×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Most Web Users Unable to Spot Spyware

samzenpus posted more than 7 years ago | from the masters-of-disguise dept.

399

Ben writes "According to a Spyware Quiz conducted by McAfee SiteAdvisor , a staggering 97% of Internet users are just one click away from infecting their PCs with spyware. One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

399 comments

Wait... (4, Insightful)

cshank4 (917540) | more than 7 years ago | (#15209609)

That has to be wrong, somehow. A lot of the people I know only go to trusted sites, virus-scan everything, etc etc. It only takes common sense and a slightly focused attention span to keep your machine clean.

Re:Wait... (4, Insightful)

topham (32406) | more than 7 years ago | (#15209624)

The correct way to look at it is to say that it only takes a split second of distraction to get a machine infected.

Re:Wait... (5, Informative)

Mistlefoot (636417) | more than 7 years ago | (#15209767)

I've said it before and I'll say it again.

Maintain an up to date hosts file - the best I've found is from here - http://www.mvps.org/winhelp2002/hosts.htm.

Blocking a site from loading prevents - well prevents if from loading. What more can you ask for? If you keep your file up to date (their most recent hosts file is 6 days old) you certainly are preventing a lot of the risk.

Re:Wait... (1)

Amouth (879122) | more than 7 years ago | (#15209840)

sorry i had to comment on keeping an updated hosts file.. you only need

127.0.0.1localhost

that is all that needs to be in there.. and if you are really that worried about it then you should just make it so that you don't have write access too it.

Re:Wait... (4, Interesting)

Mistlefoot (636417) | more than 7 years ago | (#15209873)

The point is that this hosts file offers 11,000 lines worth of links - that link back to 127.0.0.1

You try to go to www.screensaver.com, for example - and you can't. What a wonderful sounding place to get a screensaver - but apparently it offers spyware or tracks you - don't believe and want to go anyhow? Turn off your hosts file or comment out the line. Simple.

You can read every entry. Nothing hidden. Simple. Preventative. Free. And nothing to install. What more can you ask for?

Completely impractical (4, Insightful)

EmbeddedJanitor (597831) | more than 7 years ago | (#15209915)

... for most www users.

Most www users are not geeks and cannot tell the boundary between their computer and the internet, let alone know how to drive a hosts file etc. Any advice of this form is completely useless to most www users. If the computer says "click on this" they will. Don't expect them to tell the difference between something from MS or the OS and a phishing scheme or other attack.

It is also not reasonable to say that people should know this stuff to use the www. Nonsense! Do you need to know the difference between a knit and purl stich to wear a sweater? Do you need to know what advance and retard are to drive a car? Why the hell should you know what a hosts file is to use the www?

Re:Wait... (0)

Anonymous Coward | more than 7 years ago | (#15209679)

It only takes common sense and a slightly focused attention span to keep your machine clean.

And you don't need much of those either. Believe me, I know. But I can tell you this, unless they're getting really good at hiding running processes, I have three years and counting without a single infection. Could be paranoia though. I get suspicious of every blink of the activity light on the router that doesn't result from my keyboard's "enter" key.

Re:Wait... (2, Informative)

sqlrob (173498) | more than 7 years ago | (#15209706)

But I can tell you this, unless they're getting really good at hiding running processes

It's a basic function of most rootkits.

Re:Wait...Spyware is here (0)

Anonymous Coward | more than 7 years ago | (#15209777)

I just saw the Microsoft ad on this particular article! Just coming to this page infected me with more Microsoft spyware, how can I remove it now?

Re:Wait... (1)

emptycorp (908368) | more than 7 years ago | (#15209968)

Maybe people still end up with it because #1 IE is still the #1 browser, #2, don't you think the spyware programmers try to make it so you'll end up with spyware regardless of what you know or don't know?

The other 3% (0)

Anonymous Coward | more than 7 years ago | (#15209610)

...can't spot it either, but they use Macs-- so it's a moot point.

And let me guess (5, Insightful)

Anonymous Coward | more than 7 years ago | (#15209612)

McAfee will sell me the software to help save me.

Re:And let me guess (1)

quentin_quayle (868719) | more than 7 years ago | (#15209887)

"And let me guess ... McAfee will sell me the software to help save me."

It's a remarkable fact that people will buy all sorts of apps to protect themselves against third party exploits, yet it never seems to occur to them that security has to be against the vendors too.

So this "McAfee SiteAdvisor" is going to monitor every site you visit and check with some central DB to give ratings? Well, at least the buyer knows that's what it's doing, and installs it voluntarily, but those are not criteria in my definition of spyware. The delivery, in effect, of all this data about the user to a profit-oriented company qualifies this as voluntary spyware as far as I'm concerned.

But hey, if you can't restrain yourself from downloading and running unnecessary executables whenever you see something flashy, maybe you're better off with this hand-holding, spyware and all.

100% thing... (3, Insightful)

jigjigga (903943) | more than 7 years ago | (#15209613)

Well, I wager that even though 100% of these "high IQ" users may visit one of these sites, 99.99% don't become infected by it.

VMWare (2, Interesting)

foundme (897346) | more than 7 years ago | (#15209620)

That's why I'm using VMWare's non-persistent feature so that my internet-facing OS is always the same, except after updates have been installed.

Re:VMWare (2, Informative)

svallarian (43156) | more than 7 years ago | (#15209949)

Sandboxie works really, really good for this purpose. You can sandbox IE (or any other app for this purpose) and even if you get infected by spyware, as soon as you close IE, all is gone.

http://www.sandboxie.com/ [sandboxie.com]

Sorry (4, Insightful)

Rick Zeman (15628) | more than 7 years ago | (#15209621)

But Mac and Linux users comprise more than 3% of Internet users!

Re:Sorry (1)

ZakuSage (874456) | more than 7 years ago | (#15209743)

Isn't really relavent. As long as we are one click away from reaching a spyware site, then we are included, according to this "study". This whole thing doesn't really prove anything, just that there's a lot of malware on the net.

Bad quiz (5, Insightful)

samtihen (798412) | more than 7 years ago | (#15209622)

The quiz in question has you choose which of two sites, based on screenshots, has spyware. The sites were all for things like screen savers, song lyrics, and free game downloads. That is a terrible, terrible way to judge a users capability to determine if something has spyware.

Re:Bad quiz (3, Insightful)

Anonymous Coward | more than 7 years ago | (#15209653)

The quiz in question has you choose which of two sites, based on screenshots, has spyware. The sites were all for things like screen savers, song lyrics, and free game downloads. That is a terrible, terrible way to judge a users capability to determine if something has spyware.

No crap. In some of the screenshots, you can't even see the whole screen, to say the least of not interacting with it. In many of the choices, I wouldn't visit either site.

It's also worth noting that the quiz is by a major commercial anti-spyware company.

I think this is a sales gimmick more than anything else.

Re:Bad quiz (4, Insightful)

SocietyoftheFist (316444) | more than 7 years ago | (#15209656)

When I saw the first question I laughed out loud. I guess they may be going on the domain name but the quiz is really bad. I took it and got 4 out of 8. I guess you are supposed to go research the sites because there reasonings for answers couldn't be gleaned from the screen shots. Funny, I've never had a virus or spyware on my machine, I don't allow automatic anything, and I failed! What a joke.

No kidding. (5, Informative)

Zerathdune (912589) | more than 7 years ago | (#15209849)

I got a 5 of 8, and that's cheating by having heard of kazaa and emule. I doubt few people would have seen through the "NO SPYWARE" label that was 2nd in size only to the word Kazaa, without prior knowledge, but I bet a lot more would have been able to figure it out from seeing the actual site, not a 798 x 600 screenshot (what a random number,) and I bet even more are smart enough to not touch it if they don't know what it is, but this quiz doesn't account for any of that, and it pics the kind of sites that are visited mostly by the segment of the population who ISN'T educated about this stuff. screen savers, smilies, and pretty much anything that says it's free, but doesn't say open source - stay away or be very freakin' cautious.

let's go through the quiz (if you want to see for yourself untainted, do so before reading this):

the first 4 questions have you determine which of two sites is safe, based on screen shots.

question 1: choose between two screen saver distrobution sites. like all the others, it's just a screenshot, and doesn't even show the whole front page, let alone users look at other pages. the only decernable difference is that the first one looks more professional, so heeding the remarks in the article that said most users seem to think that means it's safe, and "reading between the lines," I picked the other one, since there was no logical way to decide. I was wrong.

question 2: smilies. the one on the right looked more professional, and said "NO UNWANTED SOFTWARE" in a very easily spotted location, with big letters, and the other in regular sized font, in the bottom right, had a half cut off message that pretty clearly stated (even with incompete sentances) that it contained spyware, so I picked the one on the right, this time with some actual info to go on. I was right.

question 3: free games. the sites had no noticeable differences in professionalism, no warnings or advertising of spyware freeness either way, nothing to go on that really made any sense to actually use, so I decided that TotallyFunFreeStuff was trying to hard, and was probably hiding something, and picked the other. I was right.

question 4: Lyrics. important to note that this one used active X, so it's irrelevant to anyone who's not dumb enough to still regularly use IE anyways, which now that I mention it, I think I'll soon put a rant about McAffee and that that in my Journal (will be a first entry,) but it's to much of a tangent for this post. anyways, the one on the left looked more professional, and the one on the right had a "firefox blocked a popup" message on it, so I picked the left (entirely because of the message, I continue to mention the professionalism because the article made a stink about it.) I'd like to note that the thing I took as a tip off wouldn't be availible if I were seceptable to this at all, as it's a firefox message, which doesn't do active X. In any case, I was wrong.

the last 4 questions had you determine whether a file sharing program was safe based on the usual screenshot of the webpage.

