5 Ways to Secure Your Web Browser

FIVE WAYS TO SECURE YOUR BROWSER_header

Which is the most secure Web browser? Google Chrome? Mozilla Firefox? Microsoft’s Internet Explorer? It’s a simple question—but the answer is a bit complicated.

In a Fall 2013 poll, security-conscious browser users overwhelmingly voted Firefox as the most secure. But during the annual Pwn2own hacking contest in March 2014, Firefox was exploited four times with zero-day attacks, making it one of the least secure browsers.

To complicate matters further, a 2013 comparative analysis of five popular Web browsers by NSS Labs found that Internet Explorer outperformed its competitors. Even so, the NSS Labs research showed that no single browser uniformly protected users against the majority of security threats and privacy risks.

If no single browser is bulletproof, the next best thing is to make your favorite browser is as secure as possible. Here are five ways you can enhance the security of your browser:

1. Configure your browser’s security and privacy settings
Review your browser’s privacy and security settings to make sure you’re comfortable with what’s checked or unchecked. For example, look to see if your browser is blocking third-party cookies, which can enable advertisers to track your online activities.

For specific browser security and privacy settings, read the recommendations and steps outlined in the Department of Homeland Security’s “Securing Your Web Browser”. The guide also explains browser features and their associated risks, such as ActiveX, Java, certain plug-ins, cookies, and JavaScript.

2. Keep your browser updated
Frequently, browser updates are released to plug recently discovered security holes. So it’s important to always keep any browsers you use updated.

3. Sign up for alerts
Consider setting up Google alerts for your browser to stay current on any emerging security issues. If you use Internet Explorer, for example, create a Google Alert using the keywords Internet Explorer security, or something similar. You can opt to receive instant, daily or weekly alerts whenever news articles or other content relevant to that topic hits the Web.

4. Be cautious when installing plug-ins
Plug-ins and extensions can sometimes put you at risk. For instance, earlier this year, it was discovered that some Chrome extensions can change service or ownership without notification to users. As a result, Chrome’s regulations for extensions is changing this June to keep extensions from becoming anything other than “simple and single-purpose in nature,” according to Google.

5. Install security plug-ins
The majority of plug-ins and extensions are safe, however, and some can help bolster your browser’s security. Here are three suggested—and free—browser extensions for added security.

HTTPS Everywhere. The Electronic Frontier Foundation and The Tor Project jointly developed this Firefox, Chrome, and Opera extension. HTTPS is a communications protocol for securing communications over a computer network, vs. the standard HTTP protocol, which is more widely used but less secure. (The ‘S’ in HTTPS stands for ‘secure.’) HTTPS Everywhere encrypts communication with many major websites to help secure your browsing experience.

Web of Trust (also known as WOT). This extension for Internet Explorer, Firefox, Chrome, Safari, and Opera helps you determine if a website is safe to surf. The extension displays traffic signal icons next to URLs and links. Green means the site is reliable; yellow indicates you should proceed with caution; red translates to “steer clear.” The ratings are crowdsourced from WOT’s global user base and are supported by trusted third-party sources, such as up-to-date directories of malware sites.

LongURL.org. If you’re on Twitter or Facebook and you see a shortened link embedded in an interesting post, you might click it without a second thought. But shortened links have been known to mask malicious links. If you’re unsure of a shortened link, copy and paste it into the search box at LongURL.org. You’ll see where the link would take you, without having to actually click through to the site. LongURL.org is also available as a Firefox browser extension.

What steps have you taken to secure your browser? Which browser security plug-ins have you installed? Please share your thoughts in the comments section below.

52 thoughts on “5 Ways to Secure Your Web Browser

  1. There’s also Aviator (https://www.whitehatsec.com/aviator/) which defaults to secure settings so you don’t have to track them down and set them yourself. It’s bundled with Disconnect, it’s always in private mode, it sandboxes every tab, strips out referring URLs, and makes flash and java click to play. Nothing’s perfect, but I like having it available especially for interactions where I care about my own security.

  2. You mentioned security holes== I have installed Advanced Care System 7.2.1 on my computer-I use an Acer Notebook-and it contains one selection that you can “check off”(turn on) to help plug security holes as they are discovered.This helps to keep the computer from crashing due to viruses and Trojans-to mention a few.Also found ZoneAlarm two-way Firewall to be very protective and it warns me when I am being attacked by malware,of any type.IF you are not sure what to try–this might help.Doug Dennee.

