Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » New security settings in IE8
Search Topic:
Uniqs:
1199		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Symantec's Ramzan on solving the antivirus puzzle »
« IPCONFIG has many domain with 127.0.0.1 Why???  
AuthorAll Replies

OZO
Premium
join:2003-01-17

New security settings in IE8

Users of IE, do you know what is new in security settings in IE8 comparing to IE7?

Here is some new URL actions in IE8:
1. 2700 - URLACTION_INPRIVATE_BLOCKING - Internet Explorer 8. Enables third-party URL tracking in the security zone, also known as InPrivate Browsing. [src]

What does it mean - allow third party URL tracking and how to set it to block the tracking?

2. 2106 - URLACTION_FEATURE_DATA_BINDING - Determines whether databinding is supported. By default, this feature is disabled in the Restricted zone, and in the High security template. [src]

Again, what does it mean? How to make it secure?

3. 120B - URLACTION_ACTIVEX_OVERRIDE_DOMAINLIST - ActiveX - Only allow approved domains to use ActiveX without prompt.

An interesting part about this new setting is - by default it uses value '3' (prohibit or disable) while GUI shows it "Enable" (common value for Enable is '0'). How to explain that convoluted setting?

4. And what is the meaning of this new URL action (in plain English, please):
1207 - URLACTION_ACTIVEX_OVERRIDE_REPURPOSEDETECTION - Determines whether to perform ActiveX repurpose detection, which tests if the control is safe to be hosted. [src]
Is safe to be hosted? This is security setting in IE, not in a hosting service.

5. 1409 - URLACTION_SCRIPT_XSSFILTER - Internet Explorer 8. Enables or disables cross-site scripting (XSS) filter. This security setting determines the default behavior of the browser if the x-xss-protection HTTP response header is not present. [src]

How to set it in a secure manner?

Notice, that some of the most "interesting" (from security perspective) options are not displayed in GUI at all and can be changed only via registry. Particularly, look at the new URL actions: 2700, 2106, 1207, 1409. Is it the new way to make browser secure or what?

I'm afraid that the new set of security settings sometimes with obviously screwed logic and without any explanation from the authors make IE less manageable. Or it's a goal that I do not get yet?
--
Keep it simple, it'll become complex by itself...
to forum · permalink · · 2009-06-03 02:16:40 · Reply to this


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC

1 edit		 InPrivate Browsing
Internet Explorer 8
....none of this would have happened if the man had used Internet Explorer 8, which includes a feature called "InPrivate Browsing" that lets users browse without leaving a trace.

»www.stuff.co.nz/technology/digit···-YouTube


--
Gladiator Security Forum
»www.gladiator-antivirus.com/
to forum · permalink · · 2009-07-03 17:13:03 · Reply to this


siljaline
mind that delimiter
Premium
join:2002-10-12
Montreal, QC		reply to OZO
»How-To: Internet Explorer 8 Desktop Security Guide
to forum · permalink · · 2009-07-03 18:22:19 · Reply to this
-
Forums » Up and Running » Security » SecuritySymantec's Ramzan on solving the antivirus puzzle »
« IPCONFIG has many domain with 127.0.0.1 Why???  

Wednesday, 11-Nov 11:01:50 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [138] Moto Sold About 100,000 Droids
· [95] Verizon Keeps Swinging At AT&T
· [86] VoIP Over 3G Still Not Working For iPhone
· [70] Government Will Release Some Telco Wiretap Lobbying Documents
· [65] Verizon's Hanging Up On Rural America
· [59] Verizon's Higher ETFs Annoy Senator
· [34] Bill Would Force ISPs To Block Financial Scams
· [32] Sprint Announces Job Cuts
· [25] Google Offers Free Holiday Airport Wi-Fi
· [24] Mediacom Hints At 50, 100 Mbps Speeds
Most people now reading
· [Rant] windows 7 is the most retarded os ever and its broke to [Rants, Raves, and Praise]
· Are Gillette Fusion blades made of gold? [General Questions]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· Windows 7 boot manager editing questions [Microsoft Help]
· Google Has Acquired Gizmo5 [VOIP Tech Chat]
· Why does Broadband in Canada suck so much? [Canadian Broadband]
· Microsoft Security Bulletin Summary for October 13, 2009 [Security]
· [Config] cisco asa 5505 with multiple outside IP addresses [Cisco]
· 60 Minutes piece on cyber security last night [Security]