Topics

Good Browsing Hygiene, was: Kaspersky antivirus, how accessible?


 

Ari Sepulveda asked, "So, what exactly does good browsing hygiene entail? I've heard a lot about this over the years, but I've never really understood what it means."

This is an excellent question that has no absolutely precise answer, but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're clicking on before you click on it, most specifically links.  These days, and for legitimate reasons, most links are not presented as what I call naked links, in full http plus address format, but using click through text.  This is very convenient, as it tells you much more about what the intended point of clicking is, but it can also mask attempts to get you to click on something that "looks legit" but is intended to take you somewhere that will infect your machine with malware or spyware.

The first thing you need to do before even thinking about clicking any link is to, "Consider the source," as far as the person or entity who provided it to you.  If you are browsing the New York Times website, or Amazon to shop, or eBay, or an e-mail message sent to you by a person you know or a company you do business with that doesn't set off your "something's not quite right about this message" radar, you can be quite safe in assuming that clicking links in those circumstances will be perfectly OK.  One could drive oneself crazy checking each and every link one clicks when the chance of a malicious one coming from "a legitimate source" is really quite small.  If you have any suspicion, then do double check.  I know that there is some way, when you are sitting on a link presented via click-through text, to make your screen reader actually read the "naked" version of the link itself.  When I hover over one the "naked" version of the link shows up in the status bar at the bottom of my web browser, but I'm somehow missing how to make NVDA read that information.  The same things shows up there if I use the INSERT+F7 feature, list links, and then "Move To" a given link.

If you have any reasonable suspicion that a link might not be taking you where you think it might, it's worth getting the "naked" version of the link announced.  If you have a link, for instance, that appears to be taking you to an eBay item listing, but when you have it announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in the link you can almost be assured that someone's trying to take you down the garden path, and said garden won't be full of anything but cyber-weeds.  This idea applies generally in that you can get a sense of whether you recognize where a link wants to take you.  Here's a real-world example taken from the Spam folder of my own e-mail account (which was put there because Google's filter's already identified it as a suspicious e-mail). Let's presume it didn't get filtered, though.  That e-mail has the title, "Attn:Your CVS ExtraCare-Store Card(s), Has Just Been-Updated. Must Be Confirmed by April 10th. #4413"  The title itself should arouse suspicion, since it uses syntax (the parenthesis s is one give away, the weird hyphens another, and the "#4413" at the end a third), and it does.  It contains a link where the click-through text reads, "Go Here to Confirm Your New CVS Extra-Care Reward-Card."  First, the link itself is suspicious because it spells Extra Care as two words with a hyphen between (and, I  know, this may not be something obvious if you can't see it, but I want to include all hallmarks) when CVS itself always uses a single word, ExtraCare, with the E and C capitalized, when referring to its program.  It has a hyphen between reward and card, which is completely unnecessary, and it uses the singular while the message title used the parenthesis S bit.  Finally, if you take yourself to that link and hover over it, what you get shown is a URL that is only 10 characters long and has CVS nowhere to be seen.  All of these things tell you that someone is trying to take you somewhere and to get you to do something you should not be doing.  In this case I'd suspect it's trying to get you to enter personal information as part of an identity theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look if the source may be OK but also might not be, and never to click unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware havens, but many are) or clicking through on anything in a pop-up that didn't clearly pop-up because you did something where a pop-up window would be expected, e.g., clicked on an "edit your contact information" button and the contact information comes up in a pop-up window, all of which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking random links without seeing if they appear legitimate first.  This forms the basis of good browsing hygiene.

Brian


Arianna Sepulveda
 

Brian, thanks for all your great info! I'm not sure if this'll do the trick, but if "i right-click a link, I see something called view source or something like that. Could this possibly let me view the actual link, and not just the words the person has used? I mean, would this let me view the actual URL, like ebay4com/bladybla, and not just white socks? I hope this makes sense.


Thanks,
Ari

On Apr 5, 2016, at 10:07 AM, Brian Vogel <britechguy@...> wrote:

Ari Sepulveda asked, "So, what exactly does good browsing hygiene entail? I've heard a lot about this over the years, but I've never really understood what it means."

This is an excellent question that has no absolutely precise answer, but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're clicking on before you click on it, most specifically links.  These days, and for legitimate reasons, most links are not presented as what I call naked links, in full http plus address format, but using click through text.  This is very convenient, as it tells you much more about what the intended point of clicking is, but it can also mask attempts to get you to click on something that "looks legit" but is intended to take you somewhere that will infect your machine with malware or spyware.

The first thing you need to do before even thinking about clicking any link is to, "Consider the source," as far as the person or entity who provided it to you.  If you are browsing the New York Times website, or Amazon to shop, or eBay, or an e-mail message sent to you by a person you know or a company you do business with that doesn't set off your "something's not quite right about this message" radar, you can be quite safe in assuming that clicking links in those circumstances will be perfectly OK.  One could drive oneself crazy checking each and every link one clicks when the chance of a malicious one coming from "a legitimate source" is really quite small.  If you have any suspicion, then do double check.  I know that there is some way, when you are sitting on a link presented via click-through text, to make your screen reader actually read the "naked" version of the link itself.  When I hover over one the "naked" version of the link shows up in the status bar at the bottom of my web browser, but I'm somehow missing how to make NVDA read that information.  The same things shows up there if I use the INSERT+F7 feature, list links, and then "Move To" a given link.

