For Trojan Horse exposure, Web browsers are a class by themselves. There are many ways that simply clicking a hyperlink can download and run a program on your system with your full capabilities. This is one of the true battlegrounds between security and a world of cosmopolitan interconnectivity. The two active Web page elements are prime centers of attention: Java and ActiveX. Both are programs that load from a Web page and run on your system. Their whole purpose is to do this automatically and invisibly. Because Java is an interpreted language, it can implement a security policy that can restrict Java programs, or "applets." For example, you might buy a security-aware browser with a security policy that lets you contain Java programs to reading and writing into a certain directory tree. These restrictions are sometimes called the "sandbox" and they are an important and effective constraint when properly implemented and consistently used. ActiveX is a different story. These programs (called "controls") cannot be contained because they run as a regular executable program on your system. Microsoft is pioneering an encryption scheme called Authenticode that lets your browser assure that a control is properly "signed" by its creating company and untampered en route to your system. This is an excellent idea, but it doesn’t stop the programs from being malicious. It does give you a good idea of whom to blame! Authenticode is also being engineered to protect Java applets, and the resulting Authenticoded sandbox is what networking security should be. It’s hard to formulate bottom-line advice in a world as wide as the Web, but you’d be wise to let no account with any degree of administrative capability run a Web browser – ever. If the user of such an account needs Web access, let them do so in an unprivileged account (although this can still bring malicious code onto your system). Educate your users on the dangers of Web-based Trojan Horses, and buy all the firewall proxy scanners your budget allows (more below).