chapter 4: Exploring Web Browsers and Internet Security

Whether we talk about home or office, computer security is the major concern these days. With the introduction of an array of malwares,
viruses and online threats, it has become very important to ensure the safety of the data and resources. Therefore, an organized approach is
needed to address this growing problem. Multiple measures are required to be taken to ensure safety of the data and resources.

Web Browser Concepts

A web browser is a software application used to access the information and resources from the World Wide Web. The information is
displayed in the form of web pages. Some of the most popular web browsers are Google Chrome, Internet Explorer and Mozilla Firefox.

Internet Security

The main aim of Internet security is to develop rules and regulations that can prevent the computer and data from attacks when they are connected to the Internet.

Web Browser Security

In order to access any information from the internet, you always need a web browser. S0, It Is mandatory to install a web browser on every Computer. web browsers to online threats.

In order to ensure security of your web browser.

Configure Browser Security and Privacy Setting: A computer user should check the security and privacy settings of the browser soon after it is installed and should ensure that all the default settings are in place. For instance, if the browser is configured by default to leave third-party cookies enabled, they will allow advertisers to track online activities of the user.
Keep the Browser Updated: lo fix the security vulnerability of previous versions of browsers, updates are released from time to time. It is advisable to keep updating the browser for improved security as and when the updates become available. 

Sign up for Alerts: Enable Google alerts on the web browser to stay updated with any evolving security issues. One can also limit the frequency of alerts: instant, daily or weekly. Install Security plug-ins with Caution: Installing security plug-ins is a good practice but sometimes they can also put the user at risk if not installed with caution.

The sate and recommended extensions Tor ensuring browser security are

HTTPS Everywhere: Developed by Electronic Frontier Foundation and the Tor Project (for Firefox, Chrome and Opera), HTTP Everywhere extension automatically switches insecure 'HTTP websites to secure 'HTTPS' websites.
A web of Trust: Determining the safety of the website. WOT is an extension for Internet Explorer, Chrome, Firefox, Opera and Safari.It shows a traffic signal icon near URLs and links to indicate the reliability of the source. Green indicates it is trustworthy, yellow means proceed with caution and red signals to avoid it.
LongURL.org.: Twitter and Facebook users often see a shortened link attached to an engaging post and do not spare a second thought before clicking on it. These links can mask malicious links that can put the system on risk. One can check that where this Suspected link is destined without clicking on it by Simply copying and pasting that shortened link into the search box at LongURL.org.

Browser Features and Associated Risks

Java: It is a general purpose computer programming language, which is used to create applications and active content on the internet. It has a browser plug-in and application. Out of these two, the Java plug-in can place the browser at risk. It can lead to data theft and other hacks, therefore, it is recommended to keep them disabled.
ActiveX: Pre-installed on Internet Explorer, ActiveX is a software component that helps in displaying some element on certain websites. It also helps in enhancing the browsing experience, but its availability can allow hackers to install malware and other malicious programs on the system
Cookies: These are files that keep track of the user's browsing history by recording it locally on the system. It is quite common that advertisements of products that we frequently search keep flashing on the web pages. This is due to cookies, which allow retailers to access recorded browsing history and display related advertisements to the targeted users. To prevent such online privacy breaches, it is recommended to disable the cookies.
Extensions: These are the software that help in addition or modification of a specific feature in a browser, such as blocking
advertisements, doing instant messaging with friends or watching online videos. There are few extensions which download malware on the system and access the browsing history. Hence, it is advisable to do a proper research before installing any extension on browser.

Identification of Secure Websites

SSL Certificate: Always check the URL of the website. It should start with 'HTTPS' and not 'HTTP: The extra 'S' stands for secure and certifies that the site is secured using Secure Socket Layer (SSL) technology.
Lock Icon: The website with a lock icon before their URLs and green address bar are secured with the safest validation (Extended Validation).
Domain: Cyber criminals can create duplicate websites from an existing website to fool and lure the customer to buy from them. So, never open links attached in any email from unknown senders. Also, check the authenticity of the company/website before availing its offerings. For this, users can check physical address, phone number, return policy and privacy statement available on the website.

What is Instant Messaging?

Exchanging text messages between twO or more participants in real time over the intenet using a set of communication technologies is called Instant Messaging.

The main features of instant messaging are as follows

1. Allows back and forth communication with online friends
2. Allows creation of chat rooms with more than one friend
3. Allows video chats and view/send videos
4. Allows Viewing images stored on the remote computer of a friend
5. Allows sharing of music
6. Allows sending quick messages from mobile phones
7. Allows sharing of favorite web links
8. Allows real time sharing of news
9. Allows audio calls with friends
10. Allows sharing of documents

Instant Messaging Security Issues

Privacy Issues: As the IM session exchanges information in clear-text mode, the data can face several privacy issues like eavesdropping, information leakage and loss of data. Most of the free IM Systems do not use encryption technique, which in turn opens opportunities for hackers. Several freeware network snifters (NMAP or Ethereal) are available that can be downloaded to access the textual conversations between two parties.
Impersonation: Hackers can gain the access to login details of user's IM account and can impersonate themselves as the user Friends, business clients and co-workers cannot recognize the user is real or not and can exchange crucial data or private information. This may cause severe damages to the victim.
Malware Threat: By using file transfer option on IM, users may allow infected files and malware to enter their system.Users may skip the antivirus check and invite virus on their system. Attackers can also convince credulous users to install malicious software sent by them.
IM Software vulnerabilities: IM clients can have in-built vulnerabilities if not downloaded from a reliable source. It is advisable to check IM client carefully before installing them on your system, else the system can be prone to additional vulnerabilities.
Denial of Service: The system can also become susceptible to Denial of Service (DOS) while using Instant Messaging clients. These attacks may harm the system differently, such as by crashing instant messaging software, consuming higher CPU power, making IM clients hang repeatedly and make the computer unstable

Managing Instant Messaging Security issues

1. Set the IM Client not to accept shared files automatically, which in turn will protect the system from downloading virus affected files
2. Whenever any file is received on IM, always check its origin and open only after scanning with antivirus software
3. For official purposes, set up a corporate Instant Messaging System on the company's intranet.
4. Never open web links from unknown senders.
5. Either avoid sending personal information on IM systems or encrypt them before sending.
6. Always keep the firewall protection on, install latest antivirus software and keep Instant Messaging software updated.

Child Online Safety

Being born in a technology driven world, children are highly fond of gadgets and the Internet. It would not be wrong to say that kids are more active internet users than adults. This keen interest in the Internet can expose children to some unwanted content that may lead to negative impact on the young minds. With a never ending availability of vulnerable content on the internet, the threats to children's online safety have increased.

Some of these threats related to child online safety are

Pornography: Due to easy and free availability of content on the internet, it has become very convenient for kids to access anything. Pornography Is one the major issues related to child online security in the present time.
cyber bullying: cyber bullying is a form of harassment that takes place using electronic technology. Such as computers, mobile phones and tablets. children are
the most common target of cyber bullying apart from adults. Anyone can bully someone else by posting rumors about an individual, sending threatening mails,
disclosing personal information of the person, making sexual remarks or posting embarrassing pictures. Communication tools like text messages, websites, social
media, messages and chats are used to bully a person. Some of the symptoms of cyber bullying in children are

• Lower self-esteem and enhanced emotional responses
• Increased suicidal thoughts, sadness and loneliness
• Appear scared, depressed, angry or frustrated

Stealth Sites: Cyber criminals creates stealth sites to fool the people by routing them to the wrong and affected sites. They do so with an intention to increase
their site traffic and earn profits. Suppose a child wants to open an authorized government website but an online predator has developed his websites page on
similar URL address with .com domain in place of gov domain. In this case, child will be directed to another webpage that can be a porn site or any similar site.
Misdirected Searches: Parents must guide their children to protect them from online threats and about the security of system. Though parents may take precaution to safeguard their kids, there can be instances when child may be misdirected to malicious websites. Such sites often use the terms related to kids, such as exam, games, school and so on. The kid might be looking for a relevant topic but can be routed to other inappropriate websites
Grooming: It is a practice of forming a relationship with a child and gain their faith by establishing an emotion connection with them. The attacker pretends to be a friend and collects personal information like interest, location and sexual experiences from the kid via social media sites, chat rooms and messaging. Groomers provided take information about themselves by telling wrong gender and pose as a teenager to prepare the victim for child abuse.
Social Networking Sites: Use of social media sites is very common nowadays and almost everyone is online on one or the other website. Apart from interacting and connecting with friends, these sites can also be susceptible to cyber bullying. Hackers can steal the personal data from the accounts using unethical practices to harm the victim.
Unsolicited Emails: Getting spam mail is very common these days. These spam mails are unsolicited emails, which are send by the spammers every day in bulk. Spams are intended to increase web traffic on their sites and promote pornography. Child unknowingly opens these spam mails with links of pornographic sites and becomes the victim.
Chat Rooms: Users with similar interest communicate with each other in chat rooms. Attackers approach kids in these chat rooms to collect personal information
and send links of malicious and inappropriate websites to them.

How to Determine If Children are at Risk Online

1. Children are usually busy on their systems.
2. Children are not interested in anything and look stressed out.
3. The system of child contains porn content and browser search history shows access to pornography.
4. On entry of parents in the room, they suddenly switch the active window on the computer.

How To Protect Children from Online Threats
1. Make kids aware about the online threats by providing proper knowledge about the same.
2. Keep a check on kids' online activities on the computer.
3. Make use of the internet filtering software to restrict access to inappropriate sites and pornographic content.
4. Monitor the social networking profile of kids regularly. Ask kids not to provide personal information to any stranger.
6. Coordinate with the police if any stranger is in regular contact with them.

What to do if a Child becomes a Victim of Online Abuse

1. Avoid any type of communication with the online predators
2. Do not visit the sites which are known to cyberbully kids.
3. If any spam or unsolicited email is found, block the sender to avoid further mails
4. If required, delete the social networking accounts.

Child Friendly Internet Software: KidZui

Special designed for kids, Kidzui IS a web browser with a Zooming user interface paradigm. it is free, safe and easy to use web browser, which provides filtered search results. It doesn't use the open Internet, only the teachers and parents have the right to approve the database URLS that can be accessed by the kid.