Special Edition Using Microsoft Windows XP Professional (3rd Edition)
One of the most important features of Internet Explorer is the capability to tailor it to your own specific needs. Every user sets up IE differently based on programs used, favorite Web sites, bandwidth capability, security needs, and so on. You can make most customizations in the Internet Options dialog box, which you can access either through the Windows Control Panel or by choosing Tools, Internet Options in IE6. The dialog box contains seven tabs, each holding a number of unique preference settings. Figure 9.11 shows the General tab. Figure 9.11. On the General tab, you can set general preferences for your home page, temporary cache files, history, and browser view options.
Check each tab in the dialog box to customize your own IE6 settings. Table 9.1 describes some of the key preference settings you can change.
Setting Default Mail, News, and HTML Editor Programs
Using the Programs tab of the Internet Options dialog box, you can decide some default programs for a variety of Internet-related tasks. If you have not installed any other Internet software packages, you probably won't have too many choices here, but if you use different programs, these options can be useful. Figure 9.12 shows the default program settings you can make on the Programs tab, and Table 9.2 describes the various options you can set. Figure 9.12. On the Programs tab, you can choose the default programs for the various Internet tasks you perform.
Setting Security and Privacy Preferences
In many ways, the World Wide Web is a safer place than the "real" world, but it does present its own unique dangers as well. The greatest hazards involve sensitive and private information about you or your company being compromised, or in having your computer infected with a software virus. IE6 incorporates a number of security features to protect you from these hazards, and those features can be customized to suit your own needs, browsing habits, and company policies. Begin by opening the Internet Options dialog box from the IE6 Tools menu, and click the Security tab to bring it to the front. Click Default Level in the lower-right corner of the dialog box to show the slider as seen in Figure 9.13 that allows you to set a security level for each zone. Figure 9.13. On the Security tab, you can customize security settings for various Web zones.
You first need to select a zone for which you want to customize settings. The four zones are shown in Figure 9.13.
CAUTION Before you designate a Web page as trusted, try to remember that even the most diligently maintained sites can be compromised. Recent "hacker" attacks at Web sites of the FBI, U.S. Army, and others make the practice of designating any Web site as "trustworthy" questionable.
Each zone has its own security preferences, which you set. The easiest way to set preferences is to choose one of the four basic levels offered in the dialog box. The default level is Medium, and for most Web users, this setting works best because it provides a good balance of security and usability. The High setting offers the greatest possible security, but you might find that the level is so restrictive that it's difficult to browse your favorite Web sites. Likewise, the Low and Medium-Low levels make browsing much easier because you aren't presented with dialog boxes and warnings every time a potentially hazardous activity begins. Because these two levels leave too many doors open to virus infection and other dangers, they are not advisable in most situations. Besides setting a basic security level, you can customize individual settings. First, choose a basic level (such as Medium), and then try these steps:
The items in the Security Settings dialog box that most deserve your attention are those pertaining to ActiveX controls and Java applets. Review these settings carefully, especially those for ActiveX controls, because of the unique hazards they can present. The ActiveX standard contains loopholes, so unsigned controls can run virtually any OLE-compliant operation on your system. Java, on the other hand, is relativelybut not entirelysecure. You should also consider what level of cookie security you are willing to live with. A cookie is a small text file that some Web sites can leave on your computer in cache. Because cookies are text only, they cannot contain a virus or other harmful content. However, they can contain personal information such as a record of Web pages you have visited, how long you spent at a page, how many times you have visited, personal preferences for a Web page, and even user IDs and passwords. It is for these reasons that cookies are regarded by many people as an invasion of privacy. You can disable cookies, or you can choose to have IE prompt you every time a site attempts to leave a cookie in your cache. However, keep in mind that some Web sites make such heavy use of cookies that you could find it difficultif not impossibleto browse the Web normally. To set your cookie preferences, go to Tools, Internet Options, and click on the Privacy tab. The Settings area enables you to determine how and under what conditions cookies are sent. Choose a level you are comfortable with, or click the Advanced button to always accept, block, or prompt you before enabling first-party or third-party cookies. (For more on first-party and third-party cookies, see "Getting a Passport to Microsoft Country" later in this chapter.) There might be certain Web sites for which you'd like to override your other cookies settings. If so, go to the Web Sites area of the Privacy tab and click the Edit button. In the text box, enter a complete Web site address, and enter it carefully. Then click the Block or Allow button to specify Web sites for which you want to never or always allow cookies. TIP A major security hole in IE involves the option Allow Paste Operations via Script, which is enabled in all security levels but High. It allows any Web site to see the contents of your Windows Clipboard via a scripted Paste operation. If you have been working with sensitive information in another program and used a Copy or Cut command, that information could be compromised by unscrupulous Webmasters. To be on the safe side, change this setting to Disable or Prompt no matter which security level you use.
