reading material the following link is MS advice for a
commercial environment (Windows Server) but it is equally relevant for a home
or small business user who wants to be more secure:
Microsoft advice for commercial users of MS IE
The bottom two images on the right are the only two changes that should
be made to 'upgrade' the setting from 'High' to slightly less severe.
If there is a site that you are keen to view and you trust both the owner
and their competence in I.T. and you are absolutely certain that the
site you are viewing really is owned by who you think it is only THEN you
should consider promoting the site using the instructions in How to trust a web site.
|
Above and to the right are the first
two screens en-route to
Security
settings for the Internet Zone
within Internet Explorer.
|  |
|
On the left just below is where the 'Globe' is selected for the Internet Zone.
On the right just below is the first of several screens of settings
It is recommended that you click on 'High' in the 'Reset to:' field
and click on the 'Reset' button which will then be highlighted.
|
 |  |
 |  |
Active-X controls - to sign or not to sign - that isn't the question!
The following quote from the MS web site is very old but is demonstrates
how much faith you might want to have in even digitally signed Active-X
controls:
Sign that control
To sign your control, you'll need to obtain a certificate from a
Certificate Authority such as VeriSign, Inc. Find directions from
VeriSign
There are two classes of digital IDs for Microsoft Authenticode&tm; technology.
Class 2 certificates, for individuals who publish software, cost US$20 per year
and require that you provide your name, address, e-mail address, date of birth,
and Social Security Number. After VeriSign verifies this information,
you will be issued a certificate.
I hope that has been useful. Any Comments, suggestions or corrections
to: Contact us please.
This would be especially useful if the software environment you have is
different to mine and the headings, text or prompts are different.
|
News
Windows XP Remote Assistance now provides in-work training and assistance, as and when needed to more than a dozen customers
What's Hot
April'08 Keep Spammers out of your InBox - starting from 30 UKP p.a. including your own (UK) domain.
|
© |
Business before Technology |
Making the Web
work for business
|
|
usiness