The Internet is full of threats like cross-site scripting attacks and clickjacking. A lot of these attacks work by injecting scripts in web pages that you don't even know are there. You can give yourself a modicum more protection by running a Firefox plug-in called NoScript. NoScript blocks all scripts from running until you authorize them. Let me show you how it works. Go to addons.mozilla.org and search for NoScript or get it from Download.com. Intsall it like you would any add-on. Once you have it installed, look in the bottom right corner at the little S with the cross-out symbol. Clicking on it brings up a sub-menu that allows you to choose how to handle scripts on the page you're at. The safest way to go is not to allow any scripts. You'll never fall victim to code that doesn't run. But some sites won't work without scripts so, the next safest thing is to Temporarily allow only the scripts you need and or trust. A lazier and slightly less safe method is to temporarily allow all on a page. The next more convenient level, but also next less safe is to permanently allow scripts either individually or all for a page. This becomes necessary for things like your Bank's website or Google Docs where you don't want to constantly allow scripts every time you launch your browser. If you permanently allow scripts from a site, you're putting your trust in that site that it will never allow itself to be infected by a malicious script. The worst thing you can do is globally allow all scripts. You might as well not run NoScript at that point. If you have allowed a script on a page and you change your mind about it, you can always choose forbid, to start blocking it again. Running noScript means you're going to have to do a bit more thinking about pages you surf to. It was enlightening when I first started running NoScript which of my banks and utilities worked just fine without scripts and which became disabled. If nothing else, NoScript gives you more control over what risks you expose yourself to on the Net.

scripts allow noscript page running next trust safest yourself temporarily script choose start nthe pages attacks less permanently cross safe

An Internet safety study (PDF) just released by Cox Communications shows that teens may be a bit more safety conscious than previously thought. The survey, which was done by Harris Interactive, asked 655 13- to 18-year-olds about their online and cell phone behavior, specifically addressing issues of cyberbullying and sexting. The study was in partnership with the National Center for Missing & Exploited Children and "America's Most Wanted Host" John Walsh. For the purposes of the study, cyberbullying was defined as "harassment, embarrassment, or threats online or by text message," while sexting referred to "sending sexually suggestive text or e-mails with nude or nearly-nude photos." (Credit: Cox Communications Teen Online & Wireless Survey) Not surprisingly, the vast majority of teens (72 percent) have a social-networking profile, while 73 percent use cell phones and 91 percent have an e-mail address. What they know vs. what they do The study raises an interesting contradiction. 59 percent of the teens say that posting personal information or photos on public blogs or social-networking sites is either "somewhat unsafe" or "very unsafe." Only 7 percent say it's "very safe," while 34 percent say it's "somewhat safe." Yet, when asked about their own behavior, 62 percent of the kids post photos of themselves, 50 percent share their real age, 45 percent the name of their school, and 41 percent the city where they live. When it comes to more private information, only 4 percent post their address, 9 percent "places where you typically go," and 14 percent post their cell phone number. The study's executive summary explains, "Though they are aware of the risks, many teens expose personal information about themselves online anyway." That revelation appears alarming but after looking at other research about teen online risk, I actually find it reassuring. What kids say they know about online risks appears to be what adults have been telling them for years. But when you look at the real risk factors, their behavior isn't nearly as dangerous as even teens say they think it is. An in-depth and academically rigorous 2005 study from the University of New Hampshire's Crimes Against Children Research Center found that posting personal information online does not, by itself, correlate with risk. As all of the studies show, millions of kids engage in this practice and very few encounter any serious problem as a result. Let's face it, the whole premise behind sites like Facebook and MySpace is to share that type of information and despite some of the hysteria, there have been very few reported problems of young people being victimized as a result of them putting this type of information online. Of course, nothing--including attending school--is 100 percent safe, but the 34 percent who said that posting personal information online is "somewhat safe" are getting it right. Cyberbullying and sexting numbers not as bad as thought The cyberbullying numbers are also quite reassuring, especially when you compare them to some earlier studies. The summary points out that "Cyberbullying is widespread among today's teens, with over one-third having experienced it, engaged in it, or known of friends who have who have done either." But that one-third is cumulative of bullies, people who have been bullied and even people who know someone who's been bullied. The survey found that approximately 19 percent of teens say they've been cyberbullied online or via text message and that 10 percent say they've cyberbullied someone else. The largest group, 27 percent, say they have "seen or heard of a friend who was bullied" online, with 16 percent saying they've "seen or heard of a friend who's bullied others online or by cell phone. Of course any amount of bullying is unacceptable but the numbers from this survey are lower than several previous studies. There is also good news about sexting. The most widely quoted study on sexting from the National Campaign to Prevent Teen and Unplanned Pregnancy reported (PDF) that 20 percent of teens "say they have sent/posted nude or semi-nude pictures or video of themselves." But the data from the Cox survey showed that while 20 percent of teens "have engaged in sexting," that number, too, is cumulative. Only 9 percent "sent a sext," while 17 percent received one, and 3 percent forwarded a "sext." Again, that 9 percent number is too high but it's less than half the 20 percent figure commonly used. And 90 percent of the kids who sent sexts said that nothing bad happened, even though 74 percent of the kids agreed that sexting is "wrong." Twenty-three percent felt that it's OK if both parties are OK with it and only 3 percent said "there is nothing wrong with it." This survey, said Center for Safe and Responsible Internet Use Executive Director Nancy Willard, "clearly demonstrates that the overwhelming majority of young people have not engaged in risk-taking online behavior or been harmed online. Also, it appears that teens are sensitive to the potentially damaging implications of the material they post online. While the news from this survey is mostly good, there is still a significant minority of teens who are harming others, being victimized by other teens, or putting themselves at risk. That's why it's important for parents to talk with their teens about appropriate use of the Internet. Don't scare them or shut down their use, but do remind them to mind their manners, think before they post, and seek help if someone is bullying or harassing them.

