Jason Schuh who works on the Chrome Browser Team as one of the Tech Leads discussed 5 simple things we can do to protect ourselves on the Internet. Yes they are things we should know and do anyway but it is always good to be reminded. The original post is found here:
http://www.businessinsider.com/justin-schuh-google-chrome-security-interview-2015-3
1. Avoid using public computers, and if you are using a public computer, it’s best to assume that whatever information you access on it could be be public.
When you’re working on a public computer — like at a hotel or in the library — don’t check your bank statement or sign into any other sensitive accounts.
“It’s too big of a burden on the system maintainers to really keep those kinds of system safe, so it’s best to keep what you do on them to public research,” Schuh says.
2. Use separate passwords for different services. Really.
Yes, memorizing a bunch of random passwords can feel like a big hassle, but having the same one for every account is needlessly dangerous.
“Password managers can really help with creating and remembering lots of strong passwords,” Schuch says. (learn more about a few options here).
3. Use two-factor authentication whenever possible.
Two-step verification is a way for websites to confirm that you are who you say you are when you try to log in, usually through a code that gets texted to you.
“A lot of the drive-by attacks can be significantly mitigated with two-factor,” Schuch says.
Here’s how to set it up for Facebook, Google, Microsoft products, and more.
4. Think twice before installing a new plug-in
Schuh says that over the years he’s been at Google he’s seen an increase in malicious third-parties tricking users into downloading plug-ins or other executables. Users will download (sometimes despite warnings from their browsers), and then the tool will do something like reset all their preferences, monitor and log their keystrokes, or funnel their search requests to a third-party.
Really investigate a new plug-in before you install. An easy way to make sure it’s not sketchy is just by Googling its name and seeing what comes up.
“Chrome does a really good job of protecting you,” Scuch says. “We saw the problem of bad plug-ins several years ago, and we spent a lot of work trying to address that.”
Over the course of the next six months, he said, Google won’t offer any “un-sandboxed” plug-ins for Chrome. When a security team sandboxes something, it means they’ve built a “wall” around its code so that even if it’s malicious, it won’t be able to affect the rest of your computer.
5. Keep an up-to-date browser.
Browser security teams work around the clock to protect users from risks. But all their hard work will go to waste if you’re using an old version of your internet browser.
Chrome pushes major new releases every six to eight weeks, with minor releases every two to three weeks, and Google will make your life easier by updating your browser automatically. However, if you don’t use Chrome, double check that you’re working with the latest version.