Security/ Privacy
Purpose:
Internet Explorer has certain features that may impact or help you to protect your privacy. The sections below describe some of the features. See more on Internet Explorer 8, 9 and 10
Summary:
To provide some basic security and privacy features of Internet Explorer 7. To provide details on some functions in IE7 that you can use to better secure and protect your browsing activities, such as logging, auto-complete, history, cookies. P3P, phishing & pop-ups.
Advice:
With the full roll out of Internet Explorer 7, Microsoft's primary
internet browser for Windows Vista and Windows XP- several new features
and functions have been added to enhance your computer safety.
Be aware that one major area not addressed was anti virus protection
that requires a separate program or service. For IE users, we are
suggesting making the upgrade for your own protection though we
have found this version to be more intrusive with the emphasis
of steering you to Microsoft or paid for content- especially their
own search engine. Please note some web sites need to run in compatibility mode to use IE7 properly- click on "broken page" figure in address bar when a page will not fully load.
Add-on Management
and Crash Detection
Internet Explorer's Add-on Management feature lets you view, enable and disable
the list of add-ons which can be loaded by Internet Explorer. Add-ons include
browser helper objects, ActiveX controls, toolbar extensions and browser extensions.
To view or modify the add-ons on your computer by launching Manage Add-ons:
1.- In Internet Explorer,
click the Tools button, click Manage Add-ons, and then click Enable
or Disable Add-ons.
2.- To disable an add-on, select it in the list in the Manage Add-ons dialog
box and select the Disable radio button.
3.- To enable an add-on, select it in the list in the Manage Add-ons dialog
box and select the Enable radio button.
4.- Click OK to confirm.
Note: Disabling an
add-on does not remove it from your computer. It simply prevents Internet
Explorer from executing the add-on's code—it does not prevent
other software from executing the add-on. If an add-on is disabled,
website pages that rely on that add-on may not work as expected. For
more information on Add-ons, click the "Learn more about add-ons" help
link in the Manage Add-ons dialog box.
When Internet Explorer
experiences an error, Internet Explorer's Add-on Crash Detection feature
analyzes whether an add-on was running at the time of the crash. If
so, you will be presented with a dialog box that tells you which add-on
was running. If you click Advanced, the Manage Add-ons dialog will
launch. If you click Continue, you will see the standard Windows Error
Reporting dialog.
Add-on Crash Detection is on by default. If you are an administrator and wish to disable Add-on Management or Add-on Crash Detection, technical details are available at http://go.microsoft.com/fwlink/?LinkId=21836.
Application Compatibility
Logging
This feature in Internet Explorer is designed for use by Developers and IT
Professionals to determine the compatibility of their website with Internet
Explorer. When you activate this feature, Internet Explorer logs data points
about your interaction with web pages in an event log, which can be viewed with
the Windows Event Viewer. These events describe different failures that happened
on the site and can include information about specific controls and web pages
that failed. By default, this information may be viewed by all users on the
computer unless an administrator restricts this access. For more information
on logs and the use of the Windows Event Viewer, see the Windows Help topic "Event
Viewer".
Auto Complete
Internet Explorer's AutoComplete feature lets you more quickly fill out web
forms and navigate to websites you have visited in the past. AutoComplete
collects and stores in the registry on your computer the data you type
in web form text boxes and the address bar. If you choose to use AutoComplete
for passwords, they will be stored encrypted on your computer. AutoComplete
information is not shared with other users of your computer.
The first time you submit a web form, you will see a message box that asks if you'd like to turn the AutoComplete functionality on. To turn AutoComplete off and clear AutoComplete's history:
1.- In Internet Explorer,
click the Tools button, and then click Internet Options.
2.- On the Content tab, in the AutoComplete section, click Settings. In the
AutoComplete Settings dialog box, uncheck the appropriate check boxes for the
AutoComplete options you do not wish to use.
3.- To clear AutoComplete or web address history, click the General tab. Under
Browsing History, click Delete. In the Delete Browsing History dialog box,
click the Delete Forms and Delete Passwords buttons.
4.- To clear web address entries, follow the steps for Clear History below.
AutoSearch
from the Address Bar
If you enter text in Internet Explorer's address bar that does not resolve
as a valid web address, the AutoSearch functionality will redirect you to MSN
Search to provide you with some web addresses that may help you locate the
site you are looking for. To provide this feature, Internet Explorer sends
the invalid web address (i.e. the text you typed in the address bar that did
not resolve into a valid web address) to an MSN server which returns web address
options to your computer. MSN collects certain information about your computer
hardware and software. This information may include: your IP address, browser
type, domain names, access times and referring website addresses. For more
information about MSN Search and how MSN uses your information, please see
the MSN privacy statement at http://go.microsoft.com/fwlink/?linkid=31493.