Using Encryption
The Advanced tab of the Internet Options dialog box has a number of other security settings that deserve your attention. In particular, most of the security settings here deal with certificates. Certificates can be saved on your computer and serve to authenticate your identity or the identity of the server you are connected to. They also provide for secure encrypted communication over secure Web connections. IE supports Secure Socket Layer (SSL) encryption technology developed by Netscape. It supports 128-bit encrypted SSL sessions, the highest level of data encryption available in the online world. SSL encryption works using a pair of encryption keys, one public and one private. One key is needed to decrypt the other. Certificates facilitate this use by including the following information:
Thus, the certificate provides and authenticates the basis for an encrypted session. The identity is reverified, the private key is shared, and encryption is enabled. Another encryption protocol supported by IE is Private Communication Technology (PCT), developed by Microsoft. PCT is similar to SSL encryption, except that it uses a separate key for identity authentication and data encryption. Thus, in theory, PCT should provide slightly enhanced security versus SSL. Again, encryption protocols can be enabled or disabled on the Advanced tab of the Internet Options dialog box. If you disable a protocol, any page you try to access on a secure server that uses that protocol will not open in IE.
Pop-up windows are an intrusive means for advertisers on the Web to ensure that you see their plug. We've all seen pop-up windows that come up unexpectedly, sometimes blaring music or flashing to catch our attention. Usually they pop up when you've clicked a link to go to another page. Another form of less intrusive though a little more insidious window is called the pop-under window. You don't discover it until you close the window you're looking at. This way, it's harder to tell which site actually spawned the pop-under, so you don't know who to blame. Many power users have figured out ways to prevent pop-ups, such as by installing the Google toolbar or one of the many add-ins, or installing some other browser such as Opera that blocks pop-ups. AOL's browser does this, as do Netscape and Mozilla's Firefox. Oddly enough, 70% or more of Web surfing is done with IE, even though it hasn't until now had the modern nicety of pop-up blocking and still doesn't have "tabbed" browsers like Opera and some others do. The good news is that the latest IE now has a pop-up blocker built in. TIP Tabbed browsers let you have any number of Web pages open at one time, all contained within a single browser window. You just click on tabs to switch between them. To add tabbing to IE, you might want to try Netcaptor, AvantBrowser, or Maxthon. Without even having the latest version of IE (which includes a pop-up blocker), there's a quick solution to stop the pop-ups dead in their tracks: turn off Active Scripting (JavaScript). This works because pop-up windows require Active Scripting to launch. Even though other browser functions need Active Scripting as well, you can surf quite effectively on most sites without it. You can turn off Active Scripting by clicking Tools, Internet Options. Then select the Security tab, change your Internet security level to "High", and click OK. Five quick steps, no pop-ups, and you haven't spent a dime on a blocker or have the latest version of IE. Of course, using the latest IE is a better idea, due to the improved security features and add-in management. IE's pop-up blocker is turned on by default. When a pop-up window tries to launch, you'll see an indication of this in the IE yellow information bar (just below the Address bar). It will inform you that that a pop-up has been blocked and steps you can take to allow it through if you wish. Click on the information bar to see the options (Figure 9.15). Figure 9.15. IE now blocks pop-ups. When a pop-up is blocked, you can click on the information bar for options
Sometimes it's useful to see blocked pop-ups. Just follow these steps:
Suppose you want to see any and all pop-ups from the site you're on:
If you want to always allow pop-ups from one or more specific sites, you can authorize this. You just add those site(s) to an exception list, like this:
A Few Notes About Pop-up Exceptions
