Saudi deputy FM meets Sudan's Sovereign Council chief in Port Sudan    Kuwait, India to elevate bilateral relations to strategic partnership Sheikh Mishal awards Mubarak Al-Kabir Medal to Modi    MoH to penalize 5 health practitioners for professional violations    Al-Samaani: Saudi Arabia to work soon on a comprehensive review of the legal system    Environment minister inaugurates Yanbu Grain Handling Terminal    Germany's attack suspect reportedly offered reward to target Saudi ambassador    U.S. Navy jet shot down in 'friendly fire' incident over Red Sea    Israeli strikes in Gaza kill at least 20 people, including five children    Trudeau's leadership under threat as NDP withdraws support, no-confidence vote looms    Arabian Gulf Cup begins with dramatic draws and a breathtaking ceremony in Kuwait    GACA report: 928 complaints filed by passengers against airlines in November    Riyadh Season 5 draws record number of over 12 million visitors    Fury vs. Usyk: Anticipation builds ahead of Riyadh's boxing showdown    Saudi Arabia to compete in 2025 and 2027 CONCACAF Gold Cup tournaments    Marianne Jean-Baptiste on Oscars buzz for playing 'difficult' woman    PDC collaboration with MEDLOG Saudi to introduce new cold storage facilities in King Abdullah Port Investment of SR300 million to enhance logistics capabilities in Saudi Arabia    Al Shabab announces departure of coach Vítor Pereira    My kids saw my pain on set, says Angelina Jolie    Legendary Indian tabla player Zakir Hussain dies at 73    Eminem sets Riyadh ablaze with unforgettable debut at MDLBEAST Soundstorm    Order vs. Morality: Lessons from New York's 1977 Blackout    India puts blockbuster Pakistani film on hold    The Vikings and the Islamic world    Filipino pilgrim's incredible evolution from an enemy of Islam to its staunch advocate    Exotic Taif Roses Simulation Performed at Taif Rose Festival    Asian shares mixed Tuesday    Weather Forecast for Tuesday    Saudi Tourism Authority Participates in Arabian Travel Market Exhibition in Dubai    Minister of Industry Announces 50 Investment Opportunities Worth over SAR 96 Billion in Machinery, Equipment Sector    HRH Crown Prince Offers Condolences to Crown Prince of Kuwait on Death of Sheikh Fawaz Salman Abdullah Al-Ali Al-Malek Al-Sabah    HRH Crown Prince Congratulates Santiago Peña on Winning Presidential Election in Paraguay    SDAIA Launches 1st Phase of 'Elevate Program' to Train 1,000 Women on Data, AI    41 Saudi Citizens and 171 Others from Brotherly and Friendly Countries Arrive in Saudi Arabia from Sudan    Saudi Arabia Hosts 1st Meeting of Arab Authorities Controlling Medicines    General Directorate of Narcotics Control Foils Attempt to Smuggle over 5 Million Amphetamine Pills    NAVI Javelins Crowned as Champions of Women's Counter-Strike: Global Offensive (CS:GO) Competitions    Saudi Karate Team Wins Four Medals in World Youth League Championship    Third Edition of FIFA Forward Program Kicks off in Riyadh    Evacuated from Sudan, 187 Nationals from Several Countries Arrive in Jeddah    SPA Documents Thajjud Prayer at Prophet's Mosque in Madinah    SFDA Recommends to Test Blood Sugar at Home Two or Three Hours after Meals    SFDA Offers Various Recommendations for Safe Food Frying    SFDA Provides Five Tips for Using Home Blood Pressure Monitor    SFDA: Instant Soup Contains Large Amounts of Salt    Mawani: New shipping service to connect Jubail Commercial Port to 11 global ports    Custodian of the Two Holy Mosques Delivers Speech to Pilgrims, Citizens, Residents and Muslims around the World    Sheikh Al-Issa in Arafah's Sermon: Allaah Blessed You by Making It Easy for You to Carry out This Obligation. Thus, Ensure Following the Guidance of Your Prophet    Custodian of the Two Holy Mosques addresses citizens and all Muslims on the occasion of the Holy month of Ramadan    







Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.



