Here's how easy it is - Page 2

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View

Re: Here's how easy it is



Lil' Abner wrote:

Quoted text here. Click to load it

I found my old post back in Dec 2008 where WOT had maybe cataloged 20%
of the web sites at that time (not 2%).  See:

http://groups.google.com/group/alt.comp.anti-virus/msg/b1f709376d3947ea

This isn't just bad sites.  They catalog the sites (as they get reported
since they don't actually test the sites themself).  So the 20% is for
all their cataloged sites whether they are rated good or bad sites.

If your goal is to catalog sites as bad or good but all you have
cataloged so far is 20% of all sites, how useful would your ratings be?
If you were trying to provide an indicator of how safe is the Internet
then this provides a statistic to measure that.  However, it does
nothing to indicate if particular sites is good or bad (where
"particular" means the *chance* that a site you visit will be in their
database).  Over a period of almost 2 months in my last trial of WOT
(I've trialed it more than once), my experience with WOT (and even worse
with SiteAdvisor) was that the vast majority of sites in my search
results had a neutral rating.  That doesn't mean they are good.  That
means nothing is known about them.  They haven't been cataloged yet via
someone's report that claims the site is bad or good.  Pretty hard to
find your way through the maze to know which paths are hazardous when
you can see only 20%, or less, of everything that exists.  

Then there's the fact that WOT and SiteAdvisor are based on opinions,
not based on *current* content of a web site.  What was bad before could
be good now.  What was good before might be bad now.  Neither WOT or
SiteAdvisor report on the *current* state of a site, only on a rather
limited scope of criteria on that site's history at some snapshot in
time.  Also remember that WOT doesn't interrogate the contents of web
sites (as does SiteAdvisor which includes [at low priority] the user
reports or Finjan that looks at the web page content) but relies only on
reports.  

Would the state let you drive a car if 80% of your windows were opaque?
Those stats were more than half a year ago back in Dec 2008.  WOT's
reporters are NOT keeping pace to the rate of increase in web sites.
WOT claims to have increased their site database by another 4 million
sites in that time (from 20 million to 24 million).  According to
Netcraft (http://news.netcraft.com/archives/web_server_survey.html ), the
number of web sites increased by 43 million (from 182 to 225 million).
So WOT managed to catalog only 9% of the increase (4/43).  43 minus 4
means another 39 million sites have shown up that WOT didn't catalog.
WOT is now at less than 11% coverage (24/225).  WOT is losing.  

As for the elderly lady, I thought YOU were the one she was paying or
relying upon to keep her host secure.  You said she was your client.
Well, why not setup the shortcuts for her (and even replace the desktop
IE icon) so she has a choice of how throttled will be the instance of IE
that she loads?  Or investigate the use of OnlineArmor or GeSWall on her
host.  OnlineArmor has its own whitelist of known good apps to reduce
the number of prompts asking if a program is allowed to load or get a
network connection.  You can be lenient with OA's protection but still
have some.  GeSWall is even more transparent (but my use is more expert
so it still got in my way).  With OA, and when using its RunSafer option
to reduce privileges on the web browser (or any program, especially
Internet-facing apps, like web browser, e-mail, newsgroups, etc), you
will need to show her how to right-click on OA's tray icon to disable
its Program Guard when visiting sites that require admin privileges,
like Windows Update to install patches or updates.  In GeSWall, it's
even simpler because they add an icon in the titlebar of the web
browser's window that you click to start a non-protected instance of the
web browser (and then use that one to use the WU site).  You said the
old gal is your client so why aren't you doing something to help secure
her (but make it easy for her)?

Re: Here's how easy it is




Quoted text here. Click to load it

For what it's worth, you might want to install SandBoxie on her
computer, and configure it by default to start her web browser inside a
sandbox. That way, no matter what she encounters; it won't pose any real
threat, nor give you a headache. :)


--
Dustin Cook [Malware Researcher]
MalwareBytes - http://www.malwarebytes.org
BugHunter - http://bughunter.it-mate.co.uk

Re: Here's how easy it is




Quoted text here. Click to load it

I just, for the fun of it, went to that page using opera 10 and all I saw  
was a big red dot that said "Don't Push"(ha ha ha) and the mouse-over said  
click to activate control.

Re: Here's how easy it is



Max Wachtel wrote:

Quoted text here. Click to load it

All I got in a couple browsers was a centered link that said:

                      SKIP

--
   -bts
   -Friends don't let friends drive Windows

Re: Here's how easy it is



"Max Wachtel" wrote:

Quoted text here. Click to load it

The only thing on that page is a silly Flash game where you get
different messages when you repeatedly press the button. in the middle
of the SWF sequence is some ActionScript to load:
 members.aol.com/oohdoogie/BGB/press01.html
which would redirect to another AOL page:
 www[dot]peopleconnectionblog.com/2008/11/06/hometown-has-been-shutdown
which says:
"Dear AOL Hometown user,
 We're sorry to inform you that as of Oct. 31, 2008, AOL Hometown was
 shut down permanently..."

So that all looks pretty harmless, unless AOL loads a bad advert or
the linux-site URL was not the real link to the bogus AV popup.



Site Timeline