0

I am quite paranoid and I am always afraid that when i accidentally open some infected sites it would run scripts that automatically download malwares, viruses and trojans into my pc and run by themselves without prompting the download window. Do browsers report every download or is it possible to circumvent it in some way that initiates downloads? And is it possible to have malwares, trojans or viruses that could infect your pc without having you download something -- but instead through text-based or web-script based means of transmission? How safe are popular browsers such as google chrome, firefox etc.. and in comparison, very outdated ones such as windows IE. Does the type of internet protocol (http, https matter in this regard?

Also for malwares and adwares, do they infect your computer with undesirable elements immediately when you run the installation .exe files, or does it require for them to finish installation? Generally is it possible to check what kind of changes a program makes beforehand or afterwards, and is it possible to block the changes it wants to make midway if you have found out its a malware or adware during installation or with the process running already. I think windows by default would notify you if a program wants to make changes to your pc but usually i disable that since the default behaviour of that windows function is too annoying...is there an alternative solution that could detect changes made to computer and halt them only when you request for it, or that the program is included in some kind of online blacklist?

Jack the Ripper
  • 1
  • 1

1 Answers1

1

I suggest you check out https://en.wikipedia.org/wiki/Drive-by_download. It is possible to exploit vulnerabilities (some known some unknown) in browsers or (more often) browser plugins to download (and sometimes execute) files without your knowledge (unless you know where to look). More often the adversary will try to get you to click on something masquerading as legitimate (as this is easier for him).

As for browser safety modern browsers use a number of tricks like sand-boxing to separate malicious code on the websites you visit from affecting you but nothing is foolproof. Please don't use an old IE or any out of date browser or plugin (patch regularly).

Best thing you can do for yourself besides patching is don't go to dodgy websites and don't click random links you have no reason to trust. If you have to go to a site that is suspicious do so in a clean virtual environment that has no sensitive data inside it.

DarkMatter
  • 2,681
  • 2
  • 6
  • 23
  • Thank you. Could you also expound on examples of such vulnerabilities of browsers, such as how malicious code could be run from text-based or webscript based sources? And generally what is the extent of the harm that could be done without having you download malicious files, through websites or maybe emails alone (through embedded scripts)? Also is it possible to check exactly what kinds of scripts are being run on a site? – Jack the Ripper Oct 17 '18 at 20:23
  • I think that is outside the scope of the question as originally asked. If you want that to be the scope of the question I think it may be overly broad. I will say though, the answer to keeping yourself safe from the unknown bad files that you may encounter is called application white-listing. – DarkMatter Oct 17 '18 at 20:30
  • Okay. Also just one more question: can harm be done without having you download any malicious files at all to your computer? Is it possible to leak file or personal information, or have changes made to your system without having downloaded malicious files unwittingly but through the browser and browser plugins alone (or any other kind of internet communications)? – Jack the Ripper Oct 17 '18 at 22:39
  • Yes, but as for specifics, there are way too many to go into that depend on many factors regarding the configuration of your environment. If you are really paranoid about browsing the web then only do it through a clean VM that you never put personal information on (and any time you do have to use personal data you reset the VM to an earlier snapshot). – DarkMatter Oct 18 '18 at 14:48
  • from this dicussion thread https://security.stackexchange.com/questions/136250/how-do-i-run-an-unknown-exe-file-without-being-in-risk it seems that some malwares could also detect VM and would not run unless being put into a real machine...is there something else more secure but not something like a sacrificial physical pc? – Jack the Ripper Oct 19 '18 at 10:56
  • The fact that malware won't run on your VM doesn't matter if you objective is to surf the web...the reason that is an issue of interest in the infosec community is because we want to investigate malware in a safe way (inside a VM) to see what it does or if it is present but some of the hide while in the VM. – DarkMatter Oct 19 '18 at 14:07