Slashdot Mirror

← Back to Stories (view on slashdot.org)

MIT Startup Tests Top Million Sites for Spyware

Posted by ryuzaki0 on from the ads-burning-need-spybot dept.

torrentami writes "An MIT startup called SiteAdvisor has downloaded over 100,000 programs from the top million Web sites and tested them for adware and spyware using an automated system they've built. They've got a blog entry where they dissect 5 of the worst adware bundles they found. There is some amazingly invasive stuff in there."

8 of 243 comments (clear)

  1. What about the rest? by Anonymous Coward · · Score: 5, Interesting

    I hope they have a "submit site" function for people to test random sites....

    1. Re:What about the rest? by TheSpoom · · Score: 4, Interesting

      That is a really good idea. Better yet, have a browser component that tells users, on the fly, what previous attempts at scanning the site have revealed (as they would have to be cached in order to have any sort of performance server-side). If a user notices that a site now offers spyware downloads, they could request that it get reexamined, and popular sites would get automatically reexamined often. This could be done using a cheap subscription model.

      Has someone done this? It seems so obvious now that I've thought about it.

      --
      It's better to vote for what you want and not get it than to vote for what you don't want and get it.
      - E. Debs
  2. Do what we say, not what we do? by Jamesday · · Score: 3, Interesting

    "We've also made our data available under Creative Commons License 2.5". Data is ineligible for copyright cover in the United States, so no license is needed or can apply.

    They wouldn't bundle an unnecessary license with useful data just after writing about bundling unnecessary software with desired applications, would they? :)

    It is useful outside the US, though, so this is actually a but tongue in cheek. :)

  3. No reason to be vulnerable to spyware. by CyricZ · · Score: 5, Interesting

    Have you tried the recent Kubuntu releases? If not, give it a try. It is by far one of the most easiest systems to install these days. Even easier to keep up to date, as well.

    I was recently asked to set up some computer systems at a seniors home. Now, many of these people have never used a PC. So we were able to acquire several used PCs for almost no cost, and I installed Kubuntu on their systems. We got them set up so that they could check their email, browse the WWW, use various instant messengers to chat with relatives, and even play games (bridge and backgammon were big favourites).

    Now, why did I go with Kubuntu? Mainly because it is free, and it is quality software that is quite easy to use. But more importantly, I wanted these systems to always be available to these people. I know that they might visit malicious sites. I wouldn't want that resulting in their systems being compromised just because of that.

    You may deny it, but the fact of the matter is that Linux systems won't get infected with spyware at this time. Sure, that may change in the future, but I'm doubtful about that. The basic (yet significant) differences in code quality and architecture are enough to leave Linux (and other non-Microsoft) systems far more secure and usable, even in the fact of malicious software.

    --
    Cyric Zndovzny at your service.
    1. Re:No reason to be vulnerable to spyware. by CyricZ · · Score: 4, Interesting

      I advised them not to buy software from WalMart, or even to download it for themselves. I asked them to contact me, and I'd come over and find something that worked for them. I know I could find software that I know I could trust, or at least have access to the source code to inspect and build myself if I felt there could be security problems. Then again, Kubuntu includes all the software they seem to need.

      I haven't heard anything from them regarding cameras and other devices which did not work. I did, however, hear of one grandson bringing over his camera and taking pictures of the seniors so they could email them to their relatives. One of the grandparents who had some PC experience as a secretary told me that she was really surprised how easy it was to get the camera to work. All they did was plug it in, and the storage device on the camera was automatically mounted. They could copy over the files without problem. The kid was reportedly stunned that the seniors could use the system so effectively.

      Insult inexperienced users all you want. Frankly, I think that a well-designed system can easily avoid the problems caused by unwitting users. Indeed, any quality software system would be designed in such a way as to completely minimize the harm that an inexperienced user could do. Linux and much open source software appears to do this quite well, and as such spyware just isn't a problem when dealing with Linux systems.

      --
      Cyric Zndovzny at your service.
  4. Oddity... by Ambiguous+Coward · · Score: 3, Interesting

    How can they be testing the top 1000000 web sites, if they're only downloading 100000 programs? That would leave a lot of sites untouched. It seems that in order to test 1000000 web sites, they would have to download at *least* 1000000 programs. Unless, of course, they grabbed programs from *some* of the top 1000000 web sites, in which case they would have programs from, say, site #1, #10, #20, etc.

    --
    Their may be a grammatical error, misspeling, or evn a typo in this post.
  5. Exokernel Guys by putko · · Score: 4, Interesting

    The technical guys in the company are from MIT's exokernel project.

    They worked on delivering high throughput for video with their superior OS technology. It interoperated with Windows, allowing them to make money.

    This project looks surprisingly un-technical and uncomplicated in comparison, given how competent and accomplished they are.

    Here's an exokernel link:
    http://pdos.csail.mit.edu/exo.html

    --
    http://www.thebricktestament.com/the_law/when_to_s tone_your_children/dt21_18a.html
  6. not just ignorant, but also... by ecalkin · · Score: 3, Interesting

    *unbelieving*!!

        i can't tell you how many times i've expressed the dangers to people. if you don't have anti-spyware, anti-virus, firewalls, and etc these are the risks. and they don't beleive. if you look at the large campaigns (at least in certain areas of the U.S.) to get people to wash their hands on a regular basis, it appears that people are disbelieving of germs also.

        how do you fix this?

        there is amazing evidence that the use of seat belts in autos reduces your probability of dying in a colision. but we still have to make laws to make people wear seat belts.

        so far there has been no real cost to a computer user for being stupid. with the exception of lost data, nothing bad is going to happen. if laws get passed that state your are responsible for your computers actions in dos attacks or if your computer is hijacked and made into a child porn depot, things might change.

    eric