To turn AutoSearch off:
1.- In Internet Explorer,
click the Tools button, and then click Internet Options.
2.- Click the Advanced tab.
3.- In the Search from the Address bar section, select Do not search from the
Address bar.
Clear History
Internet Explorer's History folder contains a list of links to the websites
and Windows shell locations you have visited recently. None of this history
is sent to Microsoft.
To clear the History folder:
1.- In Internet Explorer,
click the Tools button, and then click Internet Options.
2.- Click the General tab. Under Browsing History, click Delete. In the Delete
Browsing History dialog box, click Delete History.
To no longer retain history:
1.- In Internet Explorer,
click the Tools button, and then click Internet Options.
2.- In the Browsing History section, click Settings. In the Temporary Internet
Files and History Settings dialog box, adjust the Days to keep pages in history
field to 0.
Controlling Cookies
What is a Cookie?
A cookie is a small text file that is placed on your hard disk by a web server.
Cookies are uniquely assigned to you, and can only be read by a web server
in the domain that issued the cookie to you. Cookies cannot be used to run
programs or deliver viruses to your computer.
A cookie is often used to personalize your visit to a website or to save you time. For example, to facilitate a purchase the cookie could contain information such as your current selection, as well as contact information such as your name or e-mail address. To help websites track individual visitors, cookies often contain a unique identifier. It is up to the website that created the cookie to disclose to you what information is stored in the cookie and how that information is used.
Blocking Cookies
You have the ability to accept or decline cookies. If you decide to block one
or more cookies, the websites that use them may not function correctly.
For example, if you do not allow cookies at all, you may not be able to
view some websites or take advantage of customization features (such as
local news and weather, or stock quotes).
If you decide to block all cookies, you can use Internet Explorer's Internet Options to modify your browser settings for cookies as follows:
1.- In Internet Explorer,
click the Tools button, click Internet Options, and then click the
Privacy tab.
2.- Move the slider up to Block All Cookies. On this setting, websites will
not be able to store cookies on your computer.
Note: Blocking
all cookies may prevent you from accessing many websites. The next two
Internet Explorer privacy levels, High and Medium High, may be more suitable.
In addition, it is possible to block a cookie for a specific site via
the Manage sites dialog on the Privacy tab. Please see Internet Explorer
on-line Help for more information.
Removing Old Cookies
Cookies previously saved to your hard drive can still be read unless you remove
them. To remove all of your existing cookies:
1.- In Internet Explorer,
click the Tools button, and then click Internet Options.
2.- On the General tab, Under Browsing History, click Delete. In the Delete
Browsing History dialog box, click Delete Cookies.
3.- Click OK to confirm deletion of all cookies in the Temporary Internet Files
folder.
Delete Browsing
History
Internet Explorer's Delete Browsing History feature lets you clear with one
click the cookies, the UserData store, website passwords that you asked Internet
Explorer to save, entries in Internet Explorer's history folder, web form data,
temporary Internet files, the Last Tab Group, and files and settings stored
by Internet Explorer Add-ons, that have been saved on your computer. You may
also clear some of these items individually, as explained in the Removing Old
Cookies, AutoComplete, and Clear History sections of this privacy statement.
To use the Delete Browsing History feature:
• From the
Internet Explorer Tools menu, click Delete Browsing History.
• In the Delete Browsing History dialog box, click Delete all. Click Yes
to confirm. To delete any temporary data stored by add-ons, check the Also delete
files and settings stored by add-ons box.
P3P Privacy Policies
Internet Explorer gives you the ability to view a website's P3P (Platform for
Privacy Preferences standard) privacy policy and compare it to the privacy
preferences you have set. Even if a website does not have a P3P privacy
policy, it may have a written privacy statement that you can view.
To view a Web site's P3P privacy policy
1.- In Internet Explorer,
click the Page button, and then click Web Page Privacy Policy.
2.- Double-click the website whose privacy policy you would like to view.
After reviewing the P3P privacy policy, you can specify how you want Internet Explorer to handle cookies from the selected website. If you want Internet Explorer to determine whether or not to allow this website to save cookies on your computer by comparing the privacy policy with your privacy settings, select Compare cookies' Privacy Policy to my settings. If you want Internet Explorer to always allow cookies from this website to be saved on your computer, select Always allow this site to use cookies. If you want Internet Explorer to never allow cookies from this website to be saved on your computer, select Never allow this site to use cookies.
Please note that although Internet Explorer can display a website's P3P privacy policy, Internet Explorer cannot verify that the website complies with its own privacy policy.
