Shuroki Online

Theres been a lot of talk in the media about how insecure Microsoft Internet Explorer is. Well, its all completely true — and actually worse.

Of course, this is true of Windows in general, which is why a lot of geeks like me run Linux, Macintosh, or other computer Operating Systems. However, this can be difficult, especially in a household without a full time tech support guru – or one addicted to a lot of Windows-only software; like Quicken, Turbo Tax, and many of the newer games.

Luckily there is a compromise. There has been a lot of Open Source software that originated in the Linux world that has made its way to Windows.

The most famous of these cross-overs is Mozilla.

Mozilla used to be (and still actually is) Netscape Navigator. You see, before Netscape totally lost the browser wars, they “”open sourced”", meaning that they made all of their code free to the world, and created a non-profit organization to shepard its further development.

Theres about a dozen dedicated Mozilla developers on the payroll, and another dozen at companies like IBM, Oracle, and Novell. In addition to this core are hundreds of programs who contribute their time on the side, apart from their day jobs.

Once Mozilla hits a certain milestone, Netscape (now owned by AOL) brings the code back inside, puts their branding and extentions all over it, and releases it as the next major release of Navigator.

The great thing about using Mozilla (and the new off-shoot, Firefox) is that it is free of all of that branding, which adds to the size and “”bloat”" of Netscape, as well as giving you the benefit of newer features that havent made their way into Netscape yet.

Here is a brief listing of some of the free software alternatives used at my house to keep all of the computers safe..

Pop-up blocker/Browser:
Mozilla Firefox. Blocks pop-ups, is very fast in loading and displaying pages, has excellent integration with Google (and most other search engines), tabbed browsing, and is very secure. There was a flaw found last week, but its the first one in the wild, and was squished within hours – PLUS you had to click on a confirmation button to allow the exploit to do any damage in the first place.

Once youve installed Suns java runtime and Macromedia Flash (you may want Macromedia Shockwave, if you like to play games, as well), there are few sites that dont show up correctly. And for those that dont work quite right, theres a cool little plug-in that lets you click on a button and open that specific site in Internet Explorer – pretty neat.

Spam block/E-mail:
Mozilla Thunderbird. All of the features of Outlook Express without all the virus vulnerabilities. Built-in spam filering that uses Baysian filtering to learn as it goes. It will import all of your addresses and e-mails from many major pop3/imap mail clients (Outlook, Outlook Express, Eudora, Pegasus, etc.)

Note: You could use the all-in-one Mozilla browser, instead of installing Firefox and Thunderbird separately, but I like the idea of smaller tools that do specific things. They allow you to upgrade the components individually, and offer memory separation so that if one should crash, the other wont be taken down.

Adware/Spy tools:
Spybot Search & Destroy. Completely free, frequently updated, easy to use, and very efficient.

Anti-Virus:
AVG from Grisoft. Its free and very well updated. Ive had my mom using it for the last couple years without any problems and Ive used it on my computers for a year without any problems.

Firewall:
Its been awhile since Ive used any personal firewall software, since I run a separate hardware firewall fulltime. The last program I used to any degree is ZoneAlarm. Ive also heard good results with TinyFirewall however its no longer free.

A great exercise, if you have the spare hardware, is to build your own stand-alone firewall. All you need is a 486 or Pentium with 16MB RAM, a floppy drive, and two network cards. Thats it.

Also, the D-Link, 3-Com, and Netgear cable/DSL/router/firewall boxes do a pretty good job of basic firewalling. If you have one of these, with some security tweaks, it should really be all you need. Firewalls are like car alarms. They dont protect a 100%, no matter how much you pay for them, and even the cheapest/worst working one will cause 95% of bad guys to move away from you and look for an easier target.

Another word on spam:
There are two other very worthwhile products to try. One is called Spam Pal, and one is Spam Assassin. Spam Pal is definitely easier to use, but not quite as thorough. They both act as intermediaries between your e-mail client program and external mail servers, filtering all e-mail for spam.

I ran Spam Pal for about a year and really liked it. It took me from 60-80 spams a day to only a dozen. What it does is query the Real-time Black Hole lists, and other spam watching lists for known offenders. Anything coming from a known bad address (either IP address, or e-mail address), or having certain header signatures, gets tossed. This leaves a lot of room for spam to get through, but its quite effective. Especially if you tend to only check your e-mail every few days. Its a windows-only program that is very easy to set up and runs as a system tray icon. I only stopped using it, because I made the jump to Spam Assassin.

Ive been running SpamAssissin for the last six months and it is incredible. It took me down from the dozen of spams a day I received after SpamPal got done looking at my messages, to just a handful a week! In testing with and without Spam Pal, there were very few spams that SA missed that SP nabbed, so I ultimately dropped SpamPal all together. Spam Assassin is a huge chore to set up and teach, however. It would likely be an all-day peoject to install, and takes several weeks to teach before you start getting the big rewards.

You see, you give it samples of good mail (which they call ham) and bad mail (spam, of course). So any time you get spam that makes it through the filters, you have to set it aside and then show it to Spam Assassin and let it train on it. Once youve done this with about 500 hams and 1,000 spams, it does a bang-up job of identifying what should be held and what should be let through, and starts teaching itself. I was lucky, in that, I had an archive of all of my e-mail since around 1996, so I had thousands and thousands of hams for it to feed on.

Last thoughts:
I really dislike monolithic swiss-army packages that try to be everything to everybody, like Symantec Norton Internet Security, and McAfee Internet Security Suite. They must inherently share as much code as possible (which only makes sense), however that means when one component fails, it tends to take everything else down with it. This is really one of the core problems with Windows, and why there are continually problems with it.

Thats why I really like the philosophy of Open Source software — each project, each program, and piece of code, is focused to do one little job and do it well and efficiently. You put all those little parts together and you have a better functioning whole. There is a lot of code sharing and integration going on, now that projects have matured, however, all of those building blocks are very solid, and separate groups are focusing on doing nothing but the glue to put it all together — which makes for much sounder construction.

This is one of the reasons I think Mozilla has gone from its monolithic, all-in-one, browser/e-mail/newsgroup/chat client self, and split into separate packages for each of those functions (Firefox and Thunderbird).

You should definitely check out The Open CD. It is a downloadable CD that contains just about all of the software Ive listed here, plus many more (word precessing, screen savers, games).

It is very well put together with simplified installers and a good interface to get descriptions of all of the packages. Definitely worth the time to download and burn to CD. If you dont have a burner, they provide links to the homepages for each of the products included so that you can just get the ones youre interested in.

Hope this has helped. If anything is unclear – too much/not enough information – you can post a comment below, or e-mail me. Ill be happy to help.