More secure web browsing

The web has been pushing towards encrypting everything by default. Chrome, Safari, and Firefox now mark any sites not using secure HTTPS as “not secure.” Starting in December 2019, Mozilla Firefox, soon to be followed by Google Chrome and Microsoft will be offering DNS over HTTPS (DoH) a technology which will encrypt DNS (Domain Name System) lookups an encryption which ensures that no one can tamper with a web page while you’re viewing it or snoop on what you’re doing online.

With DOH your system will make a secure, encrypted connection to your DNS server and transfer the request and response over that connection. Anyone in between won’t be able to see which domain names you’re looking up or tamper with the response.

To use DNS over HTTPS, you’ll need both a DNS server and a client like a web browser or operating system) that supports it. Most people use the DNS servers provided by their internet service provider (ISP). Every attorney should contact their ISP and determine whether they have enabled server-side support for DNS over HTTPS. If not move to another domain name server (DNS) such as OpenDNS, https://www.opendns.com/ or Cloudflare, https://www.cloudflare.com/

Domain Names and IP Addresses

The Domain Name System (DNS) works transparently in the background of the web we use every day, converting human-readable website names (yannalaw.com) into computer-readable numerical IP addresses (45.60.98.241). . IP addresses can change, but the DNS servers keep up with that new information.

Security Concerns

Some viruses and other malware programs can change your default DNS server to a DNS server run by a malicious organization or scammer. This malicious DNS server can then point popular websites to different IP addresses, which could be run by scammers.

To avoid this, make sure you’re running good antivirus and anti-malware apps. You should also watch for certificate error messages on encrypted (HTTPS) websites. If you see an “invalid certificate” message when you try to connect to a website and see, this could be a sign that you’re using a malicious DNS server that’s pointing you to a fake website.

Caveat

DoH prevents the ISP from viewing a user’s DNS requests. However, there are still countless other data points that ISPs could track to know where a user is going. Beware how you browse the web; where you browse the web; and what you browse on the web!

Your Browser security

Browser security exploits can take advantage of vulnerabilities—security holes—which exist from time to time in all browsers including Mozilla Firefox Google Chrome, Opera, Microsoft Internet Explorer, and Apple Safari.

Your web browser can be breached in a number of ways involving your operating system or your browser. Malware can read and modify the browser memory space in privileged mode; your browser executable can be hacked; browser components may be hacked; browser plugins can be hacked; and browser network communications could be intercepted outside your devices. Your browser may not be aware of any of the breaches and may show a safe connection.
Although breaches of web browser security bypass protections to display pop-up advertising, collect personally identifiable information (PII) for either Internet marketing or identity theft, track website use and activity for web analytics about a user against their will. Browser hackers use tools such as web bugs, Clickjacking, Likejacking (where Facebook’s like button is targeted, HTTP cookies, zombie cookies or Flash cookies and the more serious exploits such as installing adware, viruses, spyware , and other malware including “man-in-the-browser attacks” which are popular among online banking thieves.

Protect yourself and your firm while browsing

Since most lawyers cannot invest the time necessary to actively manage all their computer systems and devices, the least complicated way to minimize the vulnerabilities in your web browser is to keep your browser software updated, and each time you do, check your browser “Preferences.” Some components of browsers such as scripts, add-ons, and cookies are particularly vulnerable and can allow a legitimate, more privileged computer program, a “confused deputy,” to be tricked by another program into misusing its authority to escalate the privileges of an intruder. on the system. These all need to be addressed.

Unfortunately a fully patched and correctly configured browser may not be sufficient to ensure that browser-related security issues cannot occur. For example, a rootkit can capture keystrokes while someone logs into a banking website, or carry out a man-in-the-middle attack by modifying network traffic to and from a web browser. DNS hijacking or DNS spoofing may be used to return false positives for mistyped website names, or to subvert search results for popular search engines. Malware such as RSPlug simply modifies a system’s configuration to point at rogue DNS servers. Browsers can now use more secure methods of network communication to help prevent some of these attacks such as DNS over HTTPS (DOH)