If you have any reasonable suspicion that a link might not be taking you where you think it might, it's worth getting the "naked" version of the link announced.  If you have a link, for instance, that appears to be taking you to an eBay item listing, but when you have it announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in the link you can almost be assured that someone's trying to take you down the garden path, and said garden won't be full of anything but cyber-weeds.  This idea applies generally in that you can get a sense of whether you recognize where a link wants to take you.  Here's a real-world example taken from the Spam folder of my own e-mail account (which was put there because Google's filter's already identified it as a suspicious e-mail). Let's presume it didn't get filtered, though.  That e-mail has the title, "Attn:Your CVS ExtraCare-Store Card(s), Has Just Been-Updated. Must Be Confirmed by April 10th. #4413"  The title itself should arouse suspicion, since it uses syntax (the parenthesis s is one give away, the weird hyphens another, and the "#4413" at the end a third), and it does.  It contains a link where the click-through text reads, "Go Here to Confirm Your New CVS Extra-Care Reward-Card."  First, the link itself is suspicious because it spells Extra Care as two words with a hyphen between (and, I  know, this may not be something obvious if you can't see it, but I want to include all hallmarks) when CVS itself always uses a single word, ExtraCare, with the E and C capitalized, when referring to its program.  It has a hyphen between reward and card, which is completely unnecessary, and it uses the singular while the message title used the parenthesis S bit.  Finally, if you take yourself to that link and hover over it, what you get shown is a URL that is only 10 characters long and has CVS nowhere to be seen.  All of these things tell you that someone is trying to take you somewhere and to get you to do something you should not be doing.  In this case I'd suspect it's trying to get you to enter personal information as part of an identity theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look if the source may be OK but also might not be, and never to click unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware havens, but many are) or clicking through on anything in a pop-up that didn't clearly pop-up because you did something where a pop-up window would be expected, e.g., clicked on an "edit your contact information" button and the contact information comes up in a pop-up window, all of which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking random links without seeing if they appear legitimate first.  This forms the basis of good browsing hygiene.

Brian


 

Ari,

          When I right click on a link (via conventional right click, not the screen reader) the only thing that pops up that could be remotely useful is the "Copy Link Location" option in the context menu.  You could then open Notepad, for instance, paste it, and have it read there.

           However, I am virtually certain that you can instruct the screen reader to actually announce to you that, "ebay.com/blah_blah.html," is the URL that you'd go to when, "Link White Socks," is what's announced because the click through text is, "White Socks."

           I hope someone else will chime in on what command that would be, as I can't seem to locate it in my NVDA keystrokes document (or am just looking past it or it's using terminology for the command that's not making me say, "that's the one!").

Brian


Rosemarie Chavarria
 

Hi, Brian,

This is very good information. My next-door neighbor got a virus years ago from clicking on a link. It destroyed her drives so she ended up having to get a new computer. I try to be careful about what sites I go on. As far as online shopping, I only go on 3 sites--amazon, the safeway site and National Braille Press. Thank you for posting this information.

Rosemarie

On 4/5/2016 10:07 AM, Brian Vogel wrote:

Ari Sepulveda asked, "So, what exactly does good browsing hygiene entail? I've heard a lot about this over the years, but I've never really understood what it means."

This is an excellent question that has no absolutely precise answer, but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're clicking on before you click on it, most specifically links.  These days, and for legitimate reasons, most links are not presented as what I call naked links, in full http plus address format, but using click through text.  This is very convenient, as it tells you much more about what the intended point of clicking is, but it can also mask attempts to get you to click on something that "looks legit" but is intended to take you somewhere that will infect your machine with malware or spyware.

The first thing you need to do before even thinking about clicking any link is to, "Consider the source," as far as the person or entity who provided it to you.  If you are browsing the New York Times website, or Amazon to shop, or eBay, or an e-mail message sent to you by a person you know or a company you do business with that doesn't set off your "something's not quite right about this message" radar, you can be quite safe in assuming that clicking links in those circumstances will be perfectly OK.  One could drive oneself crazy checking each and every link one clicks when the chance of a malicious one coming from "a legitimate source" is really quite small.  If you have any suspicion, then do double check.  I know that there is some way, when you are sitting on a link presented via click-through text, to make your screen reader actually read the "naked" version of the link itself.  When I hover over one the "naked" version of the link shows up in the status bar at the bottom of my web browser, but I'm somehow missing how to make NVDA read that information.  The same things shows up there if I use the INSERT+F7 feature, list links, and then "Move To" a given link.

If you have any reasonable suspicion that a link might not be taking you where you think it might, it's worth getting the "naked" version of the link announced.  If you have a link, for instance, that appears to be taking you to an eBay item listing, but when you have it announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in the link you can almost be assured that someone's trying to take you down the garden path, and said garden won't be full of anything but cyber-weeds.  This idea applies generally in that you can get a sense of whether you recognize where a link wants to take you.  Here's a real-world example taken from the Spam folder of my own e-mail account (which was put there because Google's filter's already identified it as a suspicious e-mail). Let's presume it didn't get filtered, though.  That e-mail has the title, "Attn:Your CVS ExtraCare-Store Card(s), Has Just Been-Updated. Must Be Confirmed by April 10th. #4413"  The title itself should arouse suspicion, since it uses syntax (the parenthesis s is one give away, the weird hyphens another, and the "#4413" at the end a third), and it does.  It contains a link where the click-through text reads, "Go Here to Confirm Your New CVS Extra-Care Reward-Card."  First, the link itself is suspicious because it spells Extra Care as two words with a hyphen between (and, I  know, this may not be something obvious if you can't see it, but I want to include all hallmarks) when CVS itself always uses a single word, ExtraCare, with the E and C capitalized, when referring to its program.  It has a hyphen between reward and card, which is completely unnecessary, and it uses the singular while the message title used the parenthesis S bit.  Finally, if you take yourself to that link and hover over it, what you get shown is a URL that is only 10 characters long and has CVS nowhere to be seen.  All of these things tell you that someone is trying to take you somewhere and to get you to do something you should not be doing.  In this case I'd suspect it's trying to get you to enter personal information as part of an identity theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look if the source may be OK but also might not be, and never to click unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware havens, but many are) or clicking through on anything in a pop-up that didn't clearly pop-up because you did something where a pop-up window would be expected, e.g., clicked on an "edit your contact information" button and the contact information comes up in a pop-up window, all of which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking random links without seeing if they appear legitimate first.  This forms the basis of good browsing hygiene.

Brian



Patrick Le Baudour
 

Hi,

This allows to view the whole source of the html page, while it does allow to see the link, it is a bit overkill.
What I usually do with nvda is open the context menu on the link, type c for copy link address, then nvda+c to tell the clipboard content.
Also, being careful of any executable from unknown or untrusted sources, opt-out third-party installations, and attachments can be useful.

One way of infection that have been frequent was software cracks. Not sure it is as true nowadays, but avoiding them can sometimes actually save money.

-- Patrick.


 

Patrick Le Baudour a écrit:  "What I usually do with nvda is open the context menu on the link, type c for copy link address, then nvda+c to tell the clipboard content."

This is the slightly slicker version of what I'd said, and at least it avoids having to open Notepad or any other program to paste the link from the clipboard.

Another program that I cannot recommend more highly, particularly to avoid bundled "junkware" being installed on your computer when you're installing something you've downloaded and want, is Unchecky.  It's useful to anyone, but particularly to the visually impaired and blind because of the loathsome practice of bundling.  I use it on my own computer just in case I miss one of those checkboxes I should be unchecking by accident.

Brian


Arianna Sepulveda
 

Lol I so need to get this. I remember accidentally installing the Yahoo and Ask toolbars because I accidentally fissed a checkbox.


Thanks,
Ari

On Apr 5, 2016, at 11:16 AM, Brian Vogel <britechguy@...> wrote:

Patrick Le Baudour a écrit:  "What I usually do with nvda is open the context menu on the link, type c for copy link address, then nvda+c to tell the clipboard content."

This is the slightly slicker version of what I'd said, and at least it avoids having to open Notepad or any other program to paste the link from the clipboard.

Another program that I cannot recommend more highly, particularly to avoid bundled "junkware" being installed on your computer when you're installing something you've downloaded and want, is Unchecky.  It's useful to anyone, but particularly to the visually impaired and blind because of the loathsome practice of bundling.  I use it on my own computer just in case I miss one of those checkboxes I should be unchecking by accident.

Brian


Gene
 

I am not aware of any such command in screen-readers to hover the mouse and announce the text that results.  You may be able to hover the mouse by routing it to the link, using the move mouse to object navigation item but I don't recall any screen-reader automatically reading anything when the underlying link is shown.  Again, You may be able to move to it and read it but I haven't investigated it to any extent. 
 
I assume that every e-mail I get claiming to be from anyone legitimate that wants me to do something to approve something such as a card, or to submit information concerning my e-mail account or click on a link or open an attachment is spam and is malicious unless I am expecting something from a specific person or entity in advance.  If you aren't sure, contact the person or organization and ask.  Use the actual address.  Don't follow a link or use an address in a message to contact the person. 
 
If you read mail as html, it is better not even to open such messages.  Malicious code may be embedded in the html that may try to run.  I read all mail as plain text except for a newsletter I get that must be read in html to be able to follow links that are names of articles.  If you read mail as plain text, nothing can run. 
 
Also, using sites you expect to  be safe and avoiding porn sites does not mean you won't be exposed to malicious code.  Reputable
sites may be hacked or advertising on such sites may be hacked. 
 
For that reason, I don't allow scripts to run except on sites where I intentionally want them to run.  Firefox has an add on, noscript, that allows such control.  I haven't played with it much and I don't know what is involved using it.  But if it is at all complex, my recollection is that there is one simple command that allows you to turn blocking on when you want it on and off when you want it off. 
 
If you can't do something on a site when it is blocked, turn blocking off and then reload the page.  You will need scripts to run on many sites.  But on many, such as on a lot of newspaper sites or others where all you want to do is read articles, you won't.  Sites may load faster if scripts are off as another benefit.
 
Gene

----- Original Message -----
Sent: Tuesday, April 05, 2016 12:07 PM
Subject: Re: [nvda] Good Browsing Hygiene, was: Kaspersky antivirus, how accessible?

Ari Sepulveda asked, "So, what exactly does good browsing hygiene entail? I've heard a lot about this over the years, but I've never really understood what it means."

This is an excellent question that has no absolutely precise answer, but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're clicking on before you click on it, most specifically links.  These days, and for legitimate reasons, most links are not presented as what I call naked links, in full http plus address format, but using click through text.  This is very convenient, as it tells you much more about what the intended point of clicking is, but it can also mask attempts to get you to click on something that "looks legit" but is intended to take you somewhere that will infect your machine with malware or spyware.

The first thing you need to do before even thinking about clicking any link is to, "Consider the source," as far as the person or entity who provided it to you.  If you are browsing the New York Times website, or Amazon to shop, or eBay, or an e-mail message sent to you by a person you know or a company you do business with that doesn't set off your "something's not quite right about this message" radar, you can be quite safe in assuming that clicking links in those circumstances will be perfectly OK.  One could drive oneself crazy checking each and every link one clicks when the chance of a malicious one coming from "a legitimate source" is really quite small.  If you have any suspicion, then do double check.  I know that there is some way, when you are sitting on a link presented via click-through text, to make your screen reader actually read the "naked" version of the link itself.  When I hover over one the "naked" version of the link shows up in the status bar at the bottom of my web browser, but I'm somehow missing how to make NVDA read that information.  The same things shows up there if I use the INSERT+F7 feature, list links, and then "Move To" a given link.

If you have any reasonable suspicion that a link might not be taking you where you think it might, it's worth getting the "naked" version of the link announced.  If you have a link, for instance, that appears to be taking you to an eBay item listing, but when you have it announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in the link you can almost be assured that someone's trying to take you down the garden path, and said garden won't be full of anything but cyber-weeds.  This idea applies generally in that you can get a sense of whether you recognize where a link wants to take you.  Here's a real-world example taken from the Spam folder of my own e-mail account (which was put there because Google's filter's already identified it as a suspicious e-mail). Let's presume it didn't get filtered, though.  That e-mail has the title, "Attn:Your CVS ExtraCare-Store Card(s), Has Just Been-Updated. Must Be Confirmed by April 10th. #4413"  The title itself should arouse suspicion, since it uses syntax (the parenthesis s is one give away, the weird hyphens another, and the "#4413" at the end a third), and it does.  It contains a link where the click-through text reads, "Go Here to Confirm Your New CVS Extra-Care Reward-Card."  First, the link itself is suspicious because it spells Extra Care as two words with a hyphen between (and, I  know, this may not be something obvious if you can't see it, but I want to include all hallmarks) when CVS itself always uses a single word, ExtraCare, with the E and C capitalized, when referring to its program.  It has a hyphen between reward and card, which is completely unnecessary, and it uses the singular while the message title used the parenthesis S bit.  Finally, if you take yourself to that link and hover over it, what you get shown is a URL that is only 10 characters long and has CVS nowhere to be seen.  All of these things tell you that someone is trying to take you somewhere and to get you to do something you should not be doing.  In this case I'd suspect it's trying to get you to enter personal information as part of an identity theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look if the source may be OK but also might not be, and never to click unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware havens, but many are) or clicking through on anything in a pop-up that didn't clearly pop-up because you did something where a pop-up window would be expected, e.g., clicked on an "edit your contact information" button and the contact information comes up in a pop-up window, all of which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking random links without seeing if they appear legitimate first.  This forms the basis of good browsing hygiene.

Brian


 

Well clicking stupidly is a problem.
And viruses can't destroy drives at all as far as I know.
Ie if you have a virus unless its firmware, you don't loose it all, maybe your data but your hardware is still ok.
Sounds fishy that a shop says you have a virus, get another computer.
Put it this way, if that was the case, I'd infect everygovernment system with a virus now, cyber terrorism could be my ticket to bankrupting every government by simply making sure they would have to replace the computer then nuking all manufacturing places in china.
I have never heard of this sort of thing.

On 6/04/2016 5:52 a.m., Rosemarie Chavarria wrote:
Hi, Brian,

This is very good information. My next-door neighbor got a virus years
ago from clicking on a link. It destroyed her drives so she ended up
having to get a new computer. I try to be careful about what sites I go
on. As far as online shopping, I only go on 3 sites--amazon, the safeway
site and National Braille Press. Thank you for posting this information.

Rosemarie
On 4/5/2016 10:07 AM, Brian Vogel wrote:

Ari Sepulveda asked, "So, what exactly does good browsing hygiene
entail? I've heard a lot about this over the years, but I've never
really understood what it means."

This is an excellent question that has no absolutely precise answer,
but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're
clicking on before you click on it, most specifically links. These
days, and for legitimate reasons, most links are not presented as what
I call naked links, in full http plus address format, but using click
through text. This is very convenient, as it tells you much more
about what the intended point of clicking is, but it can also mask
attempts to get you to click on something that "looks legit" but is
intended to take you somewhere that will infect your machine with
malware or spyware.