percent online teens study survey post sexting information nthe risk safe kids personal themselves behavior said nude people bullied cyberbullying

When Facebook launched its latest redesign, it became evident that the company was putting a lot of emphasis on real-time information--inspired, undoubtedly, by the runaway success of Twitter. Now the company's rolled out two small but crucial new features that put instant updates even more front and center. First, Facebook is aiming to use the "publisher" tool--formerly known as the status update box--as members' gateway to the Web at large. Starting Wednesday and rolling out gradually, according to a post on the company blog, a beta version of the new content-sharing box will allow members to select exactly how public or private to make each piece of content that they share. The post by Facebook engineer Ola Okelola explained that something shared on a profile can be visible by friends, friends of friends, friends and networks (school, region, or company), user-created custom friends groups--or everyone on the Web. Facebook's probably hoping that this will spur people to share more content: if members know that sharing a video, a photo, or even a status message won't by default go out to everyone who can see their profile, they might be more likely to share things along the lines of party photos and videos of their kids. But, wait. There's more. In addition, a post on the Facebook developer blog Wednesday explained that developers can now take advantage of live-streaming status update boxes much like the one that CNN used during President Obama's inauguration this January. "With the Live Stream Box on your website, users log in using Facebook Connect and share updates that appear both within the Live Stream Box and on their Facebook profiles and in their friends' home page Streams," the post by Tom Whitnah explained. "Each post includes a link back to the Live Stream Box on your site so users can discover the live event and immediately join based on their friends' recommendations." It's intended so that people watching an event simultaneously can comment in sync on Facebook. And it's also supposed to be a no-brainer to create your own, meaning that Facebook is hoping a lot of developers and site owners will jump on this bandwagon. "The Live Stream Box is easy to install and takes just a minute to set up," the post added. "To get the Live Stream Box on your website, get a Facebook API key, upload a small file to your website, and then embed a few lines of code into your Web page." This is a move clearly aiming in the direction of Twitter, where real-time updates and discussions around events have become so commonplace that members regularly agree on a "hashtag" to flag related posts in advance of the event. (For the inauguration, for example, it was #inaug09.) The question is whether Twitter use has already become the standard for chronicling and commenting on events in real time--will enough people be willing to use Facebook widgets rather than apps built on Twitter?

facebook friends live post stream share company twitter members status event content people explain real updates website become inauguration sharing

iPhone owners who use the Web-based version of Gmail to read their e-mail have a useful new way to archive messages. Just like what's possible on the iPhone's native e-mail client, mobile Gmail users can now swipe their finger across any message (either from the left or the right) to bring up the option to archive it. This is honestly no faster than selecting messages using the recently introduced "floaty bar," but it's really neat to see another Web app make use of gestures that users are now comfortable doing on their phones. PopCap, the makers of several popular iPhone games, did something similar prior to the iPhone SDK by letting users swipe their fingers across sets of gem stones in a browser-based version of its game Bejewled--a title that was later released as a native application. iPhone users can now swipe their finger in the Web version of Gmail to archive mail.(Credit: CNET) In addition to the swipe to archive feature, this JavaScript-heavy version of Gmail mobile has been rolled out to English-speaking users in India and the United Kingdom. Users accessing other localizations will see the older version of Gmail which does not have as many features. Gmail remains a Web app on the iPhone and iPod Touch, outside of access to it through Apple's native mail client. Google has chosen to focus its development on the mobile browser version, since the company can maintain compatibility on other platforms like Android. More recent features like the aforementioned floaty bar, have been released to both simultaneously, however the swipe to archive remains an iPhone-only feature for now.

swipe gmail users version archive iphone mobile mail native features across client feature floaty remains releas finger base messages browser

The HTC Hero phone will have Flash support built in.(Credit: HTC) Marking a departure from the world of iPhone, HTC's new Android-based Hero phone will also come with the ability to handle Flash elements that adorn many Web sites and power YouTube video. Adobe Systems announced on Wednesday that its Flash Player will be built into the HTC phone, an important step in the company's efforts to spread Flash to mobile phones. The phone, one of several from HTC to use Google's open-source operating system, is scheduled to ship in Europe starting in July and in Asia and North America later in the year. However, the initial version won't match Flash Player 10, the current version for PCs, which can run programs written with ActionScript 3. Instead, the Android version will handle ActionScript 2 applications written for Flash Player 9 chores, Adobe said. HTC is participating in the Open Screen Project to bring Flash Player 10 to mobile phones through over-the-air updates, though, so Adobe expects fuller Flash support eventually. "Flash Player 10 for mobile platforms that include Android is expected to be available in the first half of 2010. We are working on delivering a beta of Flash Player 10 in the fourth quarter of 2009," the company said in a statement. The Flash support will be built into the phone and not available as a download for other Android phone users, Adobe said. Just having a check mark in a feature list isn't enough to outflank a competitor, but Flash is a significant feature on the Web. It powers many games, streaming videos, and dynamic stock charts, and other elaborate features on Web pages. And Flash is also used for many more dynamic advertisements. Adobe demonstrated Flash on Android in an online video Wednesday, showing off the technology for watching a trailer at Yahoo Movies, playing the Penguin Swing game, and selecting a region on travel site Expedia. Double-clicking on the Flash element on the Web page runs it full screen. Apple's iPhone doesn't run Flash, though Adobe would like to see it there and has been developing a version. "We are developing Flash player for the iPhone. To release software on the iPhone requires Apple's agreement. We have to make it work great, and need to get their agreement to have it released," said Adobe chief technology officer Kevin Lynch in a 2008 interview. "We would love to see Flash on the iPhone."

flash player phone adobe android iphone version said support built mobile hero video feature developing screen handle dynamic actionscript company

