FBI: Building Digital Defense with Browsers

As more of our computing world lives inside a browser, the risk goes up.

As we move to Work From Home, the risk goes up again because we no longer have corporate infrastructure to chop off the top few layers of attacks.  Also many of us have kids that either share our computer or share our network.

The FBI has launched an initiative to protect political campaigns and voters from foreign influence campaigns and cyber attacks called Protected Voices.

The Portland office of the FBI adapted some of the recommendations from that program into recommendations for everyone.

Before I give you the list, let me warn you that it is going to expose that always issue – security or convenience – PICK JUST ONE!

Here are the FBI’s recommendations:

Note: How you implement these will be browser and system specific

  • Disable AUTOFILL
  • Disable remember passwords
  • Disable browsing history

Disabling these features makes it more difficult for malware on your system to steal sensitive data

  • Do not accept cookies from third parties

Note that some browsers do this by default.  Doing this reduces the ability of third parties to track you and aggregate your browsing habits.  And sell them.

  • Clear browsing history when you close your browser or use incognito mode

Note that this means that you actually have to close your browse.  Again, this reduces your fingerprint and makes it more difficult for advertisers (and hackers) to track you.

  • Block ad tracking
  • Enable do not track (there has to be at least one site on the web that honors this)

There are a number of good ad blockers.  Apple and Firefox have built in ad blocking.  Not only does this make it harder to track you but it stops malware laden ads from running on your system.

  • Disable browser data collection

All browsers like your digital exhaust;  that is why they collect it, but it is none of their business.

  • Make sure that if a web site wants your digital certificate, you have to approve each request

Your digital certificate *IS* your signature.   Protect it.

  • Disable caching

Caching makes browsing faster, but apps and web pages can find out what is in the cache and figure out what you are doing and where you have been.

  • Enable browser features to block malicious, deceptive and dangerous content.  Different browsers do this in different ways; some more privacy friendly than others.

What is true about all of these features is that they will have some impact on your browsing experience.  You don’t have to implement all of them, but each one makes things a little more difficult for the bad guys.

It is your call.

Source: FBI

Facebooktwitterredditlinkedinmailby feather

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code