By Sam Bronson, Daniel Palij, and Evan Robertson
What is a Browser?
The internet stands as one of the pinnacles of human engineering, a centralized location for the entire history and knowledge of humankind. For Thousands of years, humans have used scrolls and pictures alongside the verbal stories to pass information on to the next generation. With the internet, all this information is digitized and made widely available to anyone that knows how to access it. One hurdle to accessing this information however, was the service that translated all the computer code from around the world and placed it within your computer as needed. The solution: The Internet Browser.
In 1995, Microsoft created one of the most well-known browsers in the world: Internet Explorer. For Many People, this browser served as their first way to interact with the internet in a meaningful way, whether it be to create a Myspace Account or message your friends on Hotmail. As the internet evolved and adapted, so too did internet browsers, with Internet Explorer quickly being pushed aside for the most used browser today: Google Chrome.
This evolution however, did not change everything for the better. More advertisements began appearing, and more security vulnerabilities were created to exploit those who did not know any better. In the modern age, navigating the internet without properly configuring your browser is akin to driving your car without a seat belt. You could do it, but nobody in their right mind would think that it is the correct thing to do.
This article will outline how to best change your browser environment as well as your browsing skills to stay safe and secure while you are on the internet.
Picking the Right Browser
One of the most important factors with a browser is: the browser itself. Currently, there are many options available to a computer user on a day-to-day basis. However, most well-known browsers operate on the chromium standard. This standard is an open-source engine developed by Google. Google Chrome and Microsoft Edge use these engines as the backbone of the browser, occupying over 75% of the current browsers used. However, With the Chromium Engine updating to the newest version, called Manifest V3, support for third-party extensions that make browsing safer will no longer be supported. In particular, the extension Ublock Origin, which serves as an ad-blocker, will no longer be supported, making it harder to navigate and find safe information online.
For this reason, we at the Data Security Foundation believe that the current best browser to be using for daily research is the Firefox Browser, created by Mozilla. This Browser looks and feels very similar to the Chrome Browser that you are used to, while still providing a non-chromium option that is committed to working with third-party extensions to ensure that you can browse safely.
What is an extension?
Extensions are additional features and tools developed by hobbyists and Professionals that are designed to change how a browser operates and translate certain code from websites. Some extensions may simply allow you to change how a web browser looks, such as the custom scroll bar extension. Other extensions may add more organizational features, so any tabs that you have opened can be grouped into categories.
For Secure and safe browsing, there are a few extensions that The Data Security Foundation believe are essential. First is the aforementioned Ublock Origin. With Popup ads becoming more and more common on all websites, it is becoming harder to simply read a news article or paper. Ublock origin creates filters for your browser using the developed knowledge of the code that advertisements need to use to show you the ads. When the extension detects a match from a website, it will block that section of code from executing, ensuring that you don’t see the popup and are able to read the article in peace.
Another extension is the Privacy Badger, which helps disable third party tracking and cookies. Cookies act as markers that advertisers and websites use to track and check how often you have seen their ads or browsed their websites. In real life, an example of this would be a store putting a wristband on you when you enter a store. Each time you enter the store; another wristband is put on. The company is then able to see how often you go to the store, which it can use to better serve you ads related to their products. Privacy Badger Cuts off that metaphorical wristband, making it harder for companies and advertisers to learn your internet browsing habits.
In an organizational structure, however, these extensions (and others) may interfere with services that you school or organization provide on a web page. You can quickly disable these and refresh the webpage but be sure to check with your IT staff to ensure that any core functions of the webpages remain functional.
While these extensions help create a safer browser experience, they do not help if you don’t understand how to avoid dangerous websites and links. Many Older websites use a protocol known as HTTP, or the Hypertext Transfer Protocol. Developed in the late 1980s and early 1990s, it served as the backbone for webpages. However, it does not encrypt any of the data that is sent from the client (you) to the server (the website). Another way to think about this is sending a letter. Once the letter is in the mail, anyone could open and read the letter or change what the letter says. This issue was remedied with HTTPS, The Hypertext Transfer Protocol Secure. Now when you send the letter, you put a password on it that only you and the site know. If anyone tries to read that letter, there won’t be any usable information, as it is all encrypted. By default, most browsers will stop users from clicking on a website that uses HTTP but will allow users to keep browsing if they want. Unless you know an HTTP site is secure, the best practice is to avoid using them.
Certificates
To help prevent malicious websites from occupying the entire internet, the certificate system was developed to provide more safety and transparency for users. Through this system, websites that want to use the HTTPS system need to be checked and approved. These Certificates tell you when the when the website was last approved, and what authority approved it. This helps stop sites from mimicking well known sites and attempting to steal the user’s data who go to their site on accident. On most browsers, you can see the sites certificate by clicking on the padlock icon at the top right of the webpage (on the search bar) Clicking the “Connection Secure” Brings up another menu titled “More Information” which will provides the details to you. Websites that have an unsigned or expired certificate have a much higher likelihood of being malicious, and should be avoided unless otherwise told by your respective IT.
Downloading from the internet
Many attacks on your computer and your research can come because of downloading something that you thought was safe but instead contained code designed to compromise your machine. Many bad actors will disguise themselves as safe and trusted websites so that you let down your guard. See our article about phishing to learn more about how your trust can be compromised. As a rule of thumb, do not download from the internet on any computer that you also conduct your research on. If you do, use an online tool such as Virustotal before you open it. Virustotal can examine the contents of the download and check if there is anything that could compromise the computer before you open it.
With these basic practices, navigation on the internet can be a much safer experience and allows you to enrich your research knowledge, rather than endanger it and all the content on your computer.