Android and iPhone developers looking for an extra source of revenue will soon have an advertising option, sponsored by Google. Google's AdSense program--in which it sells and distributes ads to third-party publishers--is coming to mobile devices as a beta program, the company announced Wednesday. A small group of developers have been testing this program but now anyone can apply, said Susan Wojcicki, vice president of product management, in a blog post. Mobile apps are one of the hottest topics in software development these days, as Apple's App Store continues to grow and other developers roll out their own app stores in response. Plenty of money is being made simply on the sales of the applications themselves, but additional revenue streams are starting to emerge, such as Apple's addition of in-app purchases with the release of iPhone OS 3.0. Google, naturally, would like to get in on the action. There are other companies offering this kind of service, such as AdMob's strong presence in iPhone apps, but Google is an advertising freight train. Still, AdSense growth has slowed this year amid a plunge in advertising spending around the world, and moving into mobile provides additional room for the company to grow. Last year Google offered AdSense for games, another step outside its usual comfort zone. There are a few catches if you want to participate in the beta. Your application must generate 100,000 page views a day, and it must be free. Google is taking applications here.

google adsense developers iphone program company apps advertising mobile ngoogle additional year applications apple revenue must beta grow starting offer

Not a particularly surprising move: LinkedIn president Jeff Weiner has taken over as CEO of the company, according to an announcement Wednesday from the business networking site. Weiner, a former executive vice president at Yahoo, joined the company in January after then-CEO Dan Nye stepped down in December and founder Reid Hoffman took over as interim CEO. Hoffman will remain executive chairman of the company. "LinkedIn was founded to harness the power of the Internet to create a tool that would help individuals become more effective and successful professionals," Hoffman said in a release. "Over the past six months, Jeff has done an exceptional job leading the company and I look forward to continuing the work that we have begun together." LinkedIn now has over 42 million members, the company said, and hopes to be profitable this year for the second year in a row; it makes money not only from ads, but from premium subscriptions and "corporate solutions." The company was aiming for a billion-dollar valuation just around a year ago when it raised a $53 million Series D funding round. Hoffman has gone on the record saying that he hopes LinkedIn will eventually go public.

company linkedin hoffman president year hopes executive jeff said million professionals funding profitable money round nnot become exceptional announcement effective

The new version of AIM notifies you when a new instant message arrives. Good news on the IM front: AIM (Free Edition) and BeejiveIM 3.0 are among the first instant-messaging apps to support push notification, meaning you'll get alerted to new messages even when the apps aren't running. If that sounds a bit familiar, it's because we reported on AIM's use in push-notification stress-testing about a week ago. It also follows the news that uberpopular texting app TextFree was first out of the SMS gate with push support, allowing users to get new-message notifications while the iPhone is off or doing other things. AIM offers a fairly robust feature set for a free app. It supports multiple screen names and works with AOL, ICQ, .Mac, and MobileMe accounts. It keeps you logged in for 24 hours and gives you the option of receiving notifications via SMS for those times when you're logged out. I particularly like how you can finger-swipe between different chats. Of course, those features have been around for a while. The big news here is push, and in my tests it worked flawlessly. I haven't been able to test BeejiveIM 3.0 yet, which is notable for its cross-platform support of AIM/MobileMe, Facebook, GTalk, MSN, Yahoo, and just about every other chat service known to man. Thankfully, the developer lowered the $15.99 price tag, though it's still on the pricey side at $9.99. Of course, when you take into account the money you stand to save on SMS charges, that might just be the deal of the century. Are you geeked about push-enabled IM? If so, what's your favorite app? (Feel free to list those that haven't received the push treatment just yet.)

push free support instant news beejiveim apps messaging notification haven log mobileme message notifications option iphone ngood able screen feature