Phishing Filter
Use of Phishing Filter is governed by the Microsoft Service Agreement. For
more information, click here to read the Microsoft Service Agreement online.
Phishing Filter is designed to warn you if the website you are visiting might be impersonating a trusted website. Phishing Filter does this by first checking the address of the website you are visiting against a list of website addresses stored on your computer that have been reported to Microsoft as legitimate ("legitimate list"). The first time you attempt to visit a website that is not on the legitimate list, you will be asked whether you would like to have Phishing Filter automatically check all websites you visit. If you opt in, addresses not on the legitimate list will be sent to Microsoft and checked against a frequently updated list of websites that have been reported to Microsoft as phishing, suspicious, or legitimate websites. You may also choose to use Phishing Filter manually to verify individual sites.
When you use Phishing Filter to check websites automatically or manually, the address of the website you are visiting will be sent to Microsoft, together with some standard information from your computer such as IP address, browser type, and Phishing Filter version number. To help protect your privacy, the address information sent to Microsoft is encrypted using SSL and limited to the domain and path of the website. Other information that may be associated with the address, such as search terms, data you entered in forms, or cookies, will not be sent.
For example, if you visited the MSN search web site at http://search.msn.com and entered "MySecret" as the search term, instead of sending the full address "http://search.msn.com/results.aspx?q=MySecret&FORM=QBHP", Phishing Filter would remove the search term and only send "http://search.msn.com/results.aspx". Address strings might unintentionally contain personal information, but this information is not used to identify you or contact you. If you are concerned that an address string might contain personal or confidential information, you should not report the site.
Anonymous statistics about your usage of Phishing Filter will also be sent to Microsoft such as the time and total number of websites browsed since an address was sent to Microsoft for analysis. This information, along with the information described above, will be used to analyze the performance and improve the quality of the Phishing Filter service. Microsoft will not use the information it receives to personally identify you. Some URLs that are sent may be saved to be included in the legitimate list and then provided as client updates. When saving this information additional information including Phishing Filter and Operating System version, and your browser language will be saved.
Automatic checking of all websites by Phishing Filter is off by default. Phishing Filter can be turned on and off from the Internet Explorer Tools menu. For example, to turn off automatic checking of all websites:
1.- In Internet Explorer,
click the Tools button, and then click Phishing Filter.
2.- Click Turn Off Automatic Checking.
Pop-up Blocker
Internet Explorer's Pop-up Blocker helps to block some unwanted pop-up windows
from appearing without blocking the pop-up windows you deliberately launch.
Pop-up Blocker is turned on by default.
To turn off Pop-up Blocker:
1.- In Internet Explorer,
click the Tools button, and then click Pop-up Blocker.
2.- Click Turn Off Pop-up Blocker.
You can customize Pop-up Blocker in several ways, including allowing the websites you select to launch pop-ups. To access the Pop-up Blocker settings:
1.- In Internet Explorer,
click the Tools button, and then click Pop-up Blocker.
2.- Click Pop-up Blocker Settings.
Please see Internet
Explorer on-line Help for more information about Pop-up Blocker.
Save Last Tab Group
This feature in Internet Explorer allows you to easily bring back your previous
set of tabs the next time you open Internet Explorer. You can choose to do
this when you close Internet Explorer when multiple tabs are open. This saved
data can be deleted with the Delete Browsing History feature.
Un-trusted Publishers
When you choose to download software from the Internet to your computer with
Internet Explorer, Microsoft Authenticode technology is used to help verify
the identity of the software's publisher. Authenticode technology checks
the software for a valid certificate or signature (that the identity of
the software publisher matches the signature and that the signature is
still valid). Note that this does not prevent a poorly written program
from being downloaded or run on your computer.
Internet Explorer's Untrusted Publishers feature allows you to block the installation of software from publishers you do not trust. When signed software (such as an ActiveX control) is about to be installed from a website, Internet Explorer's Authenticode dialog will ask you whether you want to install the software. You may choose to:
• Install the
software, or
• Trust all content from that software publisher so that it will be installed
in the future without asking you, or
• Block signed software from that publisher.
When you indicate software should be blocked, the certificate used to sign the software is placed on a block list. Any software signed with a blocked certificate will not be installed. Some publishers use different certificates to sign their software so you may be asked multiple times whether you wish to block software from a given publisher. The block list applies to all users of your computer and can only be modified by a user who is an administrator.
To unblock a software publisher:
1.- In Internet Explorer,
click the Tools button, and then click Internet Options.
2.- On the Content tab, in the Certificates section, click Certificates.
3.- Select the Untrusted Publisher tab.
4.- Select the Publisher you wish to unblock and click the Remove button.