  3. WOT isn’t perfect, I’ve seen seen several sites marked by a tiny army of zealots as malicious when they just didn’t happen to be what those zealots agreed with. And I’m not talking something most would consider disgusting, I’m talking inquisition-style attacks on anything they thought heretical (the competition). So be warned.

  4. if you want to find out if there is an alternative program you can always use alternativeto.net just type in the browser/ application into the search bar and it will come up with suggestions for you to use, as well as giving you ratings on each one.

  5. Firefox can be secure if you only install Addons from addons.mozilla.org – we have very strict security review rules and all source must be reviewed (even 3rd party libraries). a lot of things (e.g. execution of remote script, injecting advertisements etc) are not allowed. In my experience Multiplatform Addon developers always complain that Firefox is too strict. (It is so much easier to release on chrome). This makes me think that maybe addons on Chrome are less secure.

  6. Firefox 29.0.1 is unlike any other update. It’s chief feature is that it sync bookmarks, other files, and the browser itself.

  7. Why is all this so complicated? Why can not a normal average person of reasonable intelligence have a PC/Windows and add an anti-virus/Windows Essentials or Defender from a reputable company to his/her browser/Firefox and not have to continue to be worried about all this? And why do we have to have all the Mal-Ware, Spy-Warer, Firewall, etc.?
    This is way too much for a 75 yr old man to have to keep watching all the time. And there are many many other people my age bracket, both male and female that feel as I do. It’s just too much. OVERLOAD!

  8. I subscribe to Secunia.com, an organization that does ongoing vulnerability testing on all software located in Denmark for about six years. When software on my computer becomes vulnerable or is old and no longer supported by its developer, the green icon in my task bar turns red letting me know that I either have to update or uninstall an old outdated software that is no longer supported. They also track the Windows platform for updates and vulnerabilities. Their website publishes “advisories by vendor” “or advisories by product” and includes Microsoft and Zone Labs. They have a free vulnerability monitoring software that can be downloaded from their website that continuously monitors all software on your computer . They also do vulnerability monitoring for corporate organizations.

  9. What do you think about the Microsoft message concerning Internet Explorer.If you have it in your computer, even if you don’t use it, the door for hackers is open. HTTPS doesn’t mean full security, it’s only an illusion.
    Sincerely J.T.

      • It’s really not about which browser is the most secure (or least secure). It’s about learning how to secure the browser(s) you use. Please read the article on ways to better secure your browser.

    • In the Control Panel go to “Programs” and click on “Programs and Features.” Click on Turn Windows Features on or off.” You are now on the “Windows Features” window. Uncheck the Internet Explorer box and click OK. Security of our computers depends on how vigilant we are in staying on top of MS updates across the Windows platform. Security breaches is an endless ongoing problem that requires vigilance in keeping our operating and other security software up to date. Even then it is still a constant danger. Its better to keep everything up to date, without fail.

  10. What about the Epic browser? This seems secure and is always in “private” mode and ditches information when closed.

    • Alec, We aren’t aware of Epic browser. We recommend researching on this browser should you decide to use it.

  11. This may be off-topic, but 1/2 hour ago, I received a telephone call from (caller ID said: private name, private number) stating he was calling regarding problems I have been having with my Internet Explorer (and I have been having them). His English was “fair” but when I had problems understanding some of his requests, he put his supervisor on. Steve then proceded to give me instructions how to turn my computer over to them so that they could fix the problems. I asked for some type of verification they actually worked for Microsoft, and he said they worked for Southend Enterprise, whose tech support sub-contracted to Microsoft on the errors reported from my computer back to them. I was still leery, and said I wanted to check this all out. He gave me his number (210-888-09112) and name (Steve Austin) to call when I had done so.
    Have any of you had similar calls? Is there any way this could be legitimate??

    • It’s a scam. Never trust anyone who calls you and says you have a problem on your PC and that they can fix it for a fee.

      • I got the same call, but he used a different name. I just hung up on him, but he called again the next day and said he was from “Windows”. I, again, hung up on him.

      • Same scam has been on news recently in Canada.One older couple,thinking they were being billed about $60 were mistaken,actual amount was around $600.Most of the cases originated in India,and ALL said they were affiliated with Microsoft,which was not true.Scammers tricked them by saying error messages found on computer needed immediate attention or something drastic would happen to pc.One lady told scammer she didn’t even have a computer,was quickly hung up on.Say no to remote help,if call was made to you.

