Slashdot Mirror

← Back to Stories (view on slashdot.org)

MIT Startup Tests Top Million Sites for Spyware

Posted by ryuzaki0 on from the ads-burning-need-spybot dept.

torrentami writes "An MIT startup called SiteAdvisor has downloaded over 100,000 programs from the top million Web sites and tested them for adware and spyware using an automated system they've built. They've got a blog entry where they dissect 5 of the worst adware bundles they found. There is some amazingly invasive stuff in there."

14 of 243 comments (clear)

  1. End Users Beware by queenb**ch · · Score: 5, Informative

    I can tell you from the experience of working on a network where the end users have very unwisely been made local admins on their workstation that the *only* thing required for a full spyware infection is a nice little surf around the 'net. This is compounded by the problem that they all seem to have some touch of OCD that compels them to click "OK" on anything thing that wants to install itself despite all of our efforts to educate them.

    I will say that it is nice to see someone put quantifable numbers to the things I have long known from practical experience, but this isn't exactly news.

    2 cents,

    Queen B

    --
    HDGary secures my bank :/
  2. Site Mirror by Anonymous Coward · · Score: 1, Informative

    from Mirrordot

  3. coral cache by nabil · · Score: 1, Informative

    http://blog.siteadvisor.com.nyud.net:8090/2006/01/ the_webs_download_disasters_in.html

  4. Slashdotted by the_flyswatter · · Score: 2, Informative

    Here's a mirror: http://www.mirrordot.org/stories/01c106c874a385230 2ab3ebb3303acc6/index.html

  5. Re:How do they define the "top million" sites? by NoMercy · · Score: 2, Informative

    In my quick look though the blog, they quoted Alexa ranking figures. I'd say they're using those to determine how popular sites are.

  6. Very interesting... by skogs · · Score: 4, Informative
    This is a very neat process that I would enjoy having the ability to root around in. Very nice tool, and looks like it has created some excellent data.

    I would enjoy seeing some of the nastier data put forth in a simple list so that I can add them to my banned domain listing on my firewall.

    Currently, I knock down ads(from the ~1800 most active servers), with the wonderful help of the following gentleman.

    # last updated: 2005-12-18 15:17:02

    # The latest version of this list and other ways of viewing it are at:

    # //pgl.yoyo.org/adservers/

    # - Peter Lowe // pgl@yoyo.org

    #

    For the Lazy...

    Now, about that warez/malware/stupid screensaver and other utilities list....

    --
    Who is this that even the wind and the waves obey Him? Surely this computer must submit also!
  7. Re:Oddity... by CyricZ · · Score: 2, Informative

    That is still one site of every ten which offers software for download. Remember, there are many more sites offering just information or other services than there are offering software for download. If anything, I'd think that 10% of the top million sites is an awfully high percentage to be offering downloadable software.

    --
    Cyric Zndovzny at your service.
  8. Re:The major lesson of all this. by Kickboy12 · · Score: 4, Informative

    I disagree.

    People have been saying the same thing for IE vs. Firefox for a couple years now.

    Guess what? I still don't see very many sites getting around Firefox's pop-up blocker, significantly exploiting it's weaknesses, or finding new security holes by the dozen. And yet... I continue to see it with IE. And don't be saying; "Firefox isn't popular, it'll happen eventually". My ass. It's been advertised into the ground.

    Thus, the same concept with *nix vs. Windows. Windows is inherintly insecure, and by the nature of how it works and how it was designed, it makes it easier for advertisers to create software that'll mask itself from everything else. You simply CANT do this on Linux/Unix to the same degree, just as you simply CANT exploit Firefox the same way you can IE. Trust me, I've tried.

    --
    google.slashdot
  9. Similar by Mistlefoot · · Score: 5, Informative

    Education is certainly the key.

    I've been using the HOST file supplied by <URL :http://www.mvps.org/winhelp2002/hosts.htm > the Microsoft MVPS site for the past few years and have not had ANY spyware or Malware or viruses on any of my machines.

    I still run ad-aware and spybot monthly and never see anything but a few cookies.  Once every few weeks I update my HOSTS file and then set it to read-only again and  the 10,000 or so sites it blocks are just that - blocked.

    Web sites load faster too without some of the tracked ad sites loading.  From time to time I get pages that aren't found.....but I can review these as the HOST file is of course text.

    I really do not know why HOST files are not a more common theme on here when setting one up on your Dad's computer saves you from removing crap from it as a hobby.

  10. camera, pda, mp3, better users?!?! by SpectralDesign · · Score: 2, Informative

    Or when they want to hook up their brand-spanking new digital camera/mp3 player/PDA?

    I'm running Ubuntu (Well, Edubuntu, for my son's edification) and I have no problems connecting and utilizing my digital cameras, mp3 players, and PDAs.... It's time to crawl out from under that rock there, dude.

    You don't need a better code to prevent spyware, you need better users. Better system design/code will never beat out a user, unless the design is involves cutting the power to the computer.

    Actually, much of the security of linux comes with the fact that a) filesystem permission structure is more robust than any Windows FS, and b) that you don't generally log in as root (administrator to you Windows folks) to do the day-to-day operating of the system... as a matter of fact, I've never logged in as root on this system... At most, I'll use sudo for things like installing or configuring firewalls, and then resume my regular privileges.

    --
    Be who you are and say what you feel, because those who mind don't matter and those who matter don't mind. - Dr. Seuss
  11. Neat by rune.w · · Score: 2, Informative

    This is a good project and it has the potential of eventually becoming the "Google of spyware". It's a pitty their methods are not explained at a greater detail in their FAQ, but then it prevents spyware companies from finding a quick workaround to fool their system.

    They even have a Firefox extension already: http://www.siteadvisor.com/ffinstall.html

    I'm looking forward to them adding cookie support to their database. Maybe I could finally stop blocking all cookies by default.

  12. Re:The major lesson of all this. by TemporalBeing · · Score: 2, Informative

    Nothing in Unix prevents a user from running a script that says "rm -rf ~", which ends up deleting all of their files. After all, part of the Unix philosophy is not holding the hands of users ;).

    Actually, there is - it is called permissions. Windows does not really understand the execute permission - it just looks at what file type it is, not what the user (or administrator) desires. That is not to say there are not ways to overcome it, or even ways to exploit programs - there are; but the impact is minimalized by how *nix/bsd security is set up. For the most part, it will only affect one user, not all of them; and even that can be minimalized by the default permissions scheme used, and developers not automatically giving downloaded files the execute permission (just read/write).

    There does seem to be an execute permission under Windows, but it is pretty much a joke and no one (not Microsoft, or admins, or anyone else) pays attention to it. So the very fact that *nix/bsd and Mac OS X does pay attention to it (and the community is aware of its use) already puts them lightyears ahead of Windows.

    --
    Truth is like the sun. You can shut it out for a time, but it ain't goin' away. - Elvis Presley (source: imdb.com)
  13. SiteAdvisor does not install Yahoo Toolbar by bedelman · · Score: 4, Informative

    Bombadier,

    I'm on SiteAdvisor's advisory board, and I've tested their products at length. I've never seen anything like SiteAdvisor installing the Yahoo Toolbar, and I'm confident that there's some other explanation for what happened to your computer. Can you send me an email so we can troubleshoot what happened? I want to get to the bottom of this and clear SiteAdvisor's good name.

    Ben Edelman

  14. See Assessment Technologies v. WIREdata by Jamesday · · Score: 2, Informative
    You may well already know this, but it might be of interest to others: I recommend reading the full Assessment Technologies v. WIREdata (slow to load) decision because it's a very well written summary of this area of law. In this case the use of proprietary components to prevent the use of underlying public domain data was found to be invalid.

    As you note, creativity can still prevent a compilation from being in the public domain, if there's some significant original creativity involved. One of the interesting bits of Assessment Technologies v. WIREdata was the requirement to hand over even the bits which might be copyrightable - the database structure - so that the data would be available.

    There's more discussion of the general principle at Feist Publications v. Rural Telephone Service, which contains a fair overview of this aspect of US copyright law.