Take Control of Security for Mac Users, Chapter 8: Surf the Web Safely
The Web is perhaps your Mac’s most obvious gateway to the outside world, and as a result, it’s one of the best places to find people and software that present threats to your security. Even though you’ve secured your Wi-Fi connection, selected good security settings, and chosen strong passwords, a brief visit to a malicious Web site can cause all sorts of harm to your Mac. In this chapter, I review several keys to safer Web browsing, including using SSL when possible, making sure your browser uses appropriate settings, and using a combination of common sense and technology to avoid phishing attempts and Web-borne malware.
In the discussion of WebGL, you tell users how to disable this technology in several browsers, including Chrome. Chrome takes one more step as it continues to display "Disable" until the browser is restarted; it is not immediately disabled.
Thanks for the clarification. I'll be sure to take another look as I polish the book for publication.
Another tweak, regarding Java Script: should probably read: "Preferences > Security and deselect Enable JavaScript.
Chrome: Go to Chrome > Preferences > Show Advanced Settings > PRIVACY > Content Settings and select Do Not Any Site to Run JavaScript"
I'll specify that it's under the Privacy heading, but we only use the > notation for something you can click, like a submenu, tab, or list item.
You mention SSL a few times but I believe that not only has the SSL protocol been superseded by TLS but even the name of the former has been subsumed by the latter. Though this might be more detail than you want to address here, my understanding is that the whole POODLE security issue was due to legacy support for SSL when we should all be using TLS.
I still say SSL all the time when I mean TLS :-)
We struggle with this all the time too, since yes, SSL has largely been replaced by TLS, but SSL is by far the more recognized name so we tend to use it when talking fairly generally, and go into the specifics of TLS only when the technical details matter.
http://en.wikipedia.org/wiki/Transport_Layer_Security