[ Go to July 1997 Table of Contents ]

Windows on the Web
Here's How
Batten Down Your Browser

-- by Richard Castagna

Surfing the web often involves navigating uncharted waters, and nothing induces a sinking feeling like finding the sites you call on are leaving something behind-on your hard disk. Or worse, exposing your data to scalawags. More and more sites you connect to are passing data to and from your PC-much of the time without your knowledge. But a few key settings within your browser can add a measure of security and ensure smooth sailing.

A Web site may leave something behind on your hard disk or request information from you. Most browsers-especially the dominant duo of Netscape Navigator and Microsoft Internet Explorer (IE)-can alert you to any hard disk stowaways or security risks.

Many sites leave behind bits of data known as cookies and certificates. They can dip into your data when you offer information on forms, and, in extreme cases, open the door for other browsers to access your hard disk. The latter is more likely to occur on an intranet, where internal network security is often lax.

A cookie usually contains information about your browsing preferences at a particular site. It could be a marker that tracks the kinds of pages you've visited and the type of information you're interested in. Even though the cookie is meant to make your journey more enjoyable, the thought of a server thousands of miles away leaving something on your disk can be unsettling. In Navigator 3.0 and Internet Explorer 3.0, you can toggle a switch to make a warning appear whenever a site wants to leave you a cookie. You can either accept the cookie, or refuse it and keep your disk pristine.

In IE, select View/Options and click on the Advanced tab. Click on the check box labeled "Warn before accepting cookies." In Navigator, select Options/Network Preferences, then the Protocols tab. In the section, "Show an alert before," check the box that's labeled Accepting a Cookie.

There are worse threats than cookies. Even if you send information only to reputable sites, it's the pit stops your data takes that you need to worry about. If you make credit-card purchases via the Internet, your credit-card number hops from computer to computer before reaching its final destination. If there's an unsavory stop along the way, your credit-card number is fair game.

To guard against this, make sure you're at a site that prevents unauthorized access to your data. In Navigator, you'll know you're at a "secure" site by the condition of the key icon in the lower-left corner. If you see a whole key, you're at a secure site; if the key is broken, you're not. When the key is whole, its teeth indicate the level of a site's security: two teeth for a high level of encryption and one for a medium level. IE displays an icon of a lock on the status bar and can notify you when you're about to send data to a nonsecure site. If the site claims to be secure but its security credentials are suspect, IE can warn you that the site may have been tampered with or might be misrepresenting itself.

If you take these few easy precautions, you can usually steer your browser out of harm's way.

Windows Magazine, July 1997, page 230.

[ Go to July 1997 Table of Contents ]