Browser security

Fri, 2008-11-07 13:05 by macker7963 · Forum/category:

I’ve seen this question asked a few times, but don’t recall ever seeing a definite answer. Is it safe to leave your computer with the web browser open, or can hackers use this open browser to gain control over your computer while you’re not looking? Or does the fact that you have always-on broadband mean that they can get to your computer anytime it’s switched on? Is a computer in hibernation the same as a switched-on computer?

Hibernation risk

Sun, 2009-03-08 21:03 by alan_b

Google for "waking computers out of hibernation".

When a computer hibernates, it may wake-up automatically upon schedule, or upon a message from the Internet.

Do not assume any extra safety from hibernation unless you have verified that NOTHING can wake it out of hiberbation other than your physical actions.

Regards
Alan

That is correct

Sun, 2009-03-08 22:06 by admin

Let's just not overlook that any extra safety from hibernation is normally not needed, particularly if the computer is behind a NAT router or a firewall or both.

Definitive answer

Fri, 2008-11-07 13:32 by admin

Interesting questions. The short answers are these:

  • Yes, it is safe to leave the browser open.
  • No, an always-on broadband connection does not normally allow anybody to access your computer.
  • A hibernating computer is even safer—it cannot be attacked at all, unless it is first woken up. But that doesn't mean one has to put a computer into hibernate mode to avoid attacks.

Now for the finer details. There are some ifs and buts. For example, if you connect your computer directly to an always-on connection to the Internet without any normal protection, i.e. no router, no firewall, no logon password, then it will be accessible from the outside.

A web browser security hole may be a vector for a few kinds of malware, but there are many other vectors. Virtually every program can be a vector if it has a security hole. And the web browser is relatively innocuous while you don't use it. I'd be more worried about the browser while I'm actually using it, because it is then that data from the outside is passing through it.

The browser, if set up normally and not already infected, will warn you before you're doing something dangerous, like installing a browser add-on or saving a file from the Internet to your hard disk. It will not allow any dangerous action to go ahead without your consent.

The really important questions are only the following two:

  1. Do you have a router with NAT (Network Address Translation) between your computer and the Internet?
  2. Do you have an active firewall between your computer and the Internet, either a software firewall in your computer or a hardware firewall in your router?

Either 1. or 2., if working properly, will sufficiently protect your computer. Both together will be even safer.

For example, Windows XP and Vista have a software firewall built-in, and that firewall provides sufficient protection for normal purposes.

Most modern routers have both a firewall and NAT. You know you are using NAT if your computer has a private IP address, for example, one beginning with 192.168. Entering the command ipconfig in a command line window tells you the IP addresses of your Ethernet ports. If the one connected to your router has a private IP address, then it cannot be reached from the outside, unless you specifically instruct your router that you want connections from the outside forwarded to your computer. The basic reason is that all routers out there on the Internet will not and cannot route anything to a private IP address, because they don't know where it is.

There is another point to watch out for. Make sure your automatic updates are activated in Windows, as Microsoft keeps discovering security holes and patches them. This is an important security measure. A patched Windows is fairly safe even without a firewall, while an unpatched, unprotected Windows installation is infected on average within less than a minute after being connected to the Internet, whether the browser is open or not.

And finally there is one big security hole to watch out for, and that is the email attachment. All NAT routers, firewalls, and patches are ineffective if a virus or Trojan

  1. arrives in your mailbox by email, and
  2. you somehow manage to start it.

If it's an executable file, like EXE, VBS, COM, or the like, simply opening it will activate it, and it will be infecting your computers from the inside of your protective router and firewall. A good virus checker can be helpful, but actually the simplest protection is not to open email attachments that are coming from an unknown source, like some kind of electronic postcard service or an unknown email address. I have a virus checker, but I don't have it running all the time. I only use it to check the occasional file. And I don't get infected, because I am too wary when it comes to email attachments.

All bets are off, once your computer is infected. The malware can actively circumvent all your normal security measures, and NAT and firewalls are not very effective against threats from the inside.

These are the basics. When you have two or more computers, you want a router anyway, but for the added protection I actually recommend a router even for just one computer. Simple routers are cheap these days. I also recommend to leave the software firewall on as well, because it protects you from infections on other computers inside your network, like the laptop of a visitor, who may not be as careful as you are.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.