The first thing you need to do before even thinking about clicking any
link is to, "Consider the source," as far as the person or entity who
provided it to you. If you are browsing the /New York Times/ website,
or Amazon to shop, or eBay, or an e-mail message sent to you by a
person you know or a company you do business with that doesn't set off
your "something's not quite right about this message" radar, you can
be quite safe in assuming that clicking links in those circumstances
will be perfectly OK. One could drive oneself crazy checking each and
every link one clicks when the chance of a malicious one coming from
"a legitimate source" is really quite small. If you have any
suspicion, then do double check. I know that there is some way, when
you are sitting on a link presented via click-through text, to make
your screen reader actually read the "naked" version of the link
itself. When I hover over one the "naked" version of the link shows
up in the status bar at the bottom of my web browser, but I'm somehow
missing how to make NVDA read that information. The same things shows
up there if I use the INSERT+F7 feature, list links, and then "Move
To" a given link.

If you have any reasonable suspicion that a link might not be taking
you where you think it might, it's worth getting the "naked" version
of the link announced. If you have a link, for instance, that appears
to be taking you to an eBay item listing, but when you have it
announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in
the link you can almost be assured that someone's trying to take you
down the garden path, and said garden won't be full of anything but
cyber-weeds. This idea applies generally in that you can get a sense
of whether you recognize where a link wants to take you. Here's a
real-world example taken from the Spam folder of my own e-mail account
(which was put there because Google's filter's already identified it
as a suspicious e-mail). Let's presume it didn't get filtered, though.
That e-mail has the title, "/Attn:Your CVS ExtraCare-Store Card(s),
Has Just Been-Updated. Must Be Confirmed by April 10th. #4413/" The
title itself should arouse suspicion, since it uses syntax (the
parenthesis s is one give away, the weird hyphens another, and the
"#4413" at the end a third), and it does. It contains a link where
the click-through text reads, "Go Here to Confirm Your New CVS
Extra-Care Reward-Card." First, the link itself is suspicious because
it spells Extra Care as two words with a hyphen between (and, I know,
this may not be something obvious if you can't see it, but I want to
include all hallmarks) when CVS itself always uses a single word,
ExtraCare, with the E and C capitalized, when referring to its
program. It has a hyphen between reward and card, which is completely
unnecessary, and it uses the singular while the message title used the
parenthesis S bit. Finally, if you take yourself to that link and
hover over it, what you get shown is a URL that is only 10 characters
long and has CVS nowhere to be seen. All of these things tell you
that someone is trying to take you somewhere and to get you to do
something you should not be doing. In this case I'd suspect it's
trying to get you to enter personal information as part of an identity
theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look
if the source may be OK but also might not be, and never to click
unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware
havens, but many are) or clicking through on anything in a pop-up that
didn't clearly pop-up because you did something where a pop-up window
would be expected, e.g., clicked on an "edit your contact information"
button and the contact information comes up in a pop-up window, all of
which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting
and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking
random links without seeing if they appear legitimate first. This
forms the basis of good browsing hygiene.

Brian


Gene
 

View source lets you view the underlying code of the entire web page.  it would be a very cumbersome way to try to find a link, though you could if you wanted to put that kind of time and effort into doing so. 
If your browser has something in the right click menu such as copy link location, using that will place the underlying link on the clipboard and you can then paste it into a program like notepad and see it. 
 
Gene

----- Original Message ------
Sent: Tuesday, April 05, 2016 12:19 PM
Subject: Re: [nvda] Good Browsing Hygiene, was: Kaspersky antivirus, how accessible?

Brian, thanks for all your great info! I'm not sure if this'll do the trick, but if "i right-click a link, I see something called view source or something like that. Could this possibly let me view the actual link, and not just the words the person has used? I mean, would this let me view the actual URL, like ebay4com/bladybla, and not just white socks? I hope this makes sense.


Thanks,
Ari

On Apr 5, 2016, at 10:07 AM, Brian Vogel <britechguy@...> wrote:

Ari Sepulveda asked, "So, what exactly does good browsing hygiene entail? I've heard a lot about this over the years, but I've never really understood what it means."

This is an excellent question that has no absolutely precise answer, but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're clicking on before you click on it, most specifically links.  These days, and for legitimate reasons, most links are not presented as what I call naked links, in full http plus address format, but using click through text.  This is very convenient, as it tells you much more about what the intended point of clicking is, but it can also mask attempts to get you to click on something that "looks legit" but is intended to take you somewhere that will infect your machine with malware or spyware.

The first thing you need to do before even thinking about clicking any link is to, "Consider the source," as far as the person or entity who provided it to you.  If you are browsing the New York Times website, or Amazon to shop, or eBay, or an e-mail message sent to you by a person you know or a company you do business with that doesn't set off your "something's not quite right about this message" radar, you can be quite safe in assuming that clicking links in those circumstances will be perfectly OK.  One could drive oneself crazy checking each and every link one clicks when the chance of a malicious one coming from "a legitimate source" is really quite small.  If you have any suspicion, then do double check.  I know that there is some way, when you are sitting on a link presented via click-through text, to make your screen reader actually read the "naked" version of the link itself.  When I hover over one the "naked" version of the link shows up in the status bar at the bottom of my web browser, but I'm somehow missing how to make NVDA read that information.  The same things shows up there if I use the INSERT+F7 feature, list links, and then "Move To" a given link.

If you have any reasonable suspicion that a link might not be taking you where you think it might, it's worth getting the "naked" version of the link announced.  If you have a link, for instance, that appears to be taking you to an eBay item listing, but when you have it announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in the link you can almost be assured that someone's trying to take you down the garden path, and said garden won't be full of anything but cyber-weeds.  This idea applies generally in that you can get a sense of whether you recognize where a link wants to take you.  Here's a real-world example taken from the Spam folder of my own e-mail account (which was put there because Google's filter's already identified it as a suspicious e-mail). Let's presume it didn't get filtered, though.  That e-mail has the title, "Attn:Your CVS ExtraCare-Store Card(s), Has Just Been-Updated. Must Be Confirmed by April 10th. #4413"  The title itself should arouse suspicion, since it uses syntax (the parenthesis s is one give away, the weird hyphens another, and the "#4413" at the end a third), and it does.  It contains a link where the click-through text reads, "Go Here to Confirm Your New CVS Extra-Care Reward-Card."  First, the link itself is suspicious because it spells Extra Care as two words with a hyphen between (and, I  know, this may not be something obvious if you can't see it, but I want to include all hallmarks) when CVS itself always uses a single word, ExtraCare, with the E and C capitalized, when referring to its program.  It has a hyphen between reward and card, which is completely unnecessary, and it uses the singular while the message title used the parenthesis S bit.  Finally, if you take yourself to that link and hover over it, what you get shown is a URL that is only 10 characters long and has CVS nowhere to be seen.  All of these things tell you that someone is trying to take you somewhere and to get you to do something you should not be doing.  In this case I'd suspect it's trying to get you to enter personal information as part of an identity theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look if the source may be OK but also might not be, and never to click unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware havens, but many are) or clicking through on anything in a pop-up that didn't clearly pop-up because you did something where a pop-up window would be expected, e.g., clicked on an "edit your contact information" button and the contact information comes up in a pop-up window, all of which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking random links without seeing if they appear legitimate first.  This forms the basis of good browsing hygiene.

Brian


Kevin Cussick
 

I agree, this is really a must for us blindies.

On 05/04/2016 19:46, Arianna Sepulveda wrote:
Lol I so need to get this. I remember accidentally installing the Yahoo
and Ask toolbars because I accidentally fissed a checkbox.


Thanks,
Ari

On Apr 5, 2016, at 11:16 AM, Brian Vogel <@britechguy
<mailto:@britechguy>> wrote:

Patrick Le Baudour a écrit: "What I usually do with nvda is open the
context menu on the link, type c for copy link address, then nvda+c to
tell the clipboard content."

This is the slightly slicker version of what I'd said, and at least it
avoids having to open Notepad or any other program to paste the link
from the clipboard.

Another program that I cannot recommend more highly, particularly to
avoid bundled "junkware" being installed on your computer when you're
installing something you've downloaded and want, is Unchecky
<https://unchecky.com/>. It's useful to anyone, but particularly to
the visually impaired and blind because of the loathsome practice of
bundling. I use it on my own computer just in case I miss one of
those checkboxes I should be unchecking by accident.

Brian


Rosemarie Chavarria
 

Maybe my neighbor did click on something stupid but who knows. I never heard of a virus destroying somebody's computer either until she told me. She does exagerate about stuff anyway.

On 4/5/2016 12:07 PM, Shaun Everiss wrote:
Well clicking stupidly is a problem.
And viruses can't destroy drives at all as far as I know.
Ie if you have a virus unless its firmware, you don't loose it all, maybe your data but your hardware is still ok.
Sounds fishy that a shop says you have a virus, get another computer.
Put it this way, if that was the case, I'd infect everygovernment system with a virus now, cyber terrorism could be my ticket to bankrupting every government by simply making sure they would have to replace the computer then nuking all manufacturing places in china.
I have never heard of this sort of thing.



On 6/04/2016 5:52 a.m., Rosemarie Chavarria wrote:
Hi, Brian,

This is very good information. My next-door neighbor got a virus years
ago from clicking on a link. It destroyed her drives so she ended up
having to get a new computer. I try to be careful about what sites I go
on. As far as online shopping, I only go on 3 sites--amazon, the safeway
site and National Braille Press. Thank you for posting this information.

Rosemarie
On 4/5/2016 10:07 AM, Brian Vogel wrote:

Ari Sepulveda asked, "So, what exactly does good browsing hygiene
entail? I've heard a lot about this over the years, but I've never
really understood what it means."

This is an excellent question that has no absolutely precise answer,
but there are some general guidelines.

Most of "good browsing hygiene" revolves around analyzing what you're
clicking on before you click on it, most specifically links. These
days, and for legitimate reasons, most links are not presented as what
I call naked links, in full http plus address format, but using click
through text. This is very convenient, as it tells you much more
about what the intended point of clicking is, but it can also mask
attempts to get you to click on something that "looks legit" but is
intended to take you somewhere that will infect your machine with
malware or spyware.