Bearshare: site looks professional, there's a link for a "FREE Sponsored version," sponsored sets off a red flag in my mind, I say no. I'm right.

eMule: worst site design of the four astheticly, says it's open source, I've heard of it, I say yes. I'm right.

blubster: pretty sleek front page design, though it feels like a splash screen, so there's almost no information. nothing to go on really except that it says it's 100% free, which given the fact that OSS/Free software tends to advertize itself as such, and they didn't, probably meant add supported, but for some incomprehensible reason I still picked yes. I'm wrong.

Kazaa: slick page, big "NO SPYWARE" label on the font page, there's a main section for the privacy thing, which I bet a lot of people would have looked at if it were a page, not a picture, but instead just trusted it because the label was all they had to go on. I was familiar with the software though, so I said no. I was right.

I get the sense they rigged the thing just to premote the software. it's such a poorly designed a survey that I would have supsected it even if they had no mention of the software anywhere near the survey. (I'm not bashing the software itself though, just the marketing tactics. and oh, you can take the test as many times as you want (hey guys, let's "correct" the results, now that we have the answer key, hehehe) and if you want to look at the answers again, you have to go through the test, the fastest way to do so is to just say next on everything as it doesn't require an answer (and still counts against you, so my average score is now a 2.5.)

Re:No kidding. (1)

Crizp (216129) | more than 7 years ago | (#15209919)

Screen savers, smilies, and pretty much anything that says it's free, but doesn't say open source - stay away or be very freakin' cautious.
That's very good advice, one I've been applying - and giving not-quite-as-geeky friends - when looking for "shareware-type" apps: Just add "GPL" to the search query.

Re:Bad quiz (3, Insightful)

jonnythan (79727) | more than 7 years ago | (#15209720)

Ummmmm..... I think that's the point.

You sometimes can't tell what software will have bundled spyware or adware, (especially in such an obviously biased quiz) which is why you're going to need to purchase McAfee's anti-spyware software.

Hello, McFly...

Re:Bad quiz (2, Insightful)

rmdir -r * (716956) | more than 7 years ago | (#15209900)

Seconded. And while there are some sites that do drive-by downloads if you've got the wrong browser/OS pair, there is essentially no way you can know that ahead of time.

Anyway, look at the `quiz'. It's a collection of screenshots. There is no data you can use except `this site looks too corporate', or `I've heard bad things about kazaa'.

It's not a quiz of your mad spyware spotting skillz, it's a marketing attempt. And did anyone else find it funny that their copy of firefox had the little `update me!' red arrow in the top-left corner? Didn't that go away in the latest version?

They should work on their own security :).

Re:Bad quiz (2, Insightful)

Brandybuck (704397) | more than 7 years ago | (#15209984)

No, the point is that sites for free screensavers, games, and lyrics are all full of spyware.

It's like saying users can't tell which scraggy whore has the clap, so they should all buy new McAfee Anti-Itch cream so they can keep on screwing scraggy whores with the clap. If you compare users with the clap to users without the clap, you notice a strong correlation to choice of partner.

Re:Bad quiz (2, Insightful)

PatriceVignon (957563) | more than 7 years ago | (#15209769)

So where do I click for the "none of the above" answer? Everyone who downloads screensavers, games, ... or has turned ActiveX on in his browser just deserves to get infected with spyware!
And, what a surprise, the test is run by McAfee, who wants to sell me "protection" against spyware. Protection as in "catches 97% of the spyware that has been out for more than a month" (just made up those numbers). No thanks.

Re:Bad quiz (1)

CosmeticLobotamy (155360) | more than 7 years ago | (#15209823)

If they gave you the tools to find out what the hell was going on, you might pass, and then their idiotic marketing gimmick wouldn't work.

Re:Bad quiz (5, Insightful)

quentin_quayle (868719) | more than 7 years ago | (#15209839)

Right. It's more like "Assuming you are going to download an exe of some frivolous applet, and install it as Administrator on Windows, on a whim, which site will you get it from?"

If this applies to you, you've already flunked the real-world test. If they had a third option "I'll get software only when it's important, and then only from sources I've thoroughly researched and have objective reason to trust" - then this quiz would be a public service. As is, it just encourages the proliferation of Windows malware.

Sure (4, Insightful)

TheRealMindChild (743925) | more than 7 years ago | (#15209623)

One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity.

Sure, we like to visit places like http://www.cracks.am [cracks.am], who actually write their own spyware. But I am not so sure that qualifies me as ever installing any of their garbage.

How? (2, Interesting)

AnalystX (633807) | more than 7 years ago | (#15209626)

How exactly does that matter if less than 97% can get infected with spyware, or were they only testing people with systems that didn't safeguard against such? I would assume more people are careless about such things because they have anti-spyware software installed or are running an OS other than Windows.

