1. Web Browser Basics, Tips, & TricksMark S. ZinzowSlideshare.net/msz

2. Recognize any of these icons?What do they have in common? 3. How many web browsers are there?SRWare IronPaleMoon.org 4. Why pick one over another?Speed, Safety, Standards Compliantw3.orghttp://securitywatch.pcmag.com/web-browsers/325447-are-you-using-the-most-secure-web-browser 5. Web Browser Jargon: WWW, HTML, URL, etc.The Internet depends on a great deal of technicaldetail to work. Understanding a few basic termswill help, but many of them are inter-related to manyother bits of jargon.Please bear with me as I show you some rigorousdefinitions in order to highlight useful parts to know,and talk about what web browsers actually do. 6. What is a Web Browser?A web browser (commonly referred to as a browser) isa software application for retrieving, presenting andtraversing information resources on the World WideWeb. An information resource is identified by aR Uniform Reessoouurrccee IIddeennttiiffiieerr ((UURRII//UURRLL)) and may bea web page, image, video or other piece of content.[1]Hyperlinks present in resources enable users easily tonavigate their browsers to related resources.http://en.wikipedia.org/wiki/Web_browserhttp://en.wikipedia.org/wiki/World_Wide_Web 7. What is a URL?A uniform resource locator (abbreviated URL;also known as a web address, particularlywhen used with HTTP) is a specific characterstring that constitutes a reference to aresource. Most web browsers display theURL of a web page above the page in anaddress bar. A URL is a form of a uniform resource identifier (URI).This definition can be found at this URL:http://en.wikipedia.org/wiki/Uniform_resource_locator 8. How does a URL work?A uniform resource name (URN) functions like a person'sname, while a uniform resource locator (URL) resemblesthat person's street address. In other words: the URNdefines an item's identity, while the URL provides a methodfor finding it.http://en.wikipedia.org/wiki/Uniform_resource_identifierThe URI syntax consists of a URI scheme name (such as"http", "ftp", "mailto", "crid" or "file") followed by a coloncharacter, and then by a scheme-specific part.http://en.wikipedia.org/wiki/Uniform_resource_identifier 9. What are the parts of a URL? (1)scheme://domain:port/path?query_string#fragment_idThe scheme, often referred to as protocol, defines how the resource will be obtained. Examplesinclude http, https, ftp, file and many others. Although schemes are case-insensitive, the canonical formis lowercase.The domain name or literal numeric IP address gives the destination location for the URL. A literalnumeric IPv6 address may be given, but must be enclosed in [ ] e.g. [db8:0cec::99:123a].The domain google.com, or its numeric IP address 173.194.34.5, is the address of Google's website.The domain name portion of a URL is not case sensitive since DNS ignores case:http://en.example.org/ and HTTP://EN.EXAMPLE.ORG/ both open the same page.The port number, given in decimal, is optional; if omitted, the default for the scheme is used.For example, http://vnc.example.com:5800 connects to port 5800 of vnc.example.com, which may beappropriate for a VNC remote control session. If the port number is omitted for an http: URL, thebrowser will connect on port 80, the default HTTP port. The default port for an https: request is 443. 10. What are the parts of a URL? (2)protocol://domain:port/path?query_string#fragment_idThe path is used to specify and perhaps find the resource requested. It is case-sensitive,[13] though it may be treated as case-insensitive by some servers, especially those basedon Microsoft Windows.If the server is case sensitive and http://en.example.org/wiki/URL is correct, thenhttp://en.example.org/WIKI/URL or http://en.example.org/wiki/url will display an HTTP 404error page, unless these URLs point to valid resources themselves.The query string contains data to be passed to software running on the server. It