Emerald Group Publishing Limited
Copyright © 2004, Emerald Group Publishing Limited
Destroy him as you will, the worm always bounces up; execute him, expropriate him, starve him out en masse, and he reappears in your children
Keywords: Internet, Computer viruses, Soldering, Preservative
Since I last wrote in these columns, there have been several new viruses and worms "put on the market". I've not been directly threatened by any of them, although my anti-virus utility does block one or two attempts per month to install one or the other of them. However, someone who has my e-mail address on his computer has been infected and has retransmitted the virus to hundreds of other computers. Many of these have "bouncing" rejection systems. These work by sending a message to the "originator" stating that the attempted message contains a virus and was not delivered. I have received literally many hundred such messages over the past couple of months, all of them purporting to be from persons I've never heard of. These "bounce" messages are a niddering pest, and sometimes exceed, in number, more than the combined wanted messages and other spam I receive.
There is absolutely no point in "bouncing" virus-laden or spam messages because it is invariable that he who receives them was not at the origin of the cause. They must uselessly take up a considerable amount of Internet bandwidth. Worse, if you take drastic action to eliminate them unread, you might miss a useful "bounce", one where a genuine message has not been delivered for whatever reason. In between these two extremes, there is the "out-of-office" message, which is equally useless, knowing that the receiver will read your message as soon as he returns.
I urge everyone who reads this to check whether his/her security system "bounces" infected or spam messages. If so, change it simply to delete them and free the Internet from this plague of totally useless, bandwidth-stealing, "bounce" messages. You will do everyone a favour.
Bill Gates recently announced, at the Davos World Economic Forum that his company will kill spam within a couple of years. His proposal is to introduce a method whereby e-mail messages will be charged a nominal fee. The notion is that, if you and I send a few dozen e-mails per day, and each one is charged one or two cents, then this is not catastrophic. If, as is common today, a spammer were to send two or three million messages, this would cost a small fortune. Will it work? I personally cannot see it being effective, because it would mean that every single ISP in the world would have to co-operate. Even less effective would be the idea to subscribe to a system, run by Microsoft at a cost, of course, whereby the company puts virtual stamps on each non-pre- approved message and the cost of these "stamps" is charged to the originator, assuming he can be traced and he is willing (and able) to pay. Subscribers to the system would probably not even be able to receive e-mails from originators who were not pre-approved. A whitelist filter on the e-mail client would be just as effective and would cost almost nothing!
Quite frankly, I think the only way to handle spam is to make sure that it cannot be read. The ISP that I use pre-filters the more blatant spam (and virus-containing messages), eliminating probably about 80 per cent before it even reaches my mail box. I'm not sure that I like this because there is always the risk of a false positive, meaning a message which I can never see. I admit that this risk is very small. The 20 per cent of spam which does get through is effectively filtered by my own system and it takes me only a few seconds per day to check against false positives and eliminate the lot, unread, in one fell swoop.
While on the subject of Microsoft, the company has just announced that they have provided the means to block yet another "serious security threat" in various versions of Windows. I have some questions:
Why has it taken several years for this threat to be discovered, if it is deemed "serious"?
The discovery was made by a specialist security company, outside of Microsoft, over 6 months ago. If the threat is "serious", why did it take over 6 months to issue a patch, bearing in mind that Microsoft claim to respond to urgent problems within 3 months?
I think it may appear that Microsoft's credibility problem is worsening. This could even be exacerbated by the source codes for some Windows versions being leaked on the Internet. The company's immediate reaction was to say that it made Windows more vulnerable to attacks. Yet Linux, which has open-source code, which is very widely distributed, does not appear to be over- vulnerable to the worst effects of crackers and hackers. Is there a contradiction here?
I have often written about e-mail clients and I shall probably write still more articles on the subject, so this one will be no exception. As regular readers will know, I have always been very cautious about using Outlook or Outlook Express, mainly because of the security implications, such as those outlined above. As a result, I have been using Netscape, in various versions, for nearly 10 years. The latest version, 7.02, has been extremely good but does suffer from a few disadvantages. From time to time, I have tried various other e-mail clients, such as Opera, Eudora and so on. I have never been convinced that changing to one of them would help me.
Having read eulogistic criticisms of Pegasus, I thought I would give that one a try. It was quite an interesting experience and it is certainly the most "geekish" e-mail client that I have tried, up to now. However, it had a number of features which I simply did not like, even after using it continuously for several weeks. I therefore regretfully abandoned this idea.