Follow the money (3, Insightful)

Roachgod (589171) | more than 7 years ago | (#15209632)

Clearly the message is to just give up and pay the anti-virus/anti-spyware people a bunch of cash.

The real way to combat this is to hold website owners responsible if they are hosting such malware.

Re:Follow the money (0, Troll)

ScrewMaster (602015) | more than 7 years ago | (#15209651)

How, exactly?

Re:Follow the money (1)

JonathanR (852748) | more than 7 years ago | (#15209666)

DoS

Re:Follow the money (1)

ScrewMaster (602015) | more than 7 years ago | (#15209770)

Well, what these malware types are doing is possibly, probably illegal ... but a denial of service attack most certainly is, at least here in the U.S. The old two wrongs don't make a right thing, and all that.

Besides, the natural result of a globe-spanning technology that can send a packet from here to there (where there can be any place on the entire planet) in milliseconds is a near-total lack of accountability on the part of malefactors. Nothing much is going to change that ... the only real offense is a stellar defense.

Re:Follow the money (0)

Anonymous Coward | more than 7 years ago | (#15209657)

they can host whatever they want. probably would go under 1st amendment.

Re:Follow the money (2, Insightful)

ScrewMaster (602015) | more than 7 years ago | (#15209746)

I dunno if free speech covers theft of information and vandalism, which is what we're really talking about here. They have the right to say anything they want ... whether the First Amendment gives them the right to run arbitrary code on my computer is something else again.

Re:Follow the money (1, Interesting)

iminplaya (723125) | more than 7 years ago | (#15209761)

The real way to combat this is to hold website owners responsible if they are hosting such malware.

No, the real way to combat this is to hold the OS(and hardware for that mattter) maker responsible for making the software so easily and provocatively exploitable for possibly more sinister reasons than they are letting on. Another way to combat this would be a prohibition against cheap commodity equipment(hardware and software) on critical(banking, hospital, military, air traffic control, etc.) systems. Aircraft parts have to be certified as airworthy. Critical systems operators should only use "networthy" computers. We need a form of UL(Underwriters Laboratories) to certify computers and networks.

Wow! (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#15209633)

In other news:

Most Windows users unable to avoiding pissing on their own shoes while at the urinal.
Most Windows users unable to roll on condom without breaking it.
Most Windows users unable to have sex with their girlfriend/wife without thinking of their mother.

Here's a tip: Use Linux or OS X. No spyware!!!! Who would have thought???

Linux and Mac and BSD (1)

xx_toran_xx (936474) | more than 7 years ago | (#15209634)

Windows is the only operating system suceptible to spyware. I am SURE that users of alternative operating systems comprise more than 3% of internet users.

Yet another misleading article. They should at least get their facts right.

Re:Linux and Mac and BSD (0)

Anonymous Coward | more than 7 years ago | (#15209757)

What makes you think that the other operating systems are not susceptible as well? All of the browsers have security flaws, it's just that malware for other browsers/OS's is just less common (because the other OS's are less common). You can bet your bottom dollar that malware would abound for the other OS's as well if they were more common.

Re:Linux and Mac and BSD (1)

remembertomorrow (959064) | more than 7 years ago | (#15209804)

And also the fact that, on other operating systems, you normally run as an unprivileged user, and are required to escalate your privileges in order to make any system-wide changes. (or changes outside of your home folder)

Re:Linux and Mac and BSD (1)

santaliqueur (893476) | more than 7 years ago | (#15209805)

You can bet your bottom dollar that malware would abound for the other OS's as well if they were more common.

you clearly don't understand WHY windows is so insecure, and why linux/bsd/mac operating systems are so secure.

Stupid quiz as usual (5, Insightful)

MalleusEBHC (597600) | more than 7 years ago | (#15209647)

This is just like a "spot the phishing email" quiz I saw. Just looking at a picture gives you no context. Did you get the link from a reliable source? What OS/browser are you running. (I'm definitely more willing to check out something suspicious in Safari than Internet Explorer.) Are you dumb enough to download and run something from the site.

Re:Stupid quiz as usual (1)

Zerathdune (912589) | more than 7 years ago | (#15209908)

What OS/browser are you running.

ha, they're using firefox themselves, and the only question where you can get hurt without downloading and installing something manually, is an Active X thing.

My Score (1)

pinano (797433) | more than 7 years ago | (#15209649)

I got 6 out of 8 (both of my misses were regarding P2P software). What did you get?

Re:My Score (0)

Anonymous Coward | more than 7 years ago | (#15209662)

7 out of 8. I missed the clean, light blue, p2p program site. But, honestly, every single site the quiz listed looked pretty fucking shady.

