security Bitcoin 2

Browsing Habits

Browsers

It is out opinion that you should not use Internet Explorer for general browsing on the Internet. There will be cases where you will need to use it to access some non-standards compliant websites, but it is better to be using anything else in the meantime because of the historically high number of security vulnerabilities associated with this browser. It is our recommendation that you use Firefox or Google Chrome for your normal/default browser.

Clicking Habits

The #1 method of breeching security is through Social Engineering – tricking people into doing something they otherwise know they normally shouldn’t do. The human factor is by far the easiest way to break security. One of the biggest reasons for this is because it is very easy for humans to become complacent. To combat this, you must be ever vigilent to analyse everything you do while you’re at your computer: Verify links before you click on them, validate senders before
you open attachments, and be very prejudiced about the software you allow to be installed on your computer.

When you receive an email or are about to click a link in a browser, always compare the URL shown in the browser’s lower status bar with what is displayed by the link. If there is any difference in the domain name, use extreme caution. Typically, the best practice is to copy the link provided and paste it into the address bar yourself and review the contents before you visit the URL. You’ll want to be very wary of URLs within URLs, obfuscated domain names, parts of the URL that contain .exe or .com, etc.

SSL

SSL is a protocol used to securely send information to another computer (usually through your browser). You can identify it is being used when you see a URL that begins with “https”. If a URL begins with “https” then it is going to be using a cryptographically secure connection that may or may not contain sensitive information such as accounts and passwords. It is important to always try to use “https” connections when possible, especially when confidential information may be transferred.

Password Stores

On Wallet Security, we discussed how it is important to keep unique passwords for each resource you access and showed you tools you can use to help manage those passwords. But it can be quite cumbersome when you’re dealing with many of those resources on a frequent basis – unlocking the password store, copying a password, pasting it, etc.

Your browser probably has a relatively secure password store already built in that has the added functionality of being able to identify which password you need for a given resource/website. First, and most importantly, make sure you’re following our initial advice of maintaining strong password protected accounts for each person using your computer. Then, create random, unique passwords for each site you visit and allow your browser to remember those usernames and passwords for you. When you visit those sites later and need to login, your browser will most likely auto fill in the credentials you need to login and you’re on your way.

NoScript

Most websites rely on a programming language (Javascript) to help your browser render a web page, display it correctly, and offer other useful functions. Unfortunately, this same programming language can be used to exploit vulnerabilities is security and cause you problems. NoScript is a Firefox plugin that blocks Javascript from running on your computer. This will break some web sites from working correctly, but it has the ability to whitelist sites that you trust will not harm your computer.