Merge pull request #11 from dmbaturin/master

ActiveX and Flash update
This commit is contained in:
Alicia Sykes 2020-03-09 21:31:00 +00:00 committed by GitHub
commit ccb558c438
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -75,8 +75,8 @@ For more browser security pointers, check out: [Heres How To Get Solid Browse
**Security** | **Priority** | **Details and Hints**
--- | --- | ---
**Deactivate ActiveX** | Recommended | [ActiveX](https://en.wikipedia.org/wiki/ActiveX) is barley used nowadays, but Microsoft browsers have it enabled by default. It acts as a middleware between Java and Flash applications and your PC. But it is commonly used for malicious sites to run scripts directly on your PC. See [this article](https://www.howtogeek.com/162282/what-activex-controls-are-and-why-theyre-dangerous/) for more details.
**Disable Flash** | Recommended | Adobe Flash has been around since the dawn of the internet, however it has been falling in popularity for a while. It brings with it many unpatched vulnerabilities (a few of which you can [read about here](https://www.comparitech.com/blog/information-security/flash-vulnerabilities-security/)). See [this guide](https://www.howtogeek.com/222275/how-to-uninstall-and-disable-flash-in-every-web-browser/), on how to disable Flash player, or [this guide for more details on how dangerous it can be](https://www.tomsguide.com/us/disable-flash-how-to,news-21335.html).
**Deactivate ActiveX** | Recommended | [ActiveX](https://en.wikipedia.org/wiki/ActiveX) is a browser extension API that is only supported by Microsoft Internet Explorer. It's enabled by default but is barely used for legitimate plugins these days. However, it gives plugins so much control that ActiveX malware is still around and as dangerous as ever. See [this article](https://www.howtogeek.com/162282/what-activex-controls-are-and-why-theyre-dangerous/) for more details. Better yet, use a modern browser instead of Internet Explorer. Note that Microsoft Edge doesn't support ActiveX.
**Disable Flash** | Recommended | Adobe Flash is infamous for its history of security vulnerabilities (a few of which you can [read about here](https://www.comparitech.com/blog/information-security/flash-vulnerabilities-security/)). See [this guide](https://www.howtogeek.com/222275/how-to-uninstall-and-disable-flash-in-every-web-browser/), on how to disable Flash player, or [this guide for more details on how dangerous it can be](https://www.tomsguide.com/us/disable-flash-how-to,news-21335.html). Adobe will end support for Flash Player in December 2020.
**Block Trackers** | Recommended | Consider installing a browser extension, such as [Privacy Badger](https://www.eff.org/privacybadger), to stop advertisers from tracking you in the background.
**Block scripts from bad origin** | Recommended | Use an extension such as [uBlock Origin](https://github.com/gorhill/uBlock), to block anything being loaded from an external or unverified origin.
**Force HTTPS only traffic** | Recommended | Using an extension such as [HTTPS Everywhere](https://www.eff.org/https-everywhere), will force all sites to load securely.