Re:My Score (0)

Anonymous Coward | more than 7 years ago | (#15209671)

I got 6 out of 8 as well, but the ones I missed were lyrics and games. I just didn't see enough in the screenshot to know for sure. They both looked a bit shady really. A test like that is really lacking context.

Re:My Score (3, Funny)

Frogbert (589961) | more than 7 years ago | (#15209683)

I thought the site with active x spyware was a trick question. They clearly use Firefox and therefore don't suffer from such nonsense.

Re:My Score (1)

rts008 (812749) | more than 7 years ago | (#15209687)

I don't know....after first page all I could get was:
"Sorry, we couldn't find the page you were looking for.
Return to our home page.
Leave us feedback."
Tho' I was using Firefox with no script and adblock plus extensions! :)

So close (1)

MachDelta (704883) | more than 7 years ago | (#15209817)

I got 7 out of 8... I would have had 8/8 but I second guessed myself on one of the P2P programs at the last second. D'oh.

A bit of sarcasm (1)

cranesan (526741) | more than 7 years ago | (#15209660)

This is very surprising. If they had not done this study, I never would have believed the results.

This is an idiotic quiz. (4, Insightful)

aussersterne (212916) | more than 7 years ago | (#15209661)

It contains no technical information or interactivity whatsoever. No status bar information, no ability to view page source, just screen grabs of random web sites.

This is a completely invalid, unsound test, as there is no technical way to determine the presence of malicious software simply by looking at a page as it initially loads in the absence of any ability to interact with it or at the very freaking least scroll up or down or hover a mouse... sheesh...

It's like blindfolding someone and then blaming them for not being able to catch a baseball pitch, facing away from the thrower, with their bare hands. Of course they won't be able to, if you take away every single useful tool for them to accomplish the task.

Re:This is an idiotic quiz. (1)

kfg (145172) | more than 7 years ago | (#15209871)

It's like blindfolding someone and then blaming them for not being able to catch a baseball pitch, facing away from the thrower, with their bare hands. Of course they won't be able to, if you take away every single useful tool for them to accomplish the task.

Bend over and spread 'em.

KFG

Re:This is an idiotic quiz. (1)

iminplaya (723125) | more than 7 years ago | (#15209891)

It's like blindfolding someone and then blaming them for not being able to catch a baseball pitch...

This is precisely how your average receptionist at the real estate office cruises around the net. Technology? What's that? They see smilies and emoicons for their IM, and they gotta have it. Hey, it's free! These people need to be able to trust their machine to a certain extent. They shouldn't have to sniff every packet going through the wire. It should be no different than being able to trust a car to function normally without having to know what makes it go. Computers are still more like a 1915 Ford Jalopy than a 2005 Toyota. They're still not ready for prime time. Keeping them healthy still takes some knowledge of the inner workings. However, I will grant that the malware writers are the computer equivelent of a guy throwing nails on the roadway or rocks from the overpass. So we need the eqivelent of puncture proof tires and good safety glass. As it is, we just make it too easy for the bad guy with our junk equipment.

Re:This is an idiotic quiz. (1)

Zerathdune (912589) | more than 7 years ago | (#15209936)

granted, but those people are not 97% of the population. no matter how fair the quiz is, some people are going to bomb it because some people doing know what the fuck they're doing. but if you make the quiz so rediculously biased that those of us who run servers at home just for fun don't do much better, you completely invalidate the results.

Not quite kosher. (1)

aussersterne (212916) | more than 7 years ago | (#15209952)

The problem is that by saying that users can't tell the difference, the quiz implies that that users were fairly tested and failed, when in truth, the test is effectively rigged to be impossible to pass by anything other than pure chance, thereby providing a guaranteed result for the seller of the product in question.

I completely agree that most users don't have the technical skill to spot a spoof email or determine whether a link actually goes where it says it does... so there was NO NEED for this rigged, idiotic test that simply helps to miseducate users further by implying (to their understanding) that the only way to try to make such determinations is by staring dumbly at a screen. In short, not only is the test rigged and pointless, but it also effectively spreads misinformation to the very users most in need of the sort of help it purports to provide.

That's my point. There's nothing slimier than being slimy just for the sake of it when you can achieve smiliar results by being fair and open. It speaks very ill of the company that produced the quiz.

Flawed quiz (5, Insightful)

siwelwerd (869956) | more than 7 years ago | (#15209663)

This quiz doesn't measure anything. Where's the option for "Both of these look suspicious and I wouldn't go near either of them"?

Re:Flawed quiz (4, Insightful)

Smallpond (221300) | more than 7 years ago | (#15209705)

It measures two things:

1) How many people will stay interested enough to finish the quiz.

2) Free focus group when article is posted on /.

Re:Flawed quiz (1)

DesireCampbell (923687) | more than 7 years ago | (#15209867)

Really though. This might be the stupidest 'article' I've ever read. "97% of Internet users" [that number is so obviuosly made up I won't even talk about it] "are just one click away from infecting their PCs with spyware." [and the other 3% need to double click?!]

EVERYBODY is 'one click' away from spyware - they're also one step away from falling off a cliff, and it only takes one straw to break the camel's back...

Who the hell clicks on ANY of that shit?!

Requires javascript. (5, Funny)

jZnat (793348) | more than 7 years ago | (#15209670)

Since the quiz requires JavaScript, and since I have that by default disabled, I think I passed the test.

Not sure I agree with their methods (5, Insightful)

Digital_Quartz (75366) | more than 7 years ago | (#15209686)

The quiz (http://www.siteadvisor.com/quizzes/spyware_0306.h tml [siteadvisor.com]) asks questions like "Which of these smiley download sites is safe?" The answer I'd pick is "I don't care which one is safe, I wouldn't ever download something so pointless and high risk to begin with", but that option isn't available.

Re:Not sure I agree with their methods (5, Funny)

ucblockhead (63650) | more than 7 years ago | (#15209888)

Exactly. It's like saying "One of these prostitutes as herpes and the other is clean! If you can't tell the difference, you need to buy one of our prostitute STD test kits before leaving the house or you WILL be infected!!!"

Missing Poll Option (4, Informative)

rcw-home (122017) | more than 7 years ago | (#15209694)

For questions 1-4: None Of The Above!

Seriously, is McAfee trying to imply that some executable code you download off the Internet from people/organizations of unknown repute is safe?

BTW, if 3% of people answered their questions correctly, that means that 5 of 8 questions effectively had 50% odds. For example, if 50% of people were able to get questions 5-8 correct, and everyone just flipped a coin to answer questions 1-4, you'd get a 3% all-correct rate.

Re:Missing Poll Option (1)

Petrushka (815171) | more than 7 years ago | (#15209825)

Indeed. They gave me a score of 3 out of 8 even though I only answered three questions. The answer to the other five was, of course, "I wouldn't trust either of these sites".

MOD PARENT UP (0)

Anonymous Coward | more than 7 years ago | (#15209937)

My God, he hit the nail on the head. Good show.

Think of it as another way to advertise! (3, Funny)

Parallax Blue (836836) | more than 7 years ago | (#15209718)

Give users a cool, savvy looking test that makes them choose between two equally suspicious looking webpages, then reveal their horrible results. Oh no! But with SiteAdvisor, never fear... you'll have a handy site report to base your decisions off of!

Yes, easy to see what the purpose of this test REALLY is... promotion promotion promotion! I'd even point to the fact that this is on /. as an indicator it's a shameless plug for their product, except the majority of intelligent Slashdotters is hardly prone to falling for this.

Then again, what do I know? I got a 5 out of 8 on the quiz. Boy, am I a dumb intarweb user! Better go install that SiteAdvisor after all...

ActiveX in Firefox? (3, Funny)

jonnythan (79727) | more than 7 years ago | (#15209730)

I love it.

McAfee claims that one of the lyrics sites has "delivered adware through ActiveX" via Firefox.

Re:ActiveX in Firefox? (1)

rmdir -r * (716956) | more than 7 years ago | (#15209909)

Though perhaps for them it almost does- one of those screenshots had a little arrow-and-IE logo, which I believe is part of an extension allows you to forward pages to Internet Explorer if you use firefox on windows.

So for specific users, it might tangentially be true- they can launch IE from Firefox and get pwnd by ActiveX!

FireFox (4, Informative)

OctoberSky (888619) | more than 7 years ago | (#15209734)

Notice the Top Right of any pic. Thier FireFox is out of date.

And that is just another reason I don't use McAfee.

HORRIBLE Quiz (1)

Omicron (79581) | more than 7 years ago | (#15209742)

I took the quiz - it's a terrible format. It shows you a SCREENSHOT of two different sites (say two free screensavers sites...) and asks you "what one do you think is bad". How lame is that? There is no way you can judge if a site has spyware just by looking at it. One of questions even said "wrong - this site delivers it's games via an active x control that contains spyware". Well how the heck are you supposed to know that from a screenshot? I'm sorry, but that is a very, very flawed quiz. I'm apparently a high risk user even though I haven't had one case of spyware on any machines in over two years.

A better quiz would be to pop up both sites, let you investigate a little - of course, I could have done that as part of the quiz, but I didn't feel like working at it that much tonight :)

It's kind of like the AIDS awareness posters they used to have up at campus - you can't tell just by looking at someone! True in this case as well.

Safety is simple (1)

Wirenut (35274) | more than 7 years ago | (#15209747)

Use Firefox or Opera, disable Java and Javascript.

End of problem - next quiz, please.

Staggering Users Only (1)

JonathanR (852748) | more than 7 years ago | (#15209755)

Only staggering internet users are affected by this. Even then, three percent avoid the pitfall.

