Most Web Users Unable to Spot Spyware 399
Ben writes "According to a Spyware Quiz conducted by McAfee SiteAdvisor , a staggering 97% of Internet users are just one click away from infecting their PCs with spyware. One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity."
Wait... (Score:3, Insightful)
And let me guess (Score:5, Insightful)
100% thing... (Score:2, Insightful)
Sorry (Score:5, Insightful)
Bad quiz (Score:5, Insightful)
Sure (Score:5, Insightful)
Sure, we like to visit places like http://www.cracks.am [cracks.am], who actually write their own spyware. But I am not so sure that qualifies me as ever installing any of their garbage.
Re:Wait... (Score:5, Insightful)
Follow the money (Score:3, Insightful)
The real way to combat this is to hold website owners responsible if they are hosting such malware.
Stupid quiz as usual (Score:5, Insightful)
Re:Bad quiz (Score:3, Insightful)
No crap. In some of the screenshots, you can't even see the whole screen, to say the least of not interacting with it. In many of the choices, I wouldn't visit either site.
It's also worth noting that the quiz is by a major commercial anti-spyware company.
I think this is a sales gimmick more than anything else.
Re:Bad quiz (Score:5, Insightful)
This is an idiotic quiz. (Score:5, Insightful)
This is a completely invalid, unsound test, as there is no technical way to determine the presence of malicious software simply by looking at a page as it initially loads in the absence of any ability to interact with it or at the very freaking least scroll up or down or hover a mouse... sheesh...
It's like blindfolding someone and then blaming them for not being able to catch a baseball pitch, facing away from the thrower, with their bare hands. Of course they won't be able to, if you take away every single useful tool for them to accomplish the task.
Flawed quiz (Score:5, Insightful)
Not sure I agree with their methods (Score:5, Insightful)
Re:Flawed quiz (Score:5, Insightful)
1) How many people will stay interested enough to finish the quiz.
2) Free focus group when article is posted on
Re:Bad quiz (Score:4, Insightful)
You sometimes can't tell what software will have bundled spyware or adware, (especially in such an obviously biased quiz) which is why you're going to need to purchase McAfee's anti-spyware software.
Hello, McFly...
Re:Follow the money (Score:3, Insightful)
Re:Bad quiz (Score:2, Insightful)
And, what a surprise, the test is run by McAfee, who wants to sell me "protection" against spyware. Protection as in "catches 97% of the spyware that has been out for more than a month" (just made up those numbers). No thanks.
6 of 8 after researching all the sites (Score:2, Insightful)
First I missed the lyrics sites. One of them supposedly installs activeX adware. I couldn't tell this since I'm using Firefox in Linux.
Then I missed one of the P2P software sites. I incorrectly decided that Blubster was safe, even after looking through the site. They do mention that they take information given when you fill out a contact form, but I didn't see any mention in the terms of use or privacy policy regarding anything in the software itself.
Of course, I would have never actually downloaded that in the first place. I knew emule was safe though. Yay open source!
So yeah, I missed 2 of them, but would not have been infected by any of the bad sites. Mostly I just think this quiz is lame.
Re:Bad quiz (Score:5, Insightful)
If this applies to you, you've already flunked the real-world test. If they had a third option "I'll get software only when it's important, and then only from sources I've thoroughly researched and have objective reason to trust" - then this quiz would be a public service. As is, it just encourages the proliferation of Windows malware.
Typical Marketing (Score:1, Insightful)
If they wanted to make an accurate assesment they would set people up with a VM with a resonably patch version of windows, and big shiny icons for both IE and firefox and say "Browse the internet for an hour" and see how the machines were affected.
PS: I got a 5 out of 8 on the test, but only because there was no option to say "Why would I be dowloading lyics or smilies in the first place -- these things or more likely to have spyware than pr0n?" That and I guess they want you to trust eMule.
Re:Bad quiz (Score:3, Insightful)
Anyway, look at the `quiz'. It's a collection of screenshots. There is no data you can use except `this site looks too corporate', or `I've heard bad things about kazaa'.
It's not a quiz of your mad spyware spotting skillz, it's a marketing attempt. And did anyone else find it funny that their copy of firefox had the little `update me!' red arrow in the top-left corner? Didn't that go away in the latest version?
They should work on their own security :).
Completely impractical (Score:5, Insightful)
Most www users are not geeks and cannot tell the boundary between their computer and the internet, let alone know how to drive a hosts file etc. Any advice of this form is completely useless to most www users. If the computer says "click on this" they will. Don't expect them to tell the difference between something from MS or the OS and a phishing scheme or other attack.
It is also not reasonable to say that people should know this stuff to use the www. Nonsense! Do you need to know the difference between a knit and purl stich to wear a sweater? Do you need to know what advance and retard are to drive a car? Why the hell should you know what a hosts file is to use the www?
Re:Bad quiz (Score:3, Insightful)
It's like saying users can't tell which scraggy whore has the clap, so they should all buy new McAfee Anti-Itch cream so they can keep on screwing scraggy whores with the clap. If you compare users with the clap to users without the clap, you notice a strong correlation to choice of partner.
Dumb quiz (Score:3, Insightful)
Re:Completely impractical (Score:3, Insightful)
nice design no spyware? (Score:3, Insightful)
but in most cases they seem to tell me, that a simple design vs bling means that the simple design will sell you spyware
dunno, i think any download is a potentional spyware, especially the spyware programs (that my wife installed on her mom's computer adter a popup : your computer mught be infected
well at home she uses linux so did not get a clue......
ohh that crap also has the important message: all p2p programs are spyware laden....
Re:Wait... IP addresses in links (Score:3, Insightful)
Yes, I would say that this is pretty accurrate... (Score:2, Insightful)
-Cypheros [cypheros.com]
A very bad survey. (Score:5, Insightful)
I took my usual paranoid route. For the first four questions, I didn't select either site (which, as it asks which site you trust, seems to me to implicitly state that I don't trust either site). For the last four sites, I specified that all of them potentially had spyware.
My result? Well, acccording to this "survey" I only scored 3 out of 8, as my not trusting sites which didn't have spyware (as they could find) counted against me, and I distrusted one site which the survey claims has no spyware. So apparantly, because I don't trust ANY of the 8 sites referenced in the survey, I'm "At Risk", and my "...answers would have infected your PC with adware and spyware many times over.".
Uh huh. Not trusting any of the 8 sites is putting me at risk? Spyware and adware many times over? Let's ignore for a moment that I'm running Mac OS X, and that I wouldn't visit any of those sites in the first place, and don't download screensavers, wallpapers, or smilies, but apparantly according to SiteAdvisor my distrust of all their sites puts me at risk.
And that right there is enough to tell you the quality of this so called "survey".
Yaz.
Re:Wait... (Score:5, Insightful)
A sibling to this post points out it only takes a split second of carelessness. This is literally true.
The combination of
For this reason, I consider IE mortally dangerous, and until we go for some period of years without seeing a silent install vulnerability, I won't lift this assessment. This has nothing to do with hating Microsoft, and shouldn't be dismissed as such; I think it's a perfectly rational assessment of the situation. I think the only thing stopping more people from seeing it this way is the fact that most people are dependent on Microsoft and simply don't want to see something that means they are going to have to do a lot of work to switch.
I don't think Firefox has had a "silent install" vulnerability yet. Corrections welcome. It's just too darned easy to get infected, and all the anti-virus software, software firewalls, and spyware detection software is just closing the barn door after the animals escaped, especially as the rootkits are passing the point where you can even pretend to remove them without a full re-load of the OS from the bottom. (And it's only a matter of time before the rootkits go back to the old trick of infecting all executables like the viruses of the olden days, so you have to completely rebuild the machine from scratch...)
(I remember there was some changes made to the extension download process to make it harder to mindlessly click through, but I'm not counting that. I would consider a silent extension install to be a silent install vulnerability, because extensions get full access to the machine. The same for an install process that isn't "silent", but isn't able to be stopped short of cutting power to the machine; ISTR an ActiveX vuln that had the behavior of installing even if you said "no" to the trust dialog.)
Re:Wait... (Score:5, Insightful)
Re:Wait... (Score:3, Insightful)
If the study is taken at face value (which I think might be reasonable if you're on crack), then all its saying is that you'll remove the screensaver.com block from your hosts file.
My personal opinion is no study was needed; if there is a something-for-nothing proposition, and you take it without being 100% sure of multiple, non-associated sources stating that it really is something-for-nothing (like a good freeware app like Blender, or a trial or lite version of a respected commercial package), you will be paying somebody for something.
Many intelligent, successful people still believe theres such a thing as a free lunch that you dont need to run background checks on. There are none. If the lunch is free, then make sure you've spoken to people you know and trust who've taken the offer before you, or you might as well write "guinea pig" across your forehead in magic marker.
Basically, avoid the word 'free'. As soon as free is the top selling point of anything, it isn't. Its either spyware, or upsell.
Re:Bogus Statistic (Score:3, Insightful)
it should read "3% of visitors to mcafee's site who took a spyware quiz are unable to spot every spyware site from a screenshot of part of the webpage."
Re:Wait... (Score:5, Insightful)
While it may be simple and effective, the hosts file is not the right place to block access to certain sites.