Security secrets every user needs to know
By Robert McMillan of PCWorld
Published in The Saudi Gazette on 23 - 07 - 2010

You know to keep your antivirus program and patches up to date, to be careful where you go on the Internet, and to exercise online street-smarts to resist being tricked into visiting a phishing site or downloading a Trojan horse. But when you've got the basics covered, but you still don't feel secure, what can you do?
Here are a few advanced security tips to help you thwart some of today's most common attacks.
Avoid Scripting
This may be the one piece of advice that will do most to keep you the safe on the Web: Steer clear of JavaScript, especially on sites you don't trust.
JavaScript is very popular, and for good reason. It works in almost all browsers, and it makes the Web a lot more dynamic. But it also enables bad guys to trick your browser more easily into doing something that it shouldn't. The deception could be something as simple as telling the browser to load an element from another Web page. Or it could involve something more complicated, like a cross-site scripting attack, which gives the attacker a way to impersonate the victim on a legitimate Web page.
JavaScipt attacks are everywhere. If you use Facebook, you may have seen one of the latest. Lately, scammers have set up illegitimate Facebook pages offering things like a free $500 gift card if you cut and paste some code into your browser's address bar. That code is JavaScript - and you should never add it to your browser.
But miscreants can add JavaScript to hacked or malicious Web pages, too. To avoid attacks there, you can use a free Firefox plugin called NoScript that lets you control which Websites can and cannot run JavaScript in the browser. NoScript goes a long way toward preventing rogue antivirus programs or online attacks from popping up when you visit a new Website.
By blocking scripting everywhere and then using NoScript to build a whitelist of trusted sites, you can derail most of the so-called Web drive-by attacks that currently plague the Internet. NoScript also comes with a cross-site scripting blocker. Cross-site scripting has been around for a while, but these days bad guys are using it more frequently than ever to seize control of online accounts on sites such as YouTube.
If you don't use Firefox, you still have some options for cracking down on scripting. Like Foxfire users, Google Chrome users can disable JavaScript universally and then build a whitelist of sites where it's permitted. Unfortunately, neither Internet Explorer nor Safari has a NoScript equivalent, but IE users can adjust their Internet Zones security settings to require prompts before scripting. And IE 8 includes new cross-site scripting protection to ward off some attacks.
Disabling JavaScript in Adobe Reader can help, too. To do so, click Edit, Preferences, JavaScript and then uncheck the Enable Acrobat JavaScript box to the right of the window.
The downside of all these defensive tactics is inconvenience. With scripting disabled in your browser, many animations, movies, and dynamic Web pages simply won't work - and many users get frustrated by the never-ending cycle of opening a Web page, seeing that it doesn't work properly, and then choosing to allow scripting on that page.
Reject rogue antivirus offers
Far too many people have had this experience recently: You're surfing the Web on a totally legitimate site when a scary-looking warning message pops up suddenly. It tells you that your computer is infected. You try to get rid of it, but more windows keep popping up, urging you to scan your computer.
If you do this, the scan invariably finds security problems and offers to sell you software that will take care of the problem. This is rogue antivirus software. The only thing the software does is put money into the pockets of criminals.
Rogue antivirus programs have emerged as one of the most annoying security problems of the past few years. To the victim, the pop-ups can seem like an infection themselves. Every time you try to close a warning window, another one appears.
First off, never buy the software. It simply doesn't work, and often it will trash your system. Either press Alt-F4 to close your browser directly or press Ctrl-Alt-Delete to open your system's task manager and shut the browser down from there.
Another way to steer clear of rogue antivirus attacks is to be careful when reading up on a hot news story. The bad guys follow Google Trends and Twitter's Trending topics, and they can quickly promote one of their malicious Web pages to the top of Google search results..
Next, verify that your programs are up-to-date by usingFoxit Reader or PDF Studio. Similarly, you can check .doc and .ppt files in OpenOffice. The downside is that, in a nonstandard application, files may not look exactly as they should. This drawback might make such apps unsuitable for daily use, but even so you should consider using them to open dubious documents in.
Use Gmail or VirusTotal to check documents
Why do security experts use alternative PDF and .doc readers? They've warned us for years not to open attachments that come from untrusted sources. Strange .exe files are a sure sign of trouble, but hackers have also found ways to break into computers by tricking users into opening maliciously encoded documents.
One approach is to let Google do the checking for you. Forward attachments to a Gmail address, and Google's filters will scan it for malware. Then, you can convert the document and read in Google Docs to see whether it's legit.
Another tip is to submit files to Virustotal. This free scanning service runs your file through 41 antivirus scanning engines. If any of the programs identifies it as malicious, Virustotal will let you know what programs you use, and verify that they're up to date
Learn the password game
Most of us use the same username and password over and over. Hackers know this and they're happy to use it against you. Often they steal a person's password and user name, perhaps via a phishing attack, and then try that combination on other popular services - Facebook, Gmail, PayPal, Yahoo - to see if it works there, too.
Luckily free and simple password management tools, such as KeePass Password Safe, are available to keep track of your passwords for you. They are a bit more work - you may tire of constantly jumping between a password manager and your browser every time you want to log into a Website, but remember that security always involves trade-offs.


Clic here to read the story from its source.