Updated at 3:30 PM with a note on Digsby's methodology. Ctrl+F gives you the search bar to summon Web search and contacts.(Credit: CNET/Screenshot by Jessica Dolcourt) Rising-star all-in-one IM app Digsby received an update to its beta on Wednesday, officially announcing feature additions that Digsby tested in an earlier alpha release we had reported on in April. A boost to performance power reduces Digsby's CPU usage by 50 percent, the company said. That makes it a whopping 20 percent more efficient than Digsby claimed it was in April's alpha test. (Read note below.) Avid users can thank some back-end work with a coding language update and a move to a new compiler for this reduction in resources. On the usability side, Digsby is sporting the new and enhanced features we saw in the alpha test. The best is a hidden search bar that pops up when you press Ctrl + F. In addition to summoning buddies when you type their names, it can also conduct Web searches on Google, Wikipedia, Twitter, Facebook, Amazon, iTunes, and YouTube. This Web search aspect differentiates Digsby's search from those employed in other IM clients. Digsby has added an option that will automatically keep new IM windows from popping up by default, instead letting the unread messages blink in the tray. In the message window, the company has added four additional emoticon packs, which you can enable one at a time via the Preferences menu (click "Conversations" and "Enable emoticons" next.) The new beta build also lets you update your MySpace status. This rounds out its update services to top social networks--Twitter, Facebook, and LinkedIn have long been supported. Digsby also improves the stability for file transfers for Windows Live Messenger (MSN), AIM, and ICQ, and can now give you an 'invisible' presence in Google Talk. For those who have kept Digsby at arm's length until now, the faster, less demanding version of this app sweetens the deal. With instant messaging, social networking, e-mail access, and skin customizations under its belt, it's a must-try chat app for IM aficionados. Note: Digsby shared a real-world methodology they used to arrive at the 50 percent CPU drop between betas. In a development environment, they installed the two versions of the Digsby IM client in two different locations, logging into the same account on both instances. Then they switched on the individual protocols that let you log in from more than one location--AIM, Google Talk, Facebook Chat, e-mail protocols, and Facebook, LinkedIn, and Twitter. Both ran for 24 hours to compare the CPU strain as buddies signed on and off, and as e-mails and notices poured in. Since Digsby only allows one version of itself to launch at a time, this was not something we tested.

digsby search update test alpha beta facebook boost company april windows percent google ad social twitter enable arms reduction instant

Boxee, the open-source software platform that combines Internet media with personal content, announced a slew of updates Tuesday. Most notably, the company announced that it has made Boxee publicly available to Windows users. The public alpha version of Boxee for Windows will work with Windows XP, Windows Vista, and Windows 7. Users will also be able to run it on Windows Media Center, making it possible to bring Boxee to HDTVs through Microsoft's platform. A beta release of the software should be made available later this year. MLB comes to Boxee Boxee has also inked a deal with Major League Baseball that will bring MLB.tv Premium to the platform. According to the company, Boxee users will be able to watch "thousands of baseball games, live and on-demand in HD." Users will be able to pause and rewind a live game. But in order for them to access those games, they will need to sign up for the MLB.tv Premium service, which costs $89.95 per year or $19.95 per month. Even more content Since Digg has a popular video section, it only makes sense that Boxee would sign a deal with the social-news site to bring its videos to the platform. According to Boxee, users will now be able to watch Digg's most popular videos, as well as upcoming clips. Users will soon be able to Digg videos from within Boxee, but that feature is currently not available. Boxee also signed on with Tumblr to give that site's users the option to stream music and slideshows to Boxee. The company said more Tumblr features are on the way, but it wouldn't divulge what those are. As if that's not enough, Boxee also announced that Current TV shows are now available on the platform. Current is home to popular shows, including The Rotten Tomatoes Show, InfoMania, and SuperNews. New navigation Since Boxee has made so many content enhancements, the company apparently had to improve its user interface. Boxee now features two new categories: Applications and Local Media. The Applications menu will feature all the Internet content available for the platform. The Local Media menu lists content from the user's computer and local network.

boxee windows users platform content able media company deal videos local popular digg sign nboxee announc bring user games tumblr