In association with heise online


The World Wide Web is a colourful world full of variety, but this variety carries a price. As long as the Web mainly consisted of formatted text with embedded images, the risks associated with viewing the pages was relatively low. But now an increasing number of Web sites utilise JavaScript menus, embedded films, games and other active content. Due to this great breadth of functionality and the concomitant browser complexity, programming errors may also creep in, which sometimes affect the site's usability (for instance, the browser may shut down when certain pages are accessed). Some of these 'bugs' also compromise the security of the computer running the browser. Specially prepared Web pages may read files onto the hard disk or even manipulate the system or infiltrate viruses and other malware.

Extended browser functions such as JavaScript, Java, ActiveX and others make it necessary to execute foreign code on visitors' computers. Although there are various security mechanisms to prevent the code from damaging the computer, security holes are detected all the time, which negate these security restrictions. Often, these vulnerabilities are caused by programming errors, which can be eliminated by installing the current browser patches. Some risks, on the other hand, are of a more basic nature and can only be avoided by disabling the respective options. There is no single correct browser configuration for all surfers. Those who only use their computer for gaming and surfing the Internet will have lower security requirements than people who store important business documents or do online banking. If a user's favourite site only works with Java, the surfer must decide if he is willing to do without it to be on the safe side or if he can put up with the associated risks.

The above links will provide useful help to find your personal compromise. They describe the individual browser functions, demonstrate their potential of abuse and show you how to enable and disable the respective functions. The best remedy against malware from the browser is knowledge about these risks combined with a sound distrust of anything from the Web. Those who just click on anything found anywhere in the Internet will catch some malware sooner or later - no matter which browser or which operating system is used.

Please email any comments and suggestions to:


  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit