Slashdot Mirror
Most Web Users Unable to Spot Spyware
Ben writes "According to a Spyware Quiz conducted by McAfee SiteAdvisor , a staggering 97% of Internet users are just one click away from infecting their PCs with spyware. One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity."
That has to be wrong, somehow. A lot of the people I know only go to trusted sites, virus-scan everything, etc etc. It only takes common sense and a slightly focused attention span to keep your machine clean.
McAfee will sell me the software to help save me.
Well, I wager that even though 100% of these "high IQ" users may visit one of these sites, 99.99% don't become infected by it.
But Mac and Linux users comprise more than 3% of Internet users!
The quiz in question has you choose which of two sites, based on screenshots, has spyware. The sites were all for things like screen savers, song lyrics, and free game downloads. That is a terrible, terrible way to judge a users capability to determine if something has spyware.
One interesting conclusion from this study showed that even users with a high "Spyware IQ" have a nearly 100% chance of visiting a dangerous site during 30 days of typical online searching and browsing activity.
Sure, we like to visit places like http://www.cracks.am, who actually write their own spyware. But I am not so sure that qualifies me as ever installing any of their garbage.
"When life gives you lemons, don't make lemonade. Make life take the lemons back!" -- Cave Johnson
Clearly the message is to just give up and pay the anti-virus/anti-spyware people a bunch of cash.
The real way to combat this is to hold website owners responsible if they are hosting such malware.
This is just like a "spot the phishing email" quiz I saw. Just looking at a picture gives you no context. Did you get the link from a reliable source? What OS/browser are you running. (I'm definitely more willing to check out something suspicious in Safari than Internet Explorer.) Are you dumb enough to download and run something from the site.
It contains no technical information or interactivity whatsoever. No status bar information, no ability to view page source, just screen grabs of random web sites.
This is a completely invalid, unsound test, as there is no technical way to determine the presence of malicious software simply by looking at a page as it initially loads in the absence of any ability to interact with it or at the very freaking least scroll up or down or hover a mouse... sheesh...
It's like blindfolding someone and then blaming them for not being able to catch a baseball pitch, facing away from the thrower, with their bare hands. Of course they won't be able to, if you take away every single useful tool for them to accomplish the task.
STOP . AMERICA . NOW
This quiz doesn't measure anything. Where's the option for "Both of these look suspicious and I wouldn't go near either of them"?
The quiz (http://www.siteadvisor.com/quizzes/spyware_0306.h tml) asks questions like "Which of these smiley download sites is safe?" The answer I'd pick is "I don't care which one is safe, I wouldn't ever download something so pointless and high risk to begin with", but that option isn't available.
I went to each one of the sites before answering. I still missed two of them.
:) And Kazaa has a long history of being full of crap that's bad for your system. Ugh.
First I missed the lyrics sites. One of them supposedly installs activeX adware. I couldn't tell this since I'm using Firefox in Linux.
Then I missed one of the P2P software sites. I incorrectly decided that Blubster was safe, even after looking through the site. They do mention that they take information given when you fill out a contact form, but I didn't see any mention in the terms of use or privacy policy regarding anything in the software itself.
Of course, I would have never actually downloaded that in the first place. I knew emule was safe though. Yay open source!
So yeah, I missed 2 of them, but would not have been infected by any of the bad sites. Mostly I just think this quiz is lame.
Nothing to see here
This quiz is supposed to scare people into buy their product, nothing more. No useful statistics can be gleaned from it.
If they wanted to make an accurate assesment they would set people up with a VM with a resonably patch version of windows, and big shiny icons for both IE and firefox and say "Browse the internet for an hour" and see how the machines were affected.
PS: I got a 5 out of 8 on the test, but only because there was no option to say "Why would I be dowloading lyics or smilies in the first place -- these things or more likely to have spyware than pr0n?" That and I guess they want you to trust eMule.
Most www users are not geeks and cannot tell the boundary between their computer and the internet, let alone know how to drive a hosts file etc. Any advice of this form is completely useless to most www users. If the computer says "click on this" they will. Don't expect them to tell the difference between something from MS or the OS and a phishing scheme or other attack.
It is also not reasonable to say that people should know this stuff to use the www. Nonsense! Do you need to know the difference between a knit and purl stich to wear a sweater? Do you need to know what advance and retard are to drive a car? Why the hell should you know what a hosts file is to use the www?
Engineering is the art of compromise.
By analogy, this quiz is the rough equivelent of having people pick from a group of crack-head prostitutes the one without disease, and when they fail, telling them they know nothing about safe sex. Safe sex, like safe browsing, ended before the the first question on the test. There is no safe sex by trying to pick only the disease-free crackhead prostitutes. There is no safe browsing by trying to pick the free smilies site that won't blow your computer up. There is value in mininimizing risk where it's found, but to me, safe browsing and downloading FREE SMILIES!!! from some popup window are mutually exclusive activities. That said, their product does have merit, probably. I just wished it was marketed as what it is: "You're a dumbass, and are going to do dumbass things. Maybe you need a net."
exceptio probat regulam in casibus non exceptis
I get the point that when you go to a screensaver site and see 2 menupoints and 4 screensavers, that is suspicious, ....
,,, )
but in most cases they seem to tell me, that a simple design vs bling means that the simple design will sell you spyware
dunno, i think any download is a potentional spyware, especially the spyware programs (that my wife installed on her mom's computer adter a popup : your computer mught be infected
well at home she uses linux so did not get a clue......
ohh that crap also has the important message: all p2p programs are spyware laden....
For sites that direct your browser to an IP address URL this hosts file does nothing. (http://123.22.33.44/grabyoubytheshorthairs.php)
-Cypheros
I took my usual paranoid route. For the first four questions, I didn't select either site (which, as it asks which site you trust, seems to me to implicitly state that I don't trust either site). For the last four sites, I specified that all of them potentially had spyware.
My result? Well, acccording to this "survey" I only scored 3 out of 8, as my not trusting sites which didn't have spyware (as they could find) counted against me, and I distrusted one site which the survey claims has no spyware. So apparantly, because I don't trust ANY of the 8 sites referenced in the survey, I'm "At Risk", and my "...answers would have infected your PC with adware and spyware many times over.".
Uh huh. Not trusting any of the 8 sites is putting me at risk? Spyware and adware many times over? Let's ignore for a moment that I'm running Mac OS X, and that I wouldn't visit any of those sites in the first place, and don't download screensavers, wallpapers, or smilies, but apparantly according to SiteAdvisor my distrust of all their sites puts me at risk.
And that right there is enough to tell you the quality of this so called "survey".
Yaz.
If you're not on windows, you're probably not going to be visiting mcafee's site.
it should read "3% of visitors to mcafee's site who took a spyware quiz are unable to spot every spyware site from a screenshot of part of the webpage."
--TheOrangeSquid Is it any wonder things seem so awry? We swim in a sea of confusion and don't have to think to survive
The only other thing I'd add to your comments is that the presence of a forum seems more likely to indicate safety. Most of the "safe" sites had a forum section, most of the "unsafe" sites don't. Obