Red Squirrel
[H]F Junkie
- Joined
- Nov 29, 2009
- Messages
- 9,211
I am looking for some way to prevent browser drive by viruses. The ones where simply loading the web page infects you because they use flash or other junk like that which is allowed to do whatever to the computer if it's scripted in. To me it should be trivial for browsers to be coded in a way not to allow this crap, but they arn't...
Is there a way or a program or something I can do to prevent it.
Basically, a browser should never need to write any data to the system, ever. Only place it should be writing data to is it's profile/temp folder, and perhaps have a designated folder for file downloads. Period. It should not be touching c:\windows or c:\documents and settings (outside it's very own folder) etc...
Is there some way to block it from writing to these system folders? So if ANY browser based process tries to, it will just fail.
I use noscript, but I'm tired of every site out there using javascript just for the layout and I'm always allowing sites just so I can even use them. This kinda defeats the whole purpose as I'm constantly enabling JS for every site I go to anyway because it's the only way to actually see the site. If a trusted site gets hacked and they put a drive by virus on it, then I'm still screwed. So I'm looking for something better.
I'd also like to setup my parents like this, as they always get viruses. So it needs to be easy to use.
I'm thinking, I could run the browser in a VM, but it seems a little excessive. Is there a way to do something like that, but more seamlessly?
Is there a way or a program or something I can do to prevent it.
Basically, a browser should never need to write any data to the system, ever. Only place it should be writing data to is it's profile/temp folder, and perhaps have a designated folder for file downloads. Period. It should not be touching c:\windows or c:\documents and settings (outside it's very own folder) etc...
Is there some way to block it from writing to these system folders? So if ANY browser based process tries to, it will just fail.
I use noscript, but I'm tired of every site out there using javascript just for the layout and I'm always allowing sites just so I can even use them. This kinda defeats the whole purpose as I'm constantly enabling JS for every site I go to anyway because it's the only way to actually see the site. If a trusted site gets hacked and they put a drive by virus on it, then I'm still screwed. So I'm looking for something better.
I'd also like to setup my parents like this, as they always get viruses. So it needs to be easy to use.
I'm thinking, I could run the browser in a VM, but it seems a little excessive. Is there a way to do something like that, but more seamlessly?