Checklist 14: 5 Ways to Secure Your Browser

• Reject Third-Party Cookies.
• Regularly Clear Browser Data & Cache.
• Password Storage Options.
• Browser Add-ons: Do’s and Don’ts.
• Protection Against Fraudulent Sites.

What’s the one piece of software you use more than anything else, day in and day out? For most people, the answer is easy: their web browser. How else are you going to share pictures of food and cute cats? In today’s edition of the podcast, we’re not talking about Internet humor — instead, we’re going to tackle safe and secure Internet browsing. It’s no secret that the browser is probably the piece of software any computer user relies upon the most. That makes it quite an appealing target for viruses, malware, and exploitative hackers. One study this year showed that nearly half of all exploits in the study period were directed at browsers.

Everyone has a favorite browser, just like everyone has a reason for why their browser is the best one around. A quick glance at any “what’s the best browser?” discussion board makes that evident in a hurry. What’s more important, though, is to know how to use those browsers safely. Today all the major players in the browser arena already make the general security of their software a top priority. Okay, so why should you be concerned? There’s always room for improvement on the user’s end. From browser tweaks to tweaking your browsing habits, you can do a lot to secure your browsing experience on your own.

The first step towards better security is to be more concerned with it. That doesn’t mean you need worry about hackers breaking into your computer every time you to visit Facebook. What we mean instead is that you should concern yourself with choosing better security. When we pay attention, it’s vastly easier to identify potential threats. Then you can act to guard against them. Okay, with all that said, what can you do to make your web browsing safer? Let’s examine five ways you can take action on browser security.

Reject Third-Party Cookies. If you’ve been around on the web for a while, you probably know about cookies. Let’s do a brief refresher first, though. A cookie is a small morsel of data on your computer that contains information a website wants to store. This info might be a social media password or preferences you’ve saved on a website — there are a lot of possibilities. Not all cookies are bad. Abuse of the cookie feature, though, isn’t uncommon. Advertisers can write cookies through your browser which track your web activity. That’s creepy, right? There are a few things we can do to tackle the problem.

First up, disable third-party cookies. These are cookies not set by the site you’re visiting, but instead by a third-party on the site — like one of those advertisers we just mentioned. Every browser from Safari to Chrome has an option to limit the cookies it accepts so that anyone can do this. We should note that sometimes rejecting cookies will cause some minor functionality problems around the web. When you do encounter a problem, most browsers again will allow you to whitelist a domain and accept its cookies. If it’s a site you know you can trust, the risk here is low.

You may want to enable the “Do Not Track” option in your browser. This alerts websites never to track your behavior to, from, or on their website. Unfortunately, it’s still currently optional for sites to accept Do Not Track. That’s why choosing to block out access via cookies is a smart first step.

Regularly Clear Browser Data & Cache. All right, once you’ve configured your browser’s cookie setting, what’s next? For security and especially privacy, regularly clearing out the data your browser accumulates is important. Most web browsers include this option built right in, making it easy to delete your information quickly. Do you really want to have to do that every time you finish a browser session, though? Probably not. Some browsers, like Chrome, have settings to let you automatically remove this data when the browser closes. This feature is similar to the way that private browsing in Safari or Incognito Mode in Chrome work. When those windows end, the system dumps all the cookies and other browsing data from the session.

It’s not a bad idea to use software like PrivacyScan to clear this sensitive data more regularly. Your browser may not catch every file, and the software lets you mop up any stragglers. Reducing the amount of information about your browsing floating around can only be a good thing for your privacy. Whether you use PrivacyScan or a built-in browser option, you should make an effort to take control of this data.

Password Storage Options. Okay, next, we all know it can be tough to remember all your passwords. Everywhere we go on the web these days; it seems like we need to create an account and log in — that means tons of passwords to remember. Browsers make it easy to remember them all, though, right? Every time you log in, most browsers ask if you want it to remember your credentials. How many of us say yes without thinking? Surely our web browser can keep our passwords safe. Well, maybe not. In the past, even Google Chrome had issues with how it handled saved passwords.

Plus, in the unfortunate event your system is compromised, it’s prudent to expect that your saved passwords may also be vulnerable. Rather than letting your browser store your passwords, a more secure solution is to switch to a password manager app. Solutions like LastPass and 1Password, though not perfect, offer far more security than simple browser storage. You also get the benefit of a built-in ability to generate stronger passwords. When you don’t need to remember them, why wouldn’t you use the strongest password possible?

Browser extensions for these programs mean you can still log in just as quickly without making a security compromise. This method also makes it easier to delete your cookies at the end of every browser session. If you struggle with remembering your passwords when you lose your cookies, a password manager will make sure that doesn’t happen again. Meanwhile, your browser will be more secure for it.

Browser Add-ons: Do’s and Don’ts. Extensions aren’t just useful for improving your password security. They can also help to secure your overall browser experience. While you need to be careful about the kinds of extensions you add to your browser, not all of them are risks. Some can prove to be quite beneficial. Let’s consider the case of Ghostery. Perhaps you can’t block the cookies you want to for whatever reason. The Ghostery extension lets you see, on every website you visit, what trackers request your information. You can then selectively block and blacklist the trackers you want to avoid.

Adblock is another popular extension. Website ads are a common vector for malware, browser hijack exploits, and other severe security issues. While you may see hundreds or even thousands of banner ads in one day, it’s the one infected ad that you should always hope to avoid. Adblock helps you do just that. Keeping anti-malware software on your Mac just in case is always a good idea, of course. We should always remember that no blocking solution is 100% foolproof.

In a similar vein, there are now many “content blockers” available as extensions to Safari both on iOS and the Mac platform. When we want to take better control of our browsers to block tracking of our activity or shut down ads, these handy tools get the job done. They’re often quite lightweight and fast, too.

Some Safari extensions allow you to you block tracking efforts by websites, blacklisting them with one click. You can also choose to place sites you trust on a whitelist. Others offer large libraries of filters. This can enable you to take a much finer control over how you share information about yourself on the web. For a content blocker aimed at power users and those who love customization options, check out 1Blocker. If you know exactly what you want to block and where, this extension puts that power in your hands.

Protection Against Fraudulent Sites. Finally, make sure you take advantage of your browser’s built-in ability to warn you about malicious pages. By using Google’s “Safe Browsing” database, browsers like Safari and Firefox can instantly display a warning page to you on detection of a malicious site. This makes protecting yourself from clicking on bad links much simpler. Google updates this database with extreme regularity. While these settings should be enabled by default, you might want to check — just to be sure.

While we’ve looked at several tools to help secure your browser, let’s think about one final thing. Safe, secure browsing is easier with the right tools, but it’s impossible without good habits, too. The usual rules still apply no matter how safe you’ve made a browser. Don’t click on suspicious or unusual links, and never enter your passwords anywhere potentially suspect. While Google Safe Browsing is very helpful, a site may suffer from an infection before Google notices. Having additional layers of protection — and a means of taking out any infection right away — is the best way to protect yourself.

That wraps things up for this episode! If you’d like more information on any of the topics we’ve covered today, or if there’s a specific topic you’d like to see featured on a future episode, send us an e-mail at checklist@securemac.com!