Eric Vanderburg Every once in a while, a web site will try to convince you to change your security settings. I was looking for blinds the other day and I found a web site that had a great deal. When I tried to customize the blinds, I was presented with this web page informing me that I needed to modify my cookie settings for first and third-party cookies in order for the site to work. I tried the site in a few browsers and this page came up each time I tried to modify my selection. This should be a red flag to leave the site immediately. It doesn’t really matter what the reason is, possibly outdated code or incorrect security settings. Either way, changing your security settings can make your machine vulnerable to attack. I’ll leave the name of the company out but here is a screenshot of the page. I sent the company an email about this four days ago but I have not received a response. Here is a copy of the email I sent them. I have to tell you that I am extremely displeased with your web site. I wanted to get a quote for blinds from you but I was presented with a page that requested I modify my browser security settings. I tried it on Firefox and IE on my PC and neither worked so I tried it Firefox and Safari on my mac and it still did not work with my settings. There is a reason why computers block the content you have on your site and that is because it is a security risk. For you to force people to modify their security settings to use your site makes all your customers unsafe and I think it is very reprehensible. It opens them up to an attack or loss of privacy from future sites they may visit even if your own site has no malicious intent. I would strongly encourage you to update your site so that it does not require this feature. You are doing a disservice to your customers. Sincerely, Eric Vanderburg Don’t let a site intimidate you into changing your browser security settings just to use the site. It may look like a good deal but there could be some “hidden fees” such as personal information harvesting. Just go to another site instead. Companies, protect company data and your employees by enforcing browser security controls through group policies. This way users will not be able to modify their browser security even if a web site tries to convince them to make a change.
Eric Vanderburg understands the intricacies inherent in today’s technology and specializes in harnessing its potential and securing its weaknesses. He holds over twenty-five IT and infosec certifications and has dedicated much of his career to designing and implementing systems to enhance security, increase productivity, improve communications and provide information assurance.