Man ... (1)

gstoddart (321705) | more than 7 years ago | (#15209763)

I'm thinking most people are surfing for stuff that I never think to. In 20 or so years of using a computer, and 15+ years of being able to access the internet, I don't believe I've ever had a single virus, malware, spyware, or whatever.

Then again, I don't want animated cursors, free screen savers, or any of that stuff.

Then again, I primarily surf from a Mozilla with no plugins enabled, prompts for cookies, and a hosts file to block everything. So I'm probably not the typical web-user.

Solution : Trusted Build Agents (1)

NZheretic (23872) | more than 7 years ago | (#15209764)

The Twelfth step in TrustABLE IT [blogspot.com]
[12] Governments, organizations and individuals are becoming increasingly concerned about software compatibility, conflicts and the possible existence of spyware in the software applications they use. If you have access to the source code, then you can check it and compile it for yourself. This is not an option for closed source proprietary applications, and not everyone has the resources to check each line of source code. One solution for these issues is to employ a trusted third party, separate from the application developer, who is tasked with maintaining a trusted build environment, to build the binaries from source code. The Trusted Build Agent (TBA) would hold the source to each build in escrow, releasing the source code for only open source licensed code. Competing businesses providing a TBA service in a free market would compete with each other in not only price and level of certification, but also on the ability to detect hostile, vulnerable, incompatible or just plain buggy source code. You could request a trusted build from multiple TBAs test the ability to detect defects. Defects would be reported back to the application developers, along with any patches and suggestions that provide a fix. To a lesser extent, most Linux distributions and other operating system vendors that build and redistribute open source licensed code already provide this role.

Firefox when secured.... (5, Interesting)

ezratrumpet (937206) | more than 7 years ago | (#15209768)

I came across a 7th grader who managed to load up a Win98 machine with 14 different pieces of spyware with 1 click in IE. We wiped the machine with an industrial strength removal program, installed Firefox, locked it down, and asked her to go out to the same website. NOTHING - not one single piece of spyware - got through on Firefox. At that moment, I converted for life.

I'm confused (1)

Theatetus (521747) | more than 7 years ago | (#15209771)

So I took the quiz, and the first 4 questions didn't have the correct answer as an option. The correct answer is "do not download binaries from unknown sources."

Seriously, if you're asking which smiley or screensaver site is "safe", you've completely missed the point. Downloading binary files from arbitrary sources is inherently unsafe. Build from source, or do without whatever it is.

Not that great a test (1)

Master of Transhuman (597628) | more than 7 years ago | (#15209780)

I got four out of eight wrong, but then I don't use any of the P2P programs listed, so I'm not up on the current ones as to which has spyware embedded. Of course, I KNEW Kazaa did, so that one was easy. I've never used BearShare or eMule and never heard of the other one.

Since I run Firefox with no ActiveX, and on the Windows side I run at least four antispyware programs, I'd say my performance on the quix isn't terribly relevant.

Also, the fact that the SITE has downloads with spyware doesn't necessarily mean that any specific SOFTWARE I download has it. I tend to get my freeware from sites that check for that sort of thing anyway. And I never download crap software like screensavers, smilies, and the like. If I get a smilie, it's an animated GIF. I only download utilities that seem to have been written by someone with a clue.

I'd say this is hype from the security software guys again. I'm sure a better quix could be developed - but it wouldn't matter since most people aren't concerned about computer security anyway - as the horrible results demonstrate.

Teach people to dump IE and ActiveX and design the browsers to turn off scripting and applets by default and provide prompts and sandboxes, and spyware will go the way of the dodo.

Browsing with Firefox (-1, Redundant)

Anonymous Coward | more than 7 years ago | (#15209789)

One of the questions claimed that one lyrics site contained
spyware through activeX. However, from the screenshots,
it looks like they're being viewed through firefox, so
wouldn't they both be safe?

Well, that's not too surprising, after all. (5, Funny)

ScrewMaster (602015) | more than 7 years ago | (#15209791)

Most Web Users Unable to Spot Spyware

Well, I guess that's why they call it spyware, don't they. I mean, what kind of spy would be easy to spot? Wouldn't be a very good spy, now would he.

Is there any suprise about that? (0)

Anonymous Coward | more than 7 years ago | (#15209803)

Most of the boxes that are popping up are getting increasingly cloak and dagger.

For me, its gotten to the point where I don't even trust a "close" button on these popups

Something akin to clamping down on false advertising (or just plain fraud) needs to be done.

Re:Is there any suprise about that? (1)

ScrewMaster (602015) | more than 7 years ago | (#15209837)

Something akin to clamping down on false advertising (or just plain fraud) needs to be done.

I think clamping down on their testicles with a pair of electrodes hooked to a neon transformer would be just about right.

