In the real world, you usually have a pretty good sense of where the bad parts of town are, and how to avoid them after dark. On the Web, it’s not so easy. The most elegant-looking Web page may be a setup, a trick by sleazy hackers to install viruses on your PC.
Security zones are designed to limit the number of paths the bad guys have into your PC. They’re fairly confusing, which is why almost nobody uses them.
Under this scheme, if you have tons of time, you can place individual Web sites into different classifications (zones) according to how much you trust them. Internet Explorer refuses to download potential bad stuff (like those ActiveX plug-ins) from sites in the seedier zones. Your PC, sanitized for your protection.
For example, internal company Web sites, right there on the corporate network, are pretty unlikely to be booby-trapped with spyware and viruses (unless you have a really twisted network administrator). Such internal sites are automatically part of the low-security Local Intranet zone. If you maintain a Web site at home, it’s in that zone, too.
The rest of the Internet starts out in the very big Internet zone (medium security). As you browse, though, you can manually place sites into zones called Trusted Sites (medium security) or Restricted Sites (high security).
To see your options, choose Tools→Internet Options→Security from within Internet Explorer (Figure 14-12).
Figure 14-12. The Internet Options Security tab lets you control Internet Explorer’s security settings for browsing the Web. You can customize the settings for each zone by moving the slider up for more security, or down for less security.
And what, exactly, is meant by “Medium security” or “High security”? These settings control what can and can’t be done when you’re visiting such a site. For example, they govern whether or not you’re allowed to download files, and whether or not Internet Explorer runs embedded Web-page programs like Java applets or ActiveX controls. (Java applets are little programs that offer interactivity on Web sites, like games and interactive weather maps.)
Here’s the cheat sheet:
High security blocks all kinds of features that could conceivably be avenues for bad guys to infect your browser: ActiveX controls, Java and Java applets, and downloads.
Medium security means that whenever a Web site triggers an ActiveX control to run, you’re asked for permission. Unsigned ActiveX controls—those whose origins aren’t clear to Internet Explorer—don’t get run at all. Downloads and Java applets are OK.
Medium-Low. Same as Medium, but some ActiveX programs run without first checking with you.
Low. Runs all ActiveX controls and other little Web programs. Rarely asks you for permission for things.