"Browser security" that works and isn't terrible
May 25, 2023 1:20 PM Subscribe
I have a not super tech savvy acquaintance who occasionally gets tripped up by malicious websites. They asked me to recommend a "security system." Is there anything that will actually work in this case?
These are the kind of websites that open a full-screen browser window, play a klaxon sound and/or a voice recording, and try to get you to call a number and pay money to "unlock" your computer. They've asked for advice on how to avoid/prevent them from locking up their computer in the future.
Other things to take into account:
I believe they use Windows; not sure which version, and I'm not sure I'll be able to find out. I think they're currently using Chrome but would be open to switching.
I don't ever have direct access to this person's computer, and probably never will, so whatever the solution is, they'll need to install and maintain it on their own.
The solution should be as simple and maintenance-free as possible. So, a replacement browser might be easier for them to handle than a browser extension (I worry that they might not be able to, for instance, keep track of whether an extension is active or not, whether it needs to be updated, or fell out of support and needs replacement, and also probably wouldn't be able to handle disabling it if it were blocking or interfering with non-malicious sites), and a browser available from a curated app store is better than something that needs to be downloaded and installed.
The solution should be as unlikely to restrict access to or otherwise break legitimate sites as possible.
I'm not sure exactly what they're doing to encounter these things (I've never seen one in the wild), but it happens every couple of months, and for better or worse I suspect recommending online behavior changes would probably be fruitless. They can't really pinpoint what's happening to cause this. If you have killer tips on how not to run into sites like this, though, I'm listening.
Surprisingly, I don't think this is due to malware--it seems to only happen in their browser, and guiding them through a force quit and restart resolves it cleanly. But if you think this might not be the case, I'm interested...but also won't be able (or willing, honestly) to guide them through malware removal.
These are the kind of websites that open a full-screen browser window, play a klaxon sound and/or a voice recording, and try to get you to call a number and pay money to "unlock" your computer. They've asked for advice on how to avoid/prevent them from locking up their computer in the future.
Other things to take into account:
I believe they use Windows; not sure which version, and I'm not sure I'll be able to find out. I think they're currently using Chrome but would be open to switching.
I don't ever have direct access to this person's computer, and probably never will, so whatever the solution is, they'll need to install and maintain it on their own.
The solution should be as simple and maintenance-free as possible. So, a replacement browser might be easier for them to handle than a browser extension (I worry that they might not be able to, for instance, keep track of whether an extension is active or not, whether it needs to be updated, or fell out of support and needs replacement, and also probably wouldn't be able to handle disabling it if it were blocking or interfering with non-malicious sites), and a browser available from a curated app store is better than something that needs to be downloaded and installed.
The solution should be as unlikely to restrict access to or otherwise break legitimate sites as possible.
I'm not sure exactly what they're doing to encounter these things (I've never seen one in the wild), but it happens every couple of months, and for better or worse I suspect recommending online behavior changes would probably be fruitless. They can't really pinpoint what's happening to cause this. If you have killer tips on how not to run into sites like this, though, I'm listening.
Surprisingly, I don't think this is due to malware--it seems to only happen in their browser, and guiding them through a force quit and restart resolves it cleanly. But if you think this might not be the case, I'm interested...but also won't be able (or willing, honestly) to guide them through malware removal.
Response by poster: I was thinking of recommending DuckDuckGo but it looks like a "full" browser from an app store is only available for mobile devices and macOS. Windows DuckDuckGo seems to be a browser extension, unless I'm missing something.
posted by pullayup at 1:36 PM on May 25, 2023
posted by pullayup at 1:36 PM on May 25, 2023
If you cannot find a browser that specifically seems like it will help, I would get them to switch to Firefox. I think Chrome is a bigger target for this kind of thing, but that is just an opinion. Windows does technically have an "app store" and you can get Firefox in it, but make sure they select the free one. There is a movie or something by the same name in there for $2.99. There is another browser called Firefly, too.
posted by soelo at 2:40 PM on May 25, 2023
posted by soelo at 2:40 PM on May 25, 2023
Mozilla’s Firefox (download at Mozilla.org and make it the default) for a browser and DuckDuckGo for the search engine? Having an Admin account and a User account and only using the User account to web surf (ie would need to type in Admin password to download anything) to ward off malicious downloads but like you said, setting this up from a distance would be challenging. For blockers, Ghostery, UBlock Origin, Clear URLs, Cookie AutoDelete. Some of these have unintended consequences though. I can’t access one of my bank’s website with Firefox + these extensions and have to use Chrome. Honestly, is there some social program near where this person lives that could help?
posted by TWinbrook8 at 2:45 PM on May 25, 2023
posted by TWinbrook8 at 2:45 PM on May 25, 2023
If you have access to the router, you could set the DNS servers to ones which automatically block malware domains. Quad9 is often talked about highly. Ones like OpenDNS or NextDNS allow you to configure specific settings to your liking (adding blocklists, blocking individual domains, etc).