maycontain name/value pairs separated by ampersands, for example?first_name=John&last_name=Doe.The fragment identifier, if present, specifies a part or a position within the overall resourceor document.When used with HTML, it usually specifies a section or location within the page, and used incombination with Anchor Tags the browser is scrolled to display that part of the page.http://en.wikipedia.org/wiki/Uniform_resource_locator 11. Examples using URL partsQuery String: https://www.google.com/search?q=urlftp://username:password@hostname/dir/dir/file.extFragment Identifier:http://www.w3.org/TR/REC-html40/intro/intro.html#h-2.1.2 12. Example uses for different protocols https: for secure encrypted connections to banks, or privateinformation. About: to display information and access (sometimes obscure)settings of your web browser. File: to access a local or network file. Javascript: execute javascript program code. http: Your average ordinary web page.For a complete list see: http://en.wikipedia.org/wiki/URI_scheme 13. https: Secure Encrypted connectionsTransport Layer Security (TLS) and itspredecessor, Secure Sockets Layer (SSL), arecryptographic protocols designed to providecommunication security over the Internet.[1] Theyuse X.509 certificates and hence asymmetriccryptography to authenticate the counterparty withwhom they are communicating, and to exchange asymmetric key. This session key is then used toencrypt data flowing between the parties. Thisallows for data/message confidentiality, andmessage authentication codes for messageintegrity and as a by-product, messageauthentication.http://en.wikipedia.org/wiki/Transport_Layer_Security 14. About: Display Information and Settingsabout:about:config 15. About: Display Information and Settingschrome://aboutchrome://settings 16. File: Access a Local or Network File 17. Javascript: Execute Program Codejavascript:alert('Hello World!');javascript:alert(Math.PI);http://www.landofcode.com/web-development-how-to/javascript-address-bar.php 18. More fun with JavascriptWikiHow: How to Use JavaScript Injectionshttp://www.wikihow.com/Use-JavaScript-InjectionsBookmarklets: http://dmcritchie.mvps.org/ie/bookmarklets.htmLearn Javascript - W3Schools: http://www.w3schools.com/js/The Beginners Guide to Greasemonkey User Scripts in Firefoxhttp://www.howtogeek.com/howto/16470/replace-extensions-with-user-scripts-in-firefox/Chickenfoot 1.0.8 Web Automation & Customization (not supported)https://github.com/bolinfest/chickenfoot/downloadshttps://www.youtube.com/watch?v=5wXWMuYM37sJavascript:void(document.bgColor="LightSkyBlue") 19. More fun with Javascript, etc.http://bolinfest.com/javascript/misunderstood.htmlThis book is not designed to teach you JavaScript, but it does recognize that you are likelyto have taught yourself JavaScript and that there are some key concepts that you may havemissed along the way.Source for Greasemonkey etc. scripts: https://greasyfork.org/Contemporary Open Source Web Automation SoftwareSelenium 2.0 WebDriver How to Configure Selenium Webdriver in Eclipse and executesome simple test script.http://www.softwaretestingclub.com/profiles/blogs/selenium-2-0-webdriver-how-to-configure-selenium-webdriver-inMozilla Webmaker Tools, including X-Ray Goggles (see how the webworks), Thimble, Popcorn Maker, and Appmaker.https://webmaker.org/tools https://goggles.webmaker.org/en-US 20. Cookies 21. What does a Cookie Look Like?javascript:alert(document.cookie);Note: We can use a javascript urlto quickly view a cookieassociated with any webpage.Google Chrome does not let youpaste a javascript URL directly,but you can bookmark the scriptfor easier execution!Why do you supposeWeather.com stores more thanjust your zip code? 22. Cookie ConcernsSnowden says the NSA uses QuantumCookies to ID Tor users.A corrupt or invalid cookie can prevent access to a web site.This slideshow is a nice introduction to Cookie issues:http://www.slideshare.net/iamit/cookies-and-browser-exploitsCross-Site Scripting (XSS) is a type of computer security vulnerabilitytypically found in Web applications. XSS enables attackers to injectclient-side script into Web pages viewed by other users. [By stealingsession cookies!]BEAST (Browser Exploit Against SSL/TLS), CRIME, BREACH, etc. 23. Understanding XSS Videohttp://www.secure-abap.de/wiki/MoviesCross Site Scripting -Lesson 1Attack CodeExample:Clickhere! 