EDIT1: With safest I mean fully functioning for the average Joe/Jane. Everybody knows that pure text based browsers are the safest, followed by browsers which are lumped/degarded by disabling dynamic code options (some browsers are so badly designed they need to be crippled to use safely ). EDIT2: Let's hope Sully implements some of these in PGS version 2 EDIT3: Install Keyscrambler free first before applying these tweaks EDIT4: Vista and Windows7 users only have to apply tweaks on first 3 posts (XP also apply tweak of post 10) It is simple What does it do? When SWITCH_BLOCK_ON a) It does not allow Internet Explorer to Download files (Attachements) with a risk indication of high, see microsoft http://support.microsoft.com/kb/883260 (it is the list which starts with .ADE). b) It blocks execution of these files by Explorer. You can remove this restriction by right clicking the file, select properties, click the general tab (see picture) When SWITCH_BLOCK_OFF This is the defualt situation (before tweak) a) You will be warned when downloading a file (default situation, unless you have changed the regular file download warning setting yourself, this is the default/standard setting) by Internet Explorer b) You will be warned when executing a file by Explorer which comes from the internet zone. Usage instructions 1. Works from IE6 and higher 2. You have to exit/start IE before policy is activated 3. Download attached text files and change extention from txt ro reg SWITCH_BLOCK_ON.reg (was downloaded SWITCH_BLOCK_ON.txt) SWITCH_BLOCK_OFF.reg (was downloaded SWITCH_BLOCK_OFF.txt) 4. You have to run these reg files from ADMIN space (somewhere in C:\Windows or Program FIles) when you use Software restriction Policies (or use PGS to implement on home versions).