Now select the
Security tab.
There are 4
different security zones, with each offering different
security restrictions on content. A slider can be used for
each of these to set the basic security level for that zone.
The primary zone to be concerned with is the Internet
zone as if a site isn’t listed in any of the other 3 then
the security restrictions for the Internet zone are used.
For maximum protection I’d recommend selecting the Custom
Level button (These can be used for the other 3 zones
also if desired).
Options to
consider adjusting are (Note – Some of the options listed
beneath aren’t available unless the Microsoft Java VM, .NET
Framework or Windows XP are installed):
Run components
not signed with Authenticode.
Microsoft Authenticode is designed to identify the
publisher of code & to assure end users that software has
not been tampered with before or during the download process
(For further information check
MSDN). This should
provide you some ease of mind when downloading code from the
internet as it provides a way to validate it for you, which
is more important if it’s from a lesser known source. The
following images illustrate Unsigned V Signed content to be
downloaded by IE6.
Clearly the
latter seems trustworthy, with both the Publisher of the
code being stated and verified by VeriSign. The former
features no such verification. That said, being Unsigned
doesn’t necessarily make the content untrustworthy (The
first image was for
SmartFTP, the FTP
browser I use) and as such you’d be best off setting this to
Prompt.
Run components
signed with Authenticode.
As per the description given previously, Signed content is
an indication that the code downloaded can trusted not to
maliciously harm your system & as such you should be content
enough setting this to Enable.
