Hanover, Germany - Safe surfing on the internet means more than just a good anti-virus program and a firewall. The browser needs to be safeguarded against attacks from the internet as well. Many websites require the use of small JavaScript programs to display their content. JavaScript can open security holes in a browser, however, which means that hackers frequently use the software as the starting point for an attack, reports Hanover-based computer magazine c't.
Because many sites will not work properly without JavaScript, trying to surf with JavaScript deactivated in the browser is impractical. Experts instead advise allowing JavaScript to function freely only when loading trustworthy pages. The various browsers offer different ways of handling this. In Opera, for example, the user can deactivate JavaScript in the general settings but manually authorise it for specific sites.
The basic Firefox browser itself only allows for JavaScript to be switched on or off entirely. Users do have the option of downloading the free "NoScript" add-on. It provides a list of websites whose JavaScript content is trustworthy. When calling up sites not included on the list, the user can then decide with the click of a mouse whether to activate JavaScript for that particular case.
Apple's Safari browser also only allows for a wholesale activation or deactivation of JavaScript. Internet Explorer, for its part, allows for management of which sites can execute JavaScript through its "Security Zones" system. Google's Chrome browser is designed so that JavaScript programs could only ever cause damage in their respective browser window - they have no possibility of attacking the browser itself, let alone the whole PC.
Another key factor: regular updates of the browsers, since holes are plugged constantly by the developers. The same holds true for plug-ins. The extensions for depicting multimedia content - including Flash Player and QuickTime - have proven highly tempting targets for cyber criminals. Other program extensions, known as add-ons, should be updated regularly as well.
