NO application
should be automatically be
installed on
your system without your knowledge!
Set your Internet security
right, then, at the very least, you'll get a prompt ASKING you
if you want to install a self-downloading application and if you
say no, it won't !
Internet security is a messy subject because of
the huge range of skill levels, the varying degrees of user alertness
and "savvy," and so on. The settings that are right
for one person may not be right for another.
But, as a starting point, here are the settings
we use in Internet Explorer 5.5. If you set up your copy of IE
this way, you'll be reasonably safe against things like unwanted
auto-installs, but you'll still be able to let things install
that you want on your system. (Note that these are not the highest
possible safety levels, but are appropriate for us and the way
we work. (Your mileage may vary.)
To start, Click
to Tools/Internet Options/Security and then select
"Custom Level." As you step through these settings,
use the "?" button in the upper right corner of the
dialog box to learn more about each setting: Click the "?"
and then click the item you're working on: A brief and helpful
explanation will appear in a small floating window.
Here are our settings; you can and should modify
your settings to suit your own unique circumstances:
In the section headed
"ActiveX controls and plug-ins" We set these
items as follows:
Download signed ActiveX controls=Prompt
Download unsigned ActiveX controls=Prompt
Initialize and script ActiveX controls not marked as safe=Prompt
Run ActiveX controls and plug-ins=Enable
Script ActiveX controls marked safe for scripting=Prompt
In the section headed "Cookies" we set these items as
follows:
Allow cookies that are stored on your computer=Enable
Allow per-session cookies (not stored)=Enable
In the section headed "Downloads"
we set these items as follows:
File download=Enable
Font download=Enable
In the section headed "Microsoft
VM" we set these items as follows:
Java permissions=High safety
In the section headed "Miscellaneous"
I've set these items as follows:
Access data sources across domains=Prompt
Don't prompt for client certificate selection when no certificates
or only one certificate exists=Disable
Drag and drop or copy and paste files=Enable
Installation of desktop items=Prompt
Launching programs and files in an IFRAME=Prompt
Navigate sub-frames across different domains=Prompt
Software channel permissions=High safety
Submit nonencrypted form data=Enable
Userdata persistence=Enable
In the section headed "Scripting" we set
these items as follows:
Active scripting=Enable
Allow paste operations via script=Prompt
Scripting of Java applets=Prompt
In the section headed "User Authentication"
we set these items as follows:
Logon=Automatic logon only in Intranet zone
Then click "OK."
You should never be bothered by the like of an
auto-installing applications like Comet Cursor again.
.