[TheForge] OT- spyware prevention

Andrew Vida [email protected]
Tue May 13 14:26:14 2003 

Steve Smith wrote:
> 
> I'm fairly sure you just need to stop using Microsoft browsers.

	The spywares are enabled by the features of the OS and IP. 
	The fact that the machine is connected to the net via IP 
	opens it up to poking and prodding by anyone with the 
	inclination and knowlege to do so.  The OS provides the local
	instrument for fooling around on a particular machine.
	One need not have a browser open to be vulnerable to
	this sort of hanky panky.  Because the security on MS boxes
	is still so lacking, it is pretty easy for someone to go	
	fishing about on another box with impunity if there is no
	protective mechanism to prevent it.  I'm not sure if this
	is still so with XP, as I have used it comparatively little.

	One of the very good things about LINUX and UNIX is the
	fact that security can be made almost arbitrarily strong.
	It appears that most of the back door methods once used
	by black hats have been closed up. Probably the best
	protection scheme one could have would be to use an old
	machine as a firewall server running LINUX that stands
	between the net and your windows box.  Actually, OpenBSD
	is perhaps the best solution for this.  Then network the
	BSD box to the windows machine and you're cooking.  BSD
	does all the dirty work and the MS box can buzz about in
	relative safety.  This will not protect one from embedded
	viruses, though, so nothing is perfect.

> Switch
> to Mozilla or Opera. Both are pretty mature software. You get Mozilla
> free; Opera is either free with ads or costs with no ads. You really
> don't want to download them over a 56k modem, though.

	Beware of Mozilla.  It is an ENORMOUS memory hog.  I have a
	512M core on this machine and I have watched Mozilla 1.x
	blow up to over 200M in size.  A typical 128M machine will
	be paging wildly when Mo hits perhaps 60M to 70M and that
	will be SLOOOOOOOOOOOOOOWWWWWWWWWWWW.  It's really so very
	annoying to sit before a machine that is crawling along
	like a wounded garden slug.

	Internet Explorer never goes over 20-25M of core.  Still
	piggishly large, but these browsers handle lots of data
	so it's difficult to avoid the overhead.

	I use Opera as my browser lately.  Not bad, but it also
	gets large, though it manages memory far better than
	Mozilla, doesn't bog down as much, and crashes less often.
	The mail client pretty much waysux.  I use Netscrape 4.72
	for mail, not because it is so great but because it is
	simple, does what I need it to do, and I'm used to it.
	It waysux memory-wise as well, but I can deal with it until
	one day a better client comes along or I get motivated to
	write my own, which I doubt will come any time before the
	next ice age.  The appeal is somewhere below getting my
	eyes gouged from their sockets with a dinner fork.

	Mozilla under LINUX works pretty well.  Then again, the LINUX
	versions of nearly anything you care to name work better than
	the Windows versions.
> 
> Steve Smith
>