Time for an intermediate browser security test

We’ve reached the middle of 2022 and when it comes to security, I don’t think we’re making much progress. I still see people reporting that they are being scammed, extorted and regularly attacked – and for many users the browser is becoming the most important part of the platform you use. So now is a good time to review your browser and any extensions you have installed to enhance security.

Note, I said Browser – Plural Although enterprises may want to standardize in only one browser for better control, for small businesses and individual users, I recommend installing multiple. (I often use three different browsers.)

Why is it important? Because attackers (and trackers) go behind the browsers. In fact, it’s best to think of your browser as a separate operating system and work accordingly to protect it. Although I focus primarily on Windows issues, these guidelines and recommendations apply to Mac OS, Ubunto, Mint and others.

Basically, every browser should be reviewed for extra protection against malicious sites and ads. On platforms like MacOS, you need to focus on Chrome, Firefox or Waterfox protections; If you are standard on Safari, you need to use AdGuard.

Even now, I see rolling malicious banner ads. If you don’t have endpoint protection or something similar, you can better protect yourself by installing something like Ublock Origin, which blocks ads and unwanted content.

Be aware that uBlock and uBlock origin are two different products, the latter being a thorn in the side of the former. They are maintained separately. I recommend uBlock Origin, which you can install and deploy as a standalone extension. Once it’s installed, you can then create a whitelist of sites that you’ll allow and adjust other settings as needed. If you’re new to Ublock, you can leave the defaults alone, or review these posts for suggested settings. You can click on the extension icon in your browser and select “Filter List”.

By default, some filters are already enabled, although you can enable them to lock down your browser more seriously. Then, in other browsers, leave the defaults alone for a more gentle way of surfing.

In a network settings, you can go through the same process and use PowerShell or Group Policy to set the settings across your network. Although I’m focusing specifically on Chrome, most major browsers work the same way. To install using Group Policy in Chrome, you need to download the Google Group Policy ADMX templates and place them in the Central Policy Store. Edit your Google Chrome GPO and navigate to the computer configuration. Then go to Policy> Administrative Templates> Google> Google Chrome> Extensions. Enable the “Configure list of Force-installed apps and extensions” setting and make sure you link your group policy to an organizational unit that has authenticated user or domain computers as security filtering. If you prefer to test it before a complete deployment, set up a specific security test group.

It’s a good idea to test uBlock first instead of placing it widely; You may find that you have to skip a web site. You must whitelist a website using the Group Policy tool. To do this, follow the guidelines in Diplohappiness.

As they note:

In your Chrome GPO, navigate to Computer Configuration \ Preferences \ Windows Settings \ Registry and make a new registry choice. Leave the action type in the update. In Preferences, set the following:


Main Path: Software \ Policy \ Google \ Chrome \ 3rd Party \ Extensions \ cjpalhdlnbpafiamejdnhcphjbkeiagm \ Policy

Quality name: admin settings

Value type: REG_SZ

Value data: auto “autoUpdate”: true, “netWhitelist”: “Behind the scenes about the project \ nchrome-extension-scheme \ nchrome-scheme \ nlocalhost \ nloopconversation.about-scheme \ nopera-scheme \ nWHITELISTWEBSITE.com”

This standard data includes default exclusion and WHITELISTWEBSITE.com as an authorized website. Be sure to change the last value (WHITELISTWEBSITE.com) on the website that should be whitelisted. Websites must always be preceded by a n. If you need to add a second website, the standard data view looks like this:

“Automatic Update”: True, “Net Whitelist”: “Behind the Scenes About the Project োম nChrome-Extension-Scheme nchrome-Scheme \ nlocalhost \ nloopconversation.about-scheme \ nopera-scheme \ nWHITELISTWEBSITE.com” A

These changes will take effect after a GPU update and the start of a new Chrome browser session If you want to deploy the solution using PowerShell, you can do so in a fashion similar to Group Policy.

You might be a little more adventurous with Chrome, Firefox or Waterfox on the Mac platform. If you’re in an enterprise with a macOS workstation, if you don’t have management tools for your Apple hardware, you’ll need to use your remote tools or type in instructions to tell your users how to manually deploy security.

You can also add third party external websites to the filter list. The external list of samples includes the following:

https: //*.fanboy.co.nz/*
https: //*.github.io/
https: //*.letsblock.it/*

Note that adding more filter lists increases the likelihood of page breaks. So always check a sample setting before placing it across your network.

Attackers know that browsers are a way for them to gain access to computers and networks and steal stored usernames and passwords. If you make sure that your browser is as secure as possible, the second half of 2022 will probably not be as dangerous as the first half of the year.

Copyright © 2022 IDG Communications, Inc.

Leave a Reply

Your email address will not be published.