Sometimes the pop-up blocker won't be able to preclude a pop-up from appearing. There are several possible reasons for this. Firstly, you might have software on your computer that is launching pop-ups. To stop these pop-ups you'll have to identify the software and remove it or change its settings to stop launching pop-ups. Try installing an ad-ware and spy-ware sleuthing program such as Spybot Search and Destroy or Ad-aware. Second, some pop-ups are written cleverly enough that they can circumnavigate the IE pop-up blocker. Third, Internet Explorer will not block pop-ups from Web sites that are in your Intranet or Trusted Sites zones. If you want to specifically remove such a site from your trusted zone, you can do that from the IE settings dialogs:
Controlling Objectionable Content
The World Wide Web holds the most diverse range of information and content of any library in the world. That diverse range includes a great deal of material that you might deem objectionable, and there is no perfect way of protecting yourself from it short of never going online. However, Internet Explorer incorporates a feature called the Content Advisor, a tool to help you screen out many of the things you or the other people using your computer would rather not see. The Content Advisor evaluates Web content based on a rating system. The included rating system is developed by RSACi (Recreational Software Advisory Council on the Internet), but you can add others if you want. You must enable the Content Advisor manually, but after it is set up, the Advisor can be password-protected so that only you can adjust the settings. To enable the Content Advisor, open the Internet Options dialog box, and perform the following:
RSACi and other organizations provide content rating systems based on the PICS (Platform for Internet Content Selection) system developed by the World Wide Web Consortium, or W3C (www.w3.org/PICS/). They work using meta tags in the code of a Web page. The tags are usually generated by the rating organization after a site developer follows a brief rating procedure. Developers can then place the PICS meta tag in the header of their HTML code, where it is identified by IE's Content Advisor when you try to open the page. The tag identifies the types and levels of content contained in the site, and the Content Advisor allows or disallows the site based on the content settings you have chosen. If you want to screen Web sites using a system other than RSACi's, you must install an appropriate PICSRules file provided by the rating organization. Of course, rating is voluntary. Developers set the rating levels in the meta tags based on their own evaluation of the site content, so you never really get a surefire guarantee that the tag accurately represents the site. RSACi periodically audits rated sites, and Web developers generally try to rate their sites as accurately as possible. It is a voluntary system, after all, and providing inaccurate ratings defeats the purpose of voluntary rating in the first place. Other Internet Settings
Several other settings deserve your attention. On the Content tab of the Internet Options dialog box, check the AutoComplete option to make sure it does not contain information that you are concerned about being compromised. AutoComplete makes it easier to fill in data fields on forms and URLs in the Address bar, but if other people use your user identity, they could end up seeing your personal information because of these settings. One setting you probably should not enable is the Print Background Colors and Images option. If a Web page uses anything but a plain white background, a printed copy of it will waste a considerable amount of printer ink and probably be harder to read. Review the Search settings on the Advanced tab. In earlier versions of Internet Explorer, if you wanted to visit a Web site with a fairly simple URL like www.quehelp.com, all you had to type was quehelp and press Enter. Internet Explorer would assume the missing www. and .com and fill it in for you. But now, if you type only quehelp in the Address bar, IE6 opens a Search window in the Explorer bar. In theory, this is supposed to make searching easier, but if you've been using IE for a while, you might find it annoying. TIP If you type Ctrl+Enter after typing a word in the Address bar, IE6 will assume that it is preceded by www. and followed by .com to create a URL.
You cannot completely restore the previous function of "assuming" the missing bits of the URL, but you can modify the way in which this feature works by altering settings under the Advanced tab. The different search options will have the following results:
Under Security, check Empty Temporary Internet Files Folder When Browser Is Closed to discard cache files you don't want others to see. This setting can also be useful if disk space is limited, but you shouldn't use it if you want to be able to view pages in offline mode later. |