Protect your computer from e-mail scripts. | ||
|
Originally posted 2 October 2001 The Privacy Foundation reported
that Java scripting in an e-mail can be used to track changes and readership
of an e-mail. Embedded scripting is unlike attachments in that the script is
embedded in an HTML document, all the reader has to do to run the script is
to open the e-mail, the reader may not even be aware of a script running. Scripting is used for features in HTML documents. When you see a pop-page appear,
a drop-down menu or a rolling banner ad, that is probably a Java or Windows
script at work. Having Java installed on your computer is essential to be able
to view most commercial sites. Windows Scripting is also heavily used by web
sites and is necessary for a lot of features built into later versions of Windows
and MS Office. It is possible to turn off Java and Windows scripting on a computer and we
recommended it last year. However we found turning it off completely made it
impossible to surf the web. Settings can be changed to only affect the e-mail
program and not the web browser. If you use Outlook, Outlook Express or Netscape
6.0, the following changes should be made to your computer. Open the Control Panel and go to Internet Options, click Security
and Resticted Sites. Click on the custom settings and make sure all
options are set to disable. The default settings
should be set to high. Open Outlook Express, click Tools, Options, Security and
select Restricted Sites Zone. Outlook 97 users should select Tools, Options, Security,
then select Restricted Sites in the Secure Content section. If you are
using software that links to Outlook, check that the software continues to work.
Problem software includes Net Folders, Intellisync, ACT and any program that
links PDAs (Palm Pilots, Psions and Windows CE devices) to Outlook. Open Netscape, click on Edit, then Preferences. Click on Category
and then Advanced. There should be no "X" next to Enable Javascript for Mail
and News. Click on the "OK" button to close. Scripting is an essential part of using the web and greatly improves
the functions of web sites. Unfortunately scripting also creates opportunities
for malicious users. Even though you have disabled scripting for e-mail and
restricted sites you may still be at risk from other forms of scripting mischief.
Keep your virus checker up to date and be aware of any security issues affecting
web browsing. For further information on Internet security and privacy, visit
the Privacy Forum.
They have extensive links to this problem and other threats to on-line privacy.
Our links page has the privacy forum and other virus
and security links. Updated 26 April 2001Securing your e-mail from scripting problems
Windows Scripting
Outlook Express
Outlook
Netscape 6
In Conclusion
PC Rescue Pty Ltd
Suite 236, 4 Young Street Neutral Bay NSW 2089
ABN 082 635 765
ŠTechnology Publishing Australia, 2011