I posted this comment to a post on BetaNews saying that Firefox didn't really bring anything new to the table. I disagreed, because FF made it a lot easier to maintain a higher level of overall security for novice users.

----

My experience says otherwise. I've set it up a couple times. I'm not a major PC person, so, all the systems, on the first go-round, got infected by viruses, penetrated by trojans, and had spyware and adware installed. On the second attempt, I installed firewalls (Outpost Free), removed Outlook Express, and installed Firefox. I also visited the antivirus sites so the DLLs for their products could be installed, to ease virus checking.

My goal was to create a computing experience for novice users that "works". I wanted it to be responsive, and have no unexpected surprises (like adware). The first complaints I got were about adware; the systems had been compromized by trojans, and had some mail viruses as well, but the perception of problems centered on adware popups invading their computing experience.

Thus, my goal was to guard against invasion by trojans, worms, viruses, and all the other clandestine malware, but, ALSO, to guard against unexpected installations of adware and spyware.

Firefox, particularly the popup blocker, helps prevent adware and spyware installations. There are other blockers out there, but FF's is simple to teach to newbies.

Firefox is good because it's similar to IE, and generally works well.

Secondarily, I install the Adblock and set it to block ads on sites they visit, if they wanted. This helps speed up their browsing experience, and also tends to decrease the opportunities for adware installation.

The last thing I did was create two user accounts: Administrator and User. They were given good passwords, and the users were taught to log in as User to use the system, and to log in as Administrator to install or upgrade software. This created another hurdle to installing software, putting it in the hands of the end user rather than an aggressive web marketing campaign.

I also tried to train them on the use of the firewall. The firewall also needed to be configured to let more "active content" through, so some apps would work. Over time, users will learn that their actions will often trigger traffic -- so, they learn, over time, to make pretty good decisions about allowing traffic.

The good news was that the systems remained virus free and responsive after a couple months.

A firewall, Firefox, and a little education about how to use the system more safely combine to make a good user experience. Users are rewarded for their good habits with a responsive system.

Could these results be replicated with Internet Explorer instead of Firefox?

No. (Not yet, at least.)

The reason is simple. Firefox's popup blocker (and ad blocker) help discourage the installation of adware. Adware is one of the reasons why computers slow down, and people start to feel like they are "infected".

An increase of adware or spyware traffic would also trigger the firewall alerts, and decrease the overall feeling of "security."

Of all the malware out there, adware is the most "safe". It's not a trojan, and it's not a virus. However, it causes systems to slow down, and generates unexpected traffic, leading people to believe their computer is "infected" and out of their control. Thus, it's pretty important to keep adware and spyware off the computer.

Though this security system sounds complex, it's not too difficult to set up and teach. I set it up and explained it to people who knew nothing about computers. I provided customized documentation which included their PC's configuration info, some explanations, and their passwords.