During the time that I was trying Pegasus, I thought I would take a poll of what some of my friends were using. This resulted in Table I.
|E-mail client||No. of votes||Percentage|
Now, I don't pretend that this table is representative of the Internet community, as a whole, because many of my correspondents are possibly above-average in computer savvy. I was quite surprised, nevertheless, to find that fewer than half were using Outlook, in any form. This may also be partially explained by the fact that a few of them (especially in the "Other clients" category) are using MacOS or Linux platforms. I noted that the three clients that I tried while seeking a better choice than Netscape (Eudora, Pegasus and Opera) all obtained fairly low scores. I was, however, surprised to see how few were using Netscape, which I had always considered as the main alternative to the Microsoft clients (it used to be the Number One, before Microsoft considered that the Internet was here to stay and tipped up the level playing field). Now, Netscape is an off-shoot of Mozilla, using the same basic open-source code. This inspired me to have a closer look at Mozilla in its various guises. The full Mozilla is actually very similar to Netscape, as can be expected. This means that it is rather top- heavy. However, some time back, the Mozilla developers realised this and started to split it into lighter, simpler, modules, rather than have everything under one roof, while keeping the basic functionality. The main parts are Mozilla Thunderbird as the competition to Outlook and Mozilla Firebird for Microsoft Internet Explorer. Although, at the time of writing, the applications are not yet fully released, they are already extremely stable and reliable. I've been using both Thunderbird and Firebird for some months, now. To give you an idea of how much I'm impressed at this lean and mean software, I made them, some months back, my default e-mail client and browser and I stopped using Netscape, except for archival reference. The changeover has been totally painless. The implementation of POPFile, the Bayesian mailbox filter I've been using for over a year, was easy. Thunderbird also has a Bayesian filter, but I have not tested this because it is only a simple spam/not-spam implementation and POPFile gives me full satisfaction with many more facilities, including automatic sorting to different mailboxes, and features.
Does Netscape offer anything that Thunderbird doesn't? I think the answer must be negative, although the implementation of the menus is different. Of course, Thunderbird has eliminated all the annoying little Netscape-oriented features, including the force-feeding of AOL and a few other related sites. One feature I particularly like, compared with Netscape 7.x, is that the left hand box of Thunderbird shows the "folders" tree by default, but it changes to the Address Book when in any mode, whereby a message is being prepared for sending (in Netscape, although it was configurable, the two windows were above and below each other, giving insufficient space for either). Thunderbird has become an extremely practical tool and, now that it is stand-alone, should logically give Outlook and Outlook Express a better run for their costless money, even for those who still wish to use Internet Explorer for browsing. Changing to Thunderbird will eliminate many of the security hazards associated with the Microsoft clients and the use of their Address Book by worms. I can highly recommend it.
Having consecrated the Netscape e-mail client to the virtual waste paper-basket (or shredder), what about browsing? Well, Firebird is equally lean and mean, yet retaining all the useful features that I'm used to, and more besides. I particularly like having Google as a default part of the main toolbar – in Netscape, I used a plug-in to add it to its own toolbar, but it frequently spontaneously disappeared. Also, the optional sidebar can be controlled by toolbar icons to allow one to switch between bookmarks, downloaded files and history. Gone is the need to use Ctrl-H to find a site you looked at a couple of days ago, although the facility is still there if you want it, but it toggles it into the same place and not into a pop-up window. Talking of pop-ups, the "Block Pop-up Windows" option is still there, with the ability to override it for the given Web sites (sometimes particularly necessary for online banking) but it has the advantage that it is no longer overridden for Netscape sites. One shouldn't forget, either, that Mozilla introduced tabs into browsing a few years ago; this allows you to switch between any reasonable number of open web pages by a simple click on a tab. It is a wonderfully useful feature that some other browsers have copied, but many have not.
The $64,000 question (wow! That dates me, doesn't it?) is whether it is worthwhile changing from another browser to Firebird? If you are currently using Netscape and are changing your e-mail client to Thunderbird, the answer is an unequivocal yes. If you are using Microsoft Internet Explorer, there are definite security advantages, as many illicit bugs specifically target IE. Also, MSIE does not fully conform to internationally accepted HTML and XML protocols, whereas Firebird does so, rigidly. The answer, then, is, yes, there are definite advantages in changing, even if it will take a day or two to accustom yourself to a slightly different layout and the numerous keyboard shortcuts. From other browsers? Well, I can't really say – maybe you should try it for yourself. All I can say is that I highly recommend it as a darned good browser.
So, are you interested in trying out my cutting- edge recommendations? Go to www.mozilla.org/ to find out more about Thunderbird and Firebird. At the time of writing, it will cost you the time to download, respectively, about 7 and 6 MB and a few minutes to install them by a simple copy (Windows versions). For comparison, the Netscape set-up procedure – which is hairy – involves decompressing 40 MB into a set-up folder while the download is proceeding. Anyway, as the software is open source, it is free-of-charge. Versions are available for all flavours of Windows, MacOS and Linux. I don't think you will regret it – I haven't!