In other news... (5, Funny)

geobeck (924637) | more than 7 years ago | (#15209808)

Most web users are unable to tell what browser they are using. Or operating system, for that matter.

Support: What web browser are you using?
User: Microsoft Excel.
Support: Okay, what operating system are you using?
User: Um... Dell?

irony (1, Funny)

Anonymous Coward | more than 7 years ago | (#15209813)

did they gather these results with spyware?

6 of 8 after researching all the sites (2, Insightful)

ender- (42944) | more than 7 years ago | (#15209827)

I went to each one of the sites before answering. I still missed two of them.

First I missed the lyrics sites. One of them supposedly installs activeX adware. I couldn't tell this since I'm using Firefox in Linux.

Then I missed one of the P2P software sites. I incorrectly decided that Blubster was safe, even after looking through the site. They do mention that they take information given when you fill out a contact form, but I didn't see any mention in the terms of use or privacy policy regarding anything in the software itself.

Of course, I would have never actually downloaded that in the first place. I knew emule was safe though. Yay open source! :) And Kazaa has a long history of being full of crap that's bad for your system. Ugh.

So yeah, I missed 2 of them, but would not have been infected by any of the bad sites. Mostly I just think this quiz is lame.

SiteAdvisor == spyware? (1)

z1234321 (966250) | more than 7 years ago | (#15209831)

I find it humorous that the system used to prevent spyware also tracks the score people get on a quiz and what sites they visited for at least 30 days thereafter.

That's Totally Wrong (1)

Doomedsnowball (921841) | more than 7 years ago | (#15209838)

Everyone (read: 100%) knows that 47.6 percent of all statistics are made up on the spot. I mean, sheesh, I haven't had any spyware, virus, trojan, malware, etc on my machine for about six months now. I'm a heavy user and so are my friends. I think it's a testament to just how stupid people are. Oops! I almost said 'americans'. Then I would have been flagged for trolling.

Typical Marketing (1, Insightful)

Anonymous Coward | more than 7 years ago | (#15209850)

This quiz is supposed to scare people into buy their product, nothing more. No useful statistics can be gleaned from it.
If they wanted to make an accurate assesment they would set people up with a VM with a resonably patch version of windows, and big shiny icons for both IE and firefox and say "Browse the internet for an hour" and see how the machines were affected.

PS: I got a 5 out of 8 on the test, but only because there was no option to say "Why would I be dowloading lyics or smilies in the first place -- these things or more likely to have spyware than pr0n?" That and I guess they want you to trust eMule.

30 minute man (0)

Anonymous Coward | more than 7 years ago | (#15209890)

I'll fight tooth and nail to rid my windows os of that annoying spyware trying to replicate and connect out on random ports. Eventually it will win and I'll give up. Twenty minutes after the new install I'll be back on astalavista... trying to get that crack for some new antivirus I think will work. Yes, I know I just picked up the same spyware/adware/malware that caused me to reinstall in the first place. Still, I'll do it again and again, because damnit there isn't anything that can stop it anyways. All the antivirus out there just tells you that you have a problem. I haven't had any antivirus remove anything in the last 5 years, and I try them all. Two tears in a bucket...

THIS just in... (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#15209926)

I'm smarter than everyone else becuase I use Linux!!!!!!
I'm a shutin angry nerd with a chip on my shoulder that needs my ego stroked.
Nevermind my co-workers(tey're stupid! LOL!) forced me into the server closet because of my personality and need to spread the gospel of
FREE OPen soures SOFTWARE!!! Linex!!!

It's all microsoft's fault! Pirate windows today in th ename of FREEDOM@!!!!

Anyone else notice (1)

Firehed (942385) | more than 7 years ago | (#15209933)

Anyone else that took the quiz notice that their Firefox window had some unapplied updates? Also, a screenshot of a website can't provide much information, especially when you can't even do as much as scroll down to see what their privacy policy is.

Popups (1)

Pleb'a.nz (712848) | more than 7 years ago | (#15209938)

If a site has popups when I hit the first page, I dont go any further.. it's a desperate sign of revenue gathering. Who knows what else they would do to get money... *cough*

Most slashdot editors can't identify news. (1)

MushMouth (5650) | more than 7 years ago | (#15209962)

In a test of slashdot editors 97% were unable to differentiate between news or a corporate press release. Successful identification dropped to 0% if either Google or a Microsoft competitor supplied the article. When asked about his editors incompetance Rob "Cmdr Taco" Malda explained "We just pick the articles with pretty colors, as we really don't have time for anything other than wacking of to pictures of Linus Torvolds and sending resume's and cover letters to Sergie Brin"

Even the scoring is suspect (0)

Anonymous Coward | more than 7 years ago | (#15209975)

I just took the quiz, didn't choose any of the offered sites as safe, and scored a zero. WTF, how could I get spyware from not using the site in the first place.

Gimme a break....
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...