The first thing you need to do before even thinking about clicking any
link is to, "Consider the source," as far as the person or entity who
provided it to you. If you are browsing the /New York Times/ website,
or Amazon to shop, or eBay, or an e-mail message sent to you by a
person you know or a company you do business with that doesn't set off
your "something's not quite right about this message" radar, you can
be quite safe in assuming that clicking links in those circumstances
will be perfectly OK. One could drive oneself crazy checking each and
every link one clicks when the chance of a malicious one coming from
"a legitimate source" is really quite small. If you have any
suspicion, then do double check. I know that there is some way, when
you are sitting on a link presented via click-through text, to make
your screen reader actually read the "naked" version of the link
itself. When I hover over one the "naked" version of the link shows
up in the status bar at the bottom of my web browser, but I'm somehow
missing how to make NVDA read that information. The same things shows
up there if I use the INSERT+F7 feature, list links, and then "Move
To" a given link.

If you have any reasonable suspicion that a link might not be taking
you where you think it might, it's worth getting the "naked" version
of the link announced. If you have a link, for instance, that appears
to be taking you to an eBay item listing, but when you have it
announced doesn't include "rover.ebay.com" or "ebay.com" anywhere in
the link you can almost be assured that someone's trying to take you
down the garden path, and said garden won't be full of anything but
cyber-weeds. This idea applies generally in that you can get a sense
of whether you recognize where a link wants to take you. Here's a
real-world example taken from the Spam folder of my own e-mail account
(which was put there because Google's filter's already identified it
as a suspicious e-mail). Let's presume it didn't get filtered, though.
That e-mail has the title, "/Attn:Your CVS ExtraCare-Store Card(s),
Has Just Been-Updated. Must Be Confirmed by April 10th. #4413/" The
title itself should arouse suspicion, since it uses syntax (the
parenthesis s is one give away, the weird hyphens another, and the
"#4413" at the end a third), and it does. It contains a link where
the click-through text reads, "Go Here to Confirm Your New CVS
Extra-Care Reward-Card." First, the link itself is suspicious because
it spells Extra Care as two words with a hyphen between (and, I know,
this may not be something obvious if you can't see it, but I want to
include all hallmarks) when CVS itself always uses a single word,
ExtraCare, with the E and C capitalized, when referring to its
program. It has a hyphen between reward and card, which is completely
unnecessary, and it uses the singular while the message title used the
parenthesis S bit. Finally, if you take yourself to that link and
hover over it, what you get shown is a URL that is only 10 characters
long and has CVS nowhere to be seen. All of these things tell you
that someone is trying to take you somewhere and to get you to do
something you should not be doing. In this case I'd suspect it's
trying to get you to enter personal information as part of an identity
theft scheme, but there's no way I'm clicking to find out.

What it boils down to is to, "Consider the source," take a closer look
if the source may be OK but also might not be, and never to click
unknown links from unknown sources, period.

Also, avoiding things like porn websites (not all are spyware/malware
havens, but many are) or clicking through on anything in a pop-up that
didn't clearly pop-up because you did something where a pop-up window
would be expected, e.g., clicked on an "edit your contact information"
button and the contact information comes up in a pop-up window, all of
which you're doing on a website you already know to be legitimate.

Reasonable caution and looking out for yourself rather than trusting
and/or falling prey to "Ooooooh, shiny!" syndrome in terms of clicking
random links without seeing if they appear legitimate first. This
forms the basis of good browsing hygiene.

Brian


 

Ari,

        Just a follow-up comment after having been away for a couple of hours.  You can see from the comments of other members of the cohort that what is considered "good browsing hygiene" can be significantly more stringent than the basic definition.  In my case, unlike Gene, I have never had any issue with being infected with anything either from scripts (and, yes, they can, but only if intentionally malicious or a site is hacked) nor from HTML e-mail.  Since scripts are pivotal to many sites I use it is far more bother than it's worth to me personally to put in a script blocker and override it on a constant basis.  Since all of my e-mail has been coming through Gmail, Yahoo, or similar for years it's already been virus scanned and checked for other things like malicious links, etc., before they ever arrive in any e-mail client I use, and I generally use the web interface to begin with.  I have confidence in the scanning done by Google before the mail ever hits my machine, and it's scanned again upon download (when I'm using an e-mail client) automatically, so "the bad stuff" is generally entirely gone, or relegated to the spam folder at the very least, before I ever see it.  About the only stuff that occasionally gets through is spoofed stuff that hasn't yet been identified by the filters, and the nature of the content of these messages, usually something like, "Hey, check this out!," followed by a link that I'd never follow (and usually "naked", not with click-through text), is enough to have me delete them immediately upon opening.

Shaun, I agree that viruses don't literally destroy hardware, but if they screw up your computer horribly, and the computer is old, it's not unusual for a technician to suggest replacing them.  I do.  I can't justify a customer spending far more than it would cost to buy a new computer and install the software they use (or most of it, anyway) for me to try to reconstruct a smoldering heap of an ancient system.  I have done so after telling the client that this will be far, far more expensive (and fraught, since really old hardware could die next week) than stepping up to a new system.  It's a cost-benefit decision, not an "it can't be done at all" situation.

Brian


 

I agree about unchecky, I use this all over the place.
Gives me piece of mind on my remotes also where I can't monitor things right.
According to the unchecky site there is now a security suite that its part of however the program will remain stand alone and free.