(You could also just change the DNS on his machine, but setting it on the router-level means any other device connecting to the wifi would also be protected.)
I'd add Chrome + Ublock Origin with selective malware blocklists but not things like Ghostery (might break too many things)
posted by bluecore at 2:56 PM on May 25, 2023
(You could also just change the DNS on his machine, but setting it on the router-level means any other device connecting to the wifi would also be protected.)
I'd add Chrome + Ublock Origin with selective malware blocklists but not things like Ghostery (might break too many things)
posted by bluecore at 2:56 PM on May 25, 2023
Norton 360 includes extensions for most web browsers that allow Norton to warn you of malicious websites before you actually open them. It includes other features like antivirus scanning, VPN, and password management
posted by TimHare at 9:05 PM on May 25, 2023
posted by TimHare at 9:05 PM on May 25, 2023
I've used WOT (Web of trust) which was a crowd-sourced ratings engine for websites, where you can set it to different degrees of restrictiveness, and it was free. Haven't used it in a while though.
posted by kschang at 12:43 AM on May 26, 2023
posted by kschang at 12:43 AM on May 26, 2023
One of the biggest things you (they) can do to help secure a Windows PC is to make sure they have a separate Administrator-level account for doing housekeeping, and their primary day-to-day account is a "standard" or "limited" account, not an Administrator-level account.
If you're always using an Admin account and software tries to install itself, all you get is a "Hey, software wants to do a thing, is this okay? Yes / No " popup. And it's super easy to get complacent and just Yes your way through all of those without paying attention. When your daily account does not have Admin permissions, instead of the simple Yes / No prompt, you get a popup asking you to enter an Administrator password to proceed. This usually clues people in to pump the brakes for a second and consider what's going on. Why is this software asking for permission to modify the system? Did I initiate this?
The other big suggestion I'd have is to make sure they are not re-using passwords. So many people get fed up with "all these passwords" and just use the same password for every site. The moment they get phished by a scammy site or an email, guess what, the scammer's gonna try that email + password combo on everything.
And, as others have said, an updated browser (Firefox) with a good adblocker (uBlock Origin) is essential. Make sure they're keeping their browser updated and their Windows installation updated, via Windows Update. And everyone using Windows at home should be on Windows 10 or 11 by now.
posted by xedrik at 4:14 PM on May 26, 2023
If you're always using an Admin account and software tries to install itself, all you get is a "Hey, software wants to do a thing, is this okay? Yes / No " popup. And it's super easy to get complacent and just Yes your way through all of those without paying attention. When your daily account does not have Admin permissions, instead of the simple Yes / No prompt, you get a popup asking you to enter an Administrator password to proceed. This usually clues people in to pump the brakes for a second and consider what's going on. Why is this software asking for permission to modify the system? Did I initiate this?
The other big suggestion I'd have is to make sure they are not re-using passwords. So many people get fed up with "all these passwords" and just use the same password for every site. The moment they get phished by a scammy site or an email, guess what, the scammer's gonna try that email + password combo on everything.
And, as others have said, an updated browser (Firefox) with a good adblocker (uBlock Origin) is essential. Make sure they're keeping their browser updated and their Windows installation updated, via Windows Update. And everyone using Windows at home should be on Windows 10 or 11 by now.
posted by xedrik at 4:14 PM on May 26, 2023
I thought of another route you could go: if they only use Chrome and stay in the Google ecosystem (Google Docs, Drive, Calendar, etc) you could move them to ChromeOS, which by design is heavily sandboxed from users installing apps and otherwise messing it up. If buying a chromebook (laptop) or chrome box (small desktop) is out of the question, there's ChromeOS Flex for installing on other hardware they already own.
posted by bluecore at 7:31 AM on May 27, 2023
posted by bluecore at 7:31 AM on May 27, 2023
Recently I saw a service called Guard.io which I assume is similar to Norton 360.
posted by kschang at 10:42 AM on May 29, 2023
posted by kschang at 10:42 AM on May 29, 2023
This thread is closed to new comments.
posted by COD at 1:23 PM on May 25, 2023