[wejones]

The following isn't related to the above story, and isn't related to browser choice, but since the topic is getting into vulnerability to malware, I thought I'd mention a vulnerability I've seen.
A couple years ago, a neighbor set up his computer, and it got hopelessly corrupted with virus' right away, even before he had much of a chance to receive email or go to web pages. I asked him about just what he had done, and he said the only thing he could think of was that he followed a Windows link to download some protection update or something. This sounded strange to me, but I fixed his computer, and all was well for a while, but he eventually had problems again. A few months ago, he was going to reinstall windows again, I think this time Win-2000 (but I later saw the same thing with WinXP with another neighbor). Anyway, I went to his house to help him upgrade. We put on windows, and installed Mozilla and an email program. Then we decided to test his dialup internet connection. We dialed up, intending to get email and go to his favorite web page. About 20 seconds after we dialed in.... BING... up popped a window, saying something like windows has detected a corrupted file, and suspected a virus, and recommended that he click here to download the most recent patch from Microsoft. He started to move his mouse to click, at which point I stopped him, and said don't touch that. It was an outside intrusion using the windows messaging system, or whatever it's called, ie the popup window wasn't coming from windows, it was someone on the outside trying to get him to download a virus. I said something like this is strange, because I"ve never seen that happened, and he was using the same version of Windows I use, and he's on the same ISP. Anyway, I showed him how to close out of the window without touching the popup, and told him to never follow that link if it ever happened again. Then BING.... POP... same window popped up, closed that down... BING. Inside of about 5 minutes on line I think he got about 6 or 7 intrusions from outside. I forget what we finally did, I think we turned off the messaging system and installed Norton or something.
Then like I mentioned, I was helping another neighbor with XP, and the same thing happened. Again, same versions of software I'm using on one of my computers, and it's never happened to me. So I was really trying to figure out what was different about my system that seemed to protect me from these intrusions. Then it dawned on me, that these two neighbors had their computer directly connected to the phone line to the internet, while in my case, my computers don't connect directly, but through a LAN to a software router.... all except for ONE of my computers, a computer that my wife used to have connected directly for work reasons, and IT was the only computer we've ever had that has caught a virus.
Anyway to shorten an already too long story, a lot of the intrusions our computers are exposed to don't come via browsers or email, but directly in from the outside while connected to the internet, and the best protection seems to be to NOT connect a computer directly to a phone line to the outside, but to have the computer connected through some form of a separate firewall or router BEFORE you hook up to the internet. The fact that my system is seemingly (never 100%) protected was not because I was smart enough to set it up right, but that I lucked into choosing a way to connect to the internet which makes it difficult for external intrusion. Dumb luck.