Blocking should be done by the browser itself or by a firewall, proxy, or some other software gatekeeper expressly designed for the purpose. Such an agent is theoretically able to perform a multitude of functions related to site blocking, such as temporary unblocking, content filtering (ie allow the HTML through but nothing else, or strip out javascript, or whatever), authentication for unblocking, management of blocked groups (eg separate black lists for porn, spyware, anti-chinese-government content).
Hosts files don't allow any of these functions, and are easy to bypass by using an ip address instead of a domain name. By skewing their function into a server filter, you are more likely to run into problems and frustrations, esp when you also want to use the hosts file for its intended purpose - to map names to ip addresses. It's going to be pretty annoying when someone makes a typo in the hosts list and you can no longer get to some site because the "connection was refused".
In short... Hosts file as a filter is an effective kludge for now, but a better solution is to use a
Re:No kidding. (Score:5, Insightful)
The only other thing I'd add to your comments is that the presence of a forum seems more likely to indicate safety. Most of the "safe" sites had a forum section, most of the "unsafe" sites don't. Obviously this isn't a hard and fast rule, but a forum where people can complain about the spyware they just downloaded would tend to scare prospective victims away.
Re:Wait... (Score:5, Insightful)
However, the notion of "trusted web sites" is bogus and dangerous (e.g. in web site security, "evil sites are not to be trusted" may be true, but the converse is not necessarily true -- web sites that are not known to be inherently evil are also not "trusted". Companies that build them and run them and put them on the internet for you to puruse don't even trust them. They put them on "sacrificial hosts" in a "DMZ". The *owners* of these web sites don't trust them. Why should anyone else?
The notion of the "trusted web site" is dead. Stone cold it's not pining for the fjords because if it hadn't been nailed there it would be pushing up the daisies, dead.
Take the test (Score:5, Insightful)
The reason is simple. The test is loaded.
You are asked to choose between various free sites and have to judge just buy a screenshot wich one is save. That of course is very hard to do. Worse is that you can't choose the answer "none of the above" wich I think is the only real answer.
Frankly I wouldn't trust any screensaver or smiley site. Period full stop end of story.
Oh and as for people using virus scanners. Well yeah. Because others have hit them over the head and tied them to a chair and then installed the virus scanner for them and then trained them with a cattle prod not to remove it. They still go out of their way to make live hard for the virus scanners and still basically just get it.
Virus scanner == safety belt. Wearing a safety belt doesn't make you a safe driver.
It only takes common sense to keep your machine clean. Right the same common sense that tells you to limit your speed in dangerous road conditions?
Common sense is a misnomer because whatever it is it sure as hell ain't common.
Wrong approach, bad advice (Score:4, Insightful)
The correct approach is to use better software, that blocks Spyware by design.
Re:Completely impractical (Score:2, Insightful)
Re:Wait... (Score:4, Insightful)
Next week "how water is wet".
Question 9 (Score:3, Insightful)
I found the test to be a classic push poll approach.
This is like lining up 16 Nigerian hookers, two at a time , and asking you you to screw one and see if you get AIDS. Well, statistically one in four has AIDS, so by the 16th hooker, you have AIDS -- guaranteed.
But, would you actually screw a Nigerian hooker? Not if you had any knowledge of what you're getting into.
Anyone who goes to a free screensaver website deserves every single virus they ever get. In fact, they deserve to be booted in the head.
The test is rigged in a fashion that ensures that even competent people end up in the mid-range.
In all seriousness, how many web savvy people are going to the types of sites they depict? None.
Re:Wait... (Score:4, Insightful)
That said, I'm starting to get concerned about closed source applications such as Diamond Crush [kde-apps.org] showing up on apps.kde.org. Some of these are much more appealing to geeks. Also, I have wondered what sort of peer review is done on packages at repositories such as www.slacky.it or www.linuxpackages.net. It's nice to be able to download precompiled binaries of open source products that don't come with your distro, but....when I download something from slackware.com or vectorlinux.com, I don't have the same sense of worry about unpleasant easter eggs.
Cheers.
Re:So? I took the test on opera/linux (Score:3, Insightful)
Who cares who wrote them? The packages should be signed by the distributor. Presumably you trust the distributor or you wouldn't be running that distribution.
Re:No kidding. (Score:3, Insightful)
It was an easy test, and was full of clues.
There you go. All the information for scoring eight out of eight. Easy!
Essentially, think about how the website is making its money. If it's pushing something desirable as free, then it's suspicious - so unless it's obviously run by enthusiasts and has an easily-contactable community behind it, then there's almost no such thing as that proverbial free lunch...