Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » New security settings in IE8
Search Topic:
Uniqs:
1278		 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Post a:
Post a:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Symantec's Ramzan on solving the antivirus puzzle »
« IPCONFIG has many domain with 127.0.0.1 Why???  
AuthorAll Replies
-


siljaline
mind that delimiter
Premium
join:2002-10-12
Montreal, QC		reply to OZO
Re: New security settings in IE8

»How-To: Internet Explorer 8 Desktop Security Guide
to forum · permalink · · 2009-07-03 18:22:19 · Reply to this


Name Game
Premium
join:2002-07-07
North Myrtle Beach, SC

1 edit		reply to OZO
InPrivate Browsing
Internet Explorer 8
....none of this would have happened if the man had used Internet Explorer 8, which includes a feature called "InPrivate Browsing" that lets users browse without leaving a trace.

»www.stuff.co.nz/technology/digit···-YouTube


--
Gladiator Security Forum
»www.gladiator-antivirus.com/
to forum · permalink · · 2009-07-03 17:13:03 · Reply to this

OZO
Premium
join:2003-01-17

 Users of IE, do you know what is new in security settings in IE8 comparing to IE7?

Here is some new URL actions in IE8:
1. 2700 - URLACTION_INPRIVATE_BLOCKING - Internet Explorer 8. Enables third-party URL tracking in the security zone, also known as InPrivate Browsing. [src]

What does it mean - allow third party URL tracking and how to set it to block the tracking?

2. 2106 - URLACTION_FEATURE_DATA_BINDING - Determines whether databinding is supported. By default, this feature is disabled in the Restricted zone, and in the High security template. [src]

Again, what does it mean? How to make it secure?

3. 120B - URLACTION_ACTIVEX_OVERRIDE_DOMAINLIST - ActiveX - Only allow approved domains to use ActiveX without prompt.

An interesting part about this new setting is - by default it uses value '3' (prohibit or disable) while GUI shows it "Enable" (common value for Enable is '0'). How to explain that convoluted setting?

4. And what is the meaning of this new URL action (in plain English, please):
1207 - URLACTION_ACTIVEX_OVERRIDE_REPURPOSEDETECTION - Determines whether to perform ActiveX repurpose detection, which tests if the control is safe to be hosted. [src]
Is safe to be hosted? This is security setting in IE, not in a hosting service.

5. 1409 - URLACTION_SCRIPT_XSSFILTER - Internet Explorer 8. Enables or disables cross-site scripting (XSS) filter. This security setting determines the default behavior of the browser if the x-xss-protection HTTP response header is not present. [src]

How to set it in a secure manner?

Notice, that some of the most "interesting" (from security perspective) options are not displayed in GUI at all and can be changed only via registry. Particularly, look at the new URL actions: 2700, 2106, 1207, 1409. Is it the new way to make browser secure or what?

I'm afraid that the new set of security settings sometimes with obviously screwed logic and without any explanation from the authors make IE less manageable. Or it's a goal that I do not get yet?
--
Keep it simple, it'll become complex by itself...
to forum · permalink · · 2009-06-03 02:16:40 · Reply to this
Forums » Up and Running » Security » SecuritySymantec's Ramzan on solving the antivirus puzzle »
« IPCONFIG has many domain with 127.0.0.1 Why???  

Tuesday, 01-Dec 11:11:46 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.
page compression OFF
Most commented news this week
· [62] Baltimore To Ban Lazy Cable Installs
· [53] Broadband Killed The Game Console
· [38] Rural Carriers Quickly Embracing Fiber
· [34] Rogers Unveils The ISP Dream Model
· [33] AT&T Top Lobbyist Cicconi Has His Feelings Hurt
· [30] Charter Exits Chapter 11
· [24] Midcontinent Socked With Easement Lawsuit
· [11] ACTA: Global Three Strikes
· [11] Vivendi Agrees, Comcast/NBC Deal Soon
· [4] Monday Evening Links
Most people now reading
· [Rant] called out sick! [Rants, Raves, and Praise]
· Windows 7 boot manager editing questions [Microsoft Help]
· Heating - my dad gave me this advice... [Home Repair & Improvement]
· Is Microsoft Technet ok to use for my family PC's? [Microsoft Help]
· IMG 1.7 (IMG Updates and Discussion) [Verizon FIOS TV]
· buying a one way ticket [General Questions]
· Prevx says MS Nov 10 patches causing BSOD problems [Security]
· [OOL] Youtube not loading [OptimumOnline]
· Why Criminals (Hackers) Must Not Be Rewarded [Security]