24. Privacy 25. Do NotTrackhttp://allaboutdnt.com/ 26. PrivateSearching?5 Alternative Search Engines That Respect Your Privacyhttp://www.howtogeek.com/113513/Most Well Known Do Not Track Searchhttp://duckduckgo.com/Like a Proxy Google anonymized searchhttps://www.startpage.com/Multi-Engine: https://ixquick.com/http://www.privatesearchengine.com/ -->Blekko deletes personally identifiableinformation within 48 hours.http://blekko.com/ 27. Firefox & Chrome add onanonymox.netFree Proxy supportingmany Countries.hola.org 28. Safe BrowsingAds and toolbars are the scum and villainy of the browser worldEric Geier, PCWorldHow to clean and secure your browser like a prohttp://preview.tinyurl.com/pk64bvpSince no antivirus program can catch all the millions of infections, use a secondary scannersuch as Ad-Aware, Malwarebytes, Spybot Search & Destroy, or SuperAntiSpyware. Thescans may detect additional adware, viruses, and other malware. With luck, your antimalwareutilities can eliminate unwanted ads, browser toolbars, and browser-hijacking malware in onego.http://www.techsupportalert.com/best-free-browser-protection-utility.htmhttp://www.sandboxie.com/Run programs in a sandbox to prevent rogue software, unwanted programs, spyware,viruses, worms, and other malware from making permanent changes to your machine.Surfing Protection Extensions? How to pick one that is trustworthy and unobtrusive? 29. Browser HijackingHow to Avoid Installing Junk Programs When Downloading Free Softwarehttp://www.howtogeek.com/168691/How to Fix Browser Settings Changed By Malware or Other Programshttp://www.howtogeek.com/172141/Why We Hate Recommending Software Downloads To Our Readershttp://www.howtogeek.com/189176/The Shameful Saga of Uninstalling the Terrible Ask Toolbarhttp://www.howtogeek.com/138516/Avoid Javas Ask Toolbar Installations With This One Weird Registry Hackhttp://www.howtogeek.com/198240/ 30. Avoid Javas Ask Toolbar InstallationsWith This One Weird Registry Hackhttp://www.howtogeek.com/198240/ 31. Try Ninite.com for toolbar/junk free updates 32. More on Cleaning a Hijacked Browserhttp://chrome.blogspot.com/2014/01/clean-up-your-hijacked-settings.html 33. Reset SwitchGoogle Chrome - Look at theend of Advanced SettingsFirefox - about:support or Help,Troubleshooting Information 34. Safe Mode StartHow to start Firefox in Safe ModeClick the menu button , click help and select Restart with Add-ons Disabled.... Firefox willstart up with the Firefox Safe Mode dialog.Note: You can also start Firefox in Safe Mode by holding down the shift key while starting Firefox.https://support.mozilla.org/en-US/kb/troubleshoot-firefox-issues-using-safe-modeGoogle Chrome has similar features:http://www.chromium.org/developers/how-tos/run-chromium-with-flags 35. Choose, Protect, and Store Secure PasswordsWhy You Should Use a Password Manager and How to Get Startedhttp://www.howtogeek.com/141500/https://lastpass.com/Securely Store Your Passwords with KeePasshttp://www.howtogeek.com/howto/4962/http://www.wikihow.com/Choose-a-Secure-PasswordHow to Prevent People From Viewing Your Browsers SavedPasswords: http://www.howtogeek.com/169986/How Secure are Your Saved Chrome Browser Passwords?www.howtogeek.com/70146/http://www.RoboForm.com/Ask How-To Geek: Whats Wrong With Writing Down Your Password?www.howtogeek.com/howto/31259/ 36. System Resource Use & PerformanceMost systems have a tool to monitor processes andperformance. In Windows it is the Task Manager which Ilike to launch with the keyboard shortcut Ctrl-Shift-ESC.Notice how Firefox uses the mostmemory by far than any otherprocess, followed by Google Chromeas a close second. Multiple tabs, toomany extensions, pages with lots ofscripts, multimedia, and memoryleaks can make this problem worse,eventually slowing down your systemuntil you restart your browsers. 