    • I had a call from (probably) the same people. They came at me with a statement that they were Microsoft and that MS had detected problems on my computer. They asked for access to my computer which I agreed to. After a while, I realized that they were probably bogus, and I pulled the plug while they were in the middle of something, in order to completely cut them off. Over the next 2 days they tried to call me back on my cell, but they were listed as “unavailable” for a telephone number and I did not answer the calls. Fortunately, I don’t believe that there was any damage done to my computer, but be forewarned – if you get a call from “Microsoft” check it out before allowing them to get into your computer. In all the years I have been on the computer, I don’t believe that I have ever received a call from Microsoft without my asking for MS’s help.

    • Have you heard of Leo LaPorte? He uses to have a show on US TV called Call For Help. When that show was taken off the air (much to the disappointment of many fans) be got a Canadian show of the same type. Now he’s on YouTube. Has his own studio. Good program. He discussed this call from Microsoft Partners. Said it was all a ruse. They get access to your PC and do some stuff you see but also plant an app on there that let’s then get information from your computer. Dangerous! He recommended to the caller that if she allowed them access she should wipe her HD and reinstall.

    • There is a scam going on right now where someone calls or emails you and tells you that you have viruses on your computer and want you to give them access to your computer. If you believe them and give them control ,they take hold of your files and steal your personal data ,bank accounts, ss #’s. etc. Please,do not fall for this scam!

    • Steve Austin was the the 6 Million Dollar Man in the TV series of the same name.
      I’ve had two similar calls and neither were genuine. Basically, Microsoft in general should not know your name since they claim to not collect personal information when you register Windows. Therefore they do not know your name AND telephone number AND your computer’s internet address.

  12. Browsers are not bulletproof no matter what settings you use. Exploits of weaknesses occur all the time. Whenever a computer slows down for no obvious reason, it may be due to malware. It could just as easily be too many things executing at once. Keep things simple. Don’t add on every widget that comes along. Disable background agents that are not essential and configure the rest to run at times that don’t collide with each other and at the lowest practical frequency. Install at least 3 browsers that you keep up to date. Then if your favorite becomes a victim of attack you can switch to another until updates are available.

  13. “In a Fall 2013 poll, security-conscious browser users overwhelmingly voted Firefox as the most secure. But during the annual Pwn2own hacking contest in March 2014, Firefox was exploited four times with zero-day attacks, making it one of the least secure browsers.”

    Wouldn’t a hacking contest pick the MOST secure browsers to hack, in order to make it a worthwhile contest? If a browser is not secure at all, even an unskilled hacker can exploit it with ease and what’s the challenge in that?

  14. Up to recently I used a small notebook for a couple of applications that have to run continuously, day and night (follow-up on photovoltaïc panel yield, registering data from a meteo station,etc). For security reasons this notebook was not connected to Internet at aal. Since this small pc crashed, I had to re-install these apps on my main desktop. So now this PC has to stay powered all the time. In earlier versions of ZA there was an option to “cut-off” the Internet connection. I cannot find this option anymore, so I have to withdraw physically the RJ45 connection in order to keep my PC disconnected when I do not use it. Do you know of any other simple possibility? Thanks for your support.

      • Clicking to stop all internet activity used to be easy to find. Yes, it’s still there, but I’ve spent way too much time trying to remember where it is in newer releases of ZA. I wish it were more prominently displayed as it used to be.

        • All it takes is right-clicking on the ZA icon in your systems tray and selecting “Stop All Internet Activity”.

  15. We are having a problem with instant shut downs while playing games on facebook, what could be causing this? We recently switched to a wireless router and are connected to Comcast,
    The router is a D-Link, Di-524.

  16. I have recently renewed my ZoneAlarm Security Suite 1 PC – 1 Year. Soon afterwards I received notification to install ZA version 13.1.211.000. When I downloaded, I clicked on RUN instead of SAVE and now I don’t seem to find the file anywhere. Going back to my ZA account, I can’t download the file because more than a month has passed since. Is there any way I can retrieve this file ? I may have to change my laptop soon and would need to install this ZA version on that. Can you help?
    I also tried to update to the latest version 13.2.015.000, released on 30.5. to overcome this problem, but that was blocked by ZA.
    What do I do?

Leave a Reply

Your email address will not be published. Required fields are marked *


three + = 11

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>