On 6/04/2016 9:16 a.m., Kevin Cussick via Groups.io wrote:
I agree, this is really a must for us blindies.

On 05/04/2016 19:46, Arianna Sepulveda wrote:
Lol I so need to get this. I remember accidentally installing the Yahoo
and Ask toolbars because I accidentally fissed a checkbox.


Thanks,
Ari

On Apr 5, 2016, at 11:16 AM, Brian Vogel <@britechguy
<mailto:@britechguy>> wrote:

Patrick Le Baudour a écrit: "What I usually do with nvda is open the
context menu on the link, type c for copy link address, then nvda+c to
tell the clipboard content."

This is the slightly slicker version of what I'd said, and at least it
avoids having to open Notepad or any other program to paste the link
from the clipboard.

Another program that I cannot recommend more highly, particularly to
avoid bundled "junkware" being installed on your computer when you're
installing something you've downloaded and want, is Unchecky
<https://unchecky.com/>. It's useful to anyone, but particularly to
the visually impaired and blind because of the loathsome practice of
bundling. I use it on my own computer just in case I miss one of
those checkboxes I should be unchecking by accident.

Brian

.


 

To extend this to what other "computer geeks" think about good Browsing (or Computing in General) Hygiene, I'm posting a direct link to a thread entitled, Windows Defender, on bleepingcomputer.com.  Although it started out as a question about Windows Defender as an antivirus program, several regulars offered some excellent advice about computing hygiene.  One of the points I hadn't given much thought is not closing down what appear to be malicious windows using the red X at the upper right corner.  This is something a screen reader user wouldn't likely have to consider often, since most I know will use ALT+F4 to close a window, but it is an interesting point that even the normal way of dismissing a window via mouse pointer can be used as the entry point for malicious software.

By the way, the poster named usasma, who is a regular and "geek extraordinaire," also happens to be visually impaired.

Brian


Antony Stone
 

Sounds interesting, but where's the link?

On Wednesday 06 April 2016 at 23:35:28, Brian Vogel wrote:

I'm posting a direct link to a thread entitled, Windows Defender, on
bleepingcomputer.com.

Antony.

--
If the human brain were so simple that we could understand it,
we'd be so simple that we couldn't.

Please reply to the list;
please *don't* CC me.


Gene
 

I didn't read the discussion but this appears to be the advice that was circulated a number of years ago that, if a program asks to install something and you think the site is malicious, telling the browser or window to close will cause it to install what it is asking you about even though you didn't give permission.  The browser should be closed from the task manager or perhaps, I'm not sure, by shutting down the computer, perhaps with an improper shutdown.  But the issue wasn't using the close icon or not.  It was that closing the browser in any standard way tells the malicious site to install the malware. 
 
If I weren't going to use the task manager to shut down the browser, I would do an improper shutdown and not take a chance on initiating a proper shutdown, unless I had researched this and knew that a proper shutdown was safe.
 
Gene

----- Original Message -----
Sent: Wednesday, April 06, 2016 4:35 PM
Subject: Re: [nvda] Good Browsing Hygiene, was: Kaspersky antivirus, how accessible?

To extend this to what other "computer geeks" think about good Browsing (or Computing in General) Hygiene, I'm posting a direct link to a thread entitled, Windows Defender, on bleepingcomputer.com.  Although it started out as a question about Windows Defender as an antivirus program, several regulars offered some excellent advice about computing hygiene.  One of the points I hadn't given much thought is not closing down what appear to be malicious windows using the red X at the upper right corner.  This is something a screen reader user wouldn't likely have to consider often, since most I know will use ALT+F4 to close a window, but it is an interesting point that even the normal way of dismissing a window via mouse pointer can be used as the entry point for malicious software.

By the way, the poster named usasma, who is a regular and "geek extraordinaire," also happens to be visually impaired.

Brian


 

Antony,

          The link is right in the original post after the word "entitled."  I always use click-through text whenever possible.

Brian, who - having in brain injury rehab - could not agree more with your signature quote


Antony Stone
 

Thanks for the info, but that link didn't come through on my copy of the
email.

Did anyone else who uses this list via email get a clickable link?


Antony.

On Thursday 07 April 2016 at 00:04:41, Brian Vogel wrote:

Antony,

The link is right in the original post after the word "entitled."
I always use click-through text whenever possible.

Brian, who - having in brain injury rehab - could not agree more with your
signature quote
--
God sent his only son into this world to be crucified.

Christian parents may wish to reflect upon this as a role model.

Please reply to the list;
please *don't* CC me.


Kwork
 

Click on the words, "Windows Defender." That brought up, for me, the forum
topic.
Travis

----- Original Message -----
From: "Antony Stone" <Antony.Stone@...>
To: <nvda@groups.io>
Sent: Wednesday, April 06, 2016 2:39 PM
Subject: Re: [nvda] Good Browsing Hygiene, was: Kaspersky antivirus, how
accessible?


Sounds interesting, but where's the link?

On Wednesday 06 April 2016 at 23:35:28, Brian Vogel wrote:

I'm posting a direct link to a thread entitled, Windows Defender, on
bleepingcomputer.com.

Antony.

--
If the human brain were so simple that we could understand it,
we'd be so simple that we couldn't.

Please reply to the list;
please *don't* CC
me.