How many of us remember the old Sealbrite, made by the London Chemical Company (Lonco), near Chicago? This was a coating type of Organic Soldering Preservative (OSP) and consisted of a small quantity of non-activated rosin and an almost equally small quantity of acrylic resin in an aromatic solvent. Bare copper boards dipped in it and dried at 50°C remained solderable for many months or even more than a year, despite the almost invisible nature of the protective film. It was one of Lonco's key products for many years but its market was killed by the advent of, initially, reflowed tin-lead plating and then hot air solder levelling (HASL). If you "Google" it, you will see a list of perhaps half-a-dozen references to it (lost among a host of other sites using the same name for many different purposes). It could be said that this product was the prototype OSP, although I think the majority of modern OSPs are based on reactive azoles and izoles in an organic acid solvent. These appeared on the market about 20 years ago, from Japan. At first, they were rarely used, because HASL still had the lion's share of the market. Today, their use has rightly resurged, since HASL is no longer able to be used with many modern miniature components, seeing that the surface of coated solder pads is insufficiently flat, not to mention that lead-free HASL is still rather experimental. The most common competitive processes are electroless nickel and gold (ENIG) and electroless tin or silver, all of which suffer from a number of disadvantages. When the dust settles, I forecast that OSPs will be a major contender in the battle of the finishes. For this reason, I propose we look at a few Web sites with OSPs as a theme.
This page, although devoted to an OSP, Orgasol MSP, bears a lack of useful information; I especially reproach Technic Inc. for no indication of how to obtain an MSDS. I consider this unacceptable in today's Internet climate. Could do better to promote their product!
If you wish to choose a finish to replace HASL, this is a "must-read" paper, from Poland, on the comparison between an OSP, ENIG and electroless tin (and I don't say this because your not-so-humble scribe is mentioned in two of the references!). It concludes that all three finishes are roughly equal, except that the OSP suffers most at high temperatures. The same paper is available also at the Web site: http://www.zipperling.de/ News/independent_test_report.htm
This is a magazine article with a similar theme of comparing the different finishes. It unfortunately lacks technical data and, in fact, is very superficial in quality. The author concludes that electroless silver "appears to be the most versatile of the alternative surface finishes", although he does not address its known disadvantages, such as whiskers or sulfidation.
This is a comparison article between an OSP, an electroless silver and an electroless tin. It is published by one of the major producers of surface finish chemicals for the electronics industry. Because the company produces all three finishes, the information contained is impartial and, in fact, gives more intelligence on the pros and cons of each than the preceding ones. It is free of commercial "pushing".
This is an interesting technical publicity data sheet, extolling the virtues of a specific OSP. Maybe extolling them a wee bit too loudly, because it not only praises its own product, it denigrates that of a competitor, which I find barely acceptable. Nevertheless, it is worth the read because it explains the mechanism of the azole chemistry better than any of the foregoing sites.
This is an abstract of a paper entitled "Intermetallic Growth on PWBs Soldered with Sn3.8Ag0.7Cu", with the comparison between an OSP, immersion tin, silver and ENIG. It states, "This study revealed that the composition, microstructure, and thickness of intermetallics at the interface were strongly dependent on the plating system". Those interested in the reliability of the intermetallic layer may wish to obtain the full paper, which is not downloadable without registration.
This is yet another comparison technical paper, this time with respect to UHF/SHF applications. Interestingly, the surface finish does not appear to make a large difference in the performance up to the GHz range, although the authors do give silver a small edge over the others, as might be expected, because of the skin effect.
http://ieeexplore.ieee.org/xpl/abs_free.jsp?isNumber=13621&prod= CNF&arnumber=626 876&arSt= 56&ared=61&arAuthor =Yuan+Li&arNumber=626876&a_id0 =626856&a_id1=626864&a_id2 =626865&a_id3=626866&a_id4 =626867&a_id5=626868&a_id6 =626870& a_id7=626872&a_id8 =626874&a_id9=626875&a_id10 =626876&a_id11=626877&a_id12 =626878&a_id13=626879&a_id14 =626880&count=15
The URL for this abstract must be worthy of the Guinness Book of Records for its length! It is of a paper (title, "An experimental study on organic solderability preservative"), which is downloadable on payment. The study describes seven factors that may have an effect on the solderability of OSP-treated PCBs, with the emphasis on the practical aspects of potential problems that may be encountered during assembly operations.
This is an article which gives a good listing of the advantages and disadvantages of the various finishes. Nothing more need be said!
MacDermid need no introduction as a maker of chemicals for our industry. This page gives a brief description of products for all types of the surface finishes we have been discussing. The OSP is called M-Coat Plus. However, as in the first criticism, above, I reproach the company for not providing accessible data sheets and MSDSs on the products. This is not good enough for an internationally renowned company!
This page does not, only give the bare minimum, as the manufacturers of competitive products seem won't to do, it gives reasonable details of what is arguably the most successful OSP on the market. Even better, it gives links to many other documents relating to its use, to fill up the blanks in our knowledge. Furthermore, with a tiny piece of navigation, one can find the MSDS on the product. This is the correct use of the Internet and other manufacturers should copy. Well done, Enthone!
Note1 Cyril Connolly, in an article that appeared in the Observer, 7 March 1937.