37. Memory use of browsersClosing Firefoxand GoogleChrome droppedmemory use from5.25Gb to 2.86Gbin this example.Restarting thembrought memoryusage back up to3.49Gb. 38. Checking Google Chrome Memory UseBecause Chrome creates a separate process for each tab, you cannot easily see the totalusage. Typing about:memory in the address bar will take you to a report with totals. 39. Firefox about:memory tools 40. Lots More Tips & Tricks50 tips and tricks for Chrome power usershttp://www.infoworld.com/article/2610416/15 Coolest Firefox Tricks Everhttp://www.lifehack.org/articles/technology/15-coolest-firefox-tricks-ever.html28 Coolest Firefox About:Config Trickshttp://www.maketecheasier.com/28-coolest-firefox-aboutconfig-tricks/The Best About:Config Tweaks That Make Firefox Betterhttp://lifehacker.com/the-best-about-config-tweaks-that-make-firefox-better-1442137111 41. Keyboard Shortcuts47 Keyboard Shortcuts That Work in All Web Browserswww.howtogeek.com/114518/Google Chrome Cheat Sheethttp://chromecheat.blogspot.com/2008/09/google-chrome-shortcuts.htmlKeyboard shortcuts - Perform common Firefox tasks quicklyhttps://support.mozilla.org/en-US/kb/keyboard-shortcuts-perform-firefox-tasks-quicklyTop 10 Web Browser Keyboard Shortcutshttp://www.curtisjohnstone.com/?p=243 42. Keyboard Shortcuts CTRL+F5 forces the browser to re-fetch the page from the server. CTRL+SHIT+DELETE brings up a form to allow you to delete the cache. CTRL+H brings up your browsing history CTRL+J brings up your download history (Great to see where it is!) CTRL+F4 closes your browser window CTRL+W closes the current tab F11 toggles between full-screen and the regular view CTRL+TAB switches to the next tab CTRL + (click hyperlink) opens the link in a new tab in the background CTRL+SHIFT+P (IE & Firefox) opens a new window in private (akaIncognito) mode, CTRL+SHIFT+N (Chrome) CTRL+ + / - / 0 Zoom in / out / reset zoom CTRL + U view page source CTRL + N / T New Window / New Tab CTRL + F find in page search CTRL + B toggle Bookmark search bar (Firefox) 43. Always update your software from the manufactures website and never download softwarefrom CNET, Softonic or Brothersoft, its always bundled with a form of malware.http://www.fixyourbrowser.com/how-to/how-did-malware-infect-my-computer/How to Bypass and Reset the Password on Every Operating Systemwww.howtogeek.com/192825/Note your system password is not adequate to protect your browser saved passwords.Did you know that for Google Chrome to stay updated and current, you dont need GoogleInstaller and Google Update and other services like them to start up? Ive disabled thoseapplications and services from starting up, and Google Chrome continues to remain updated.http://www.makeuseof.com/tag/make-windows-start-faster-10-non-essential-startup-items-can-safely-remove/Guide to Most Useful Bookmarklets for Chrome, Firefox, Safari, etc.http://www.labnol.org/internet/guide-to-useful-bookmarklets/7931/ 44. VPN Virtual Private Network10 Reasons to Use a VPN for Private Web Browsinghttp://netforbeginners.about.com/od/readerpicks/tp/Reasons-to-Use-a-VPN-Service.htmWhy You Should Start Using a VPN (and How to Choose theBest One for Your Needs)http://lifehacker.com/5940565/ 45. Run Android Apps in your BrowserHow to Run Android Apps Inside Chromeon Any Desktop Operating Systemhttp://lifehacker.com/1637564101/How to Run (Some) Android Apps In Your Chrome Browserhttp://www.pcmag.com/article2/0,2817,2469232,00.asp 46. Questions, Comments? What are your favorite browser features, extensions, tips ortricks? What do you use for surfing protection? What would you like to see demonstrated?