He's well known on the usenet group alt.comp.freeware, and is one of the good guys.
Speaking of alt.comp.freeware, they annually vote on the best freeware and put the winners on their site. Here's this year's security winners:
http://www.pricelessware.org/2003/PL2003SECURITY.htmOther relevant usenet groups are: alt.privacy and alt.privacy.spyware
Probably a few others around, too.
fwiw, I use Zone Alarm as a firewall, AVG as my antivirus, and Spybot,AdAware, and WinPatrol for other miscellaneous baddies. I also regularly clear my cache and cookies. I probably should add a few others, since the people who write keyloggers and other spyware are getting better at it. I really don't have the time to set up packet sniffers, though. For the truly paranoid, setting up a network with one machine as a proxy server, and/or using something like Proxomitron sets up another layer of security.
Fundamental to security would be to avoid M$ products, or at least set them up for maximum security. I use Eudora for mail, Agent for usenet, and Opera or Mozilla for browsing. I turn off Active X and other executables unless there's something I know is safe and I need to see. Browser hijackers tend to exploit IE, and often leave the others alone.
One final note-- Windows sets up its own cache and cookie files whether or not you use Internet Explorer. These can't be properly manually cleaned without one of the cache cleaners unless you figure out how to change file properties in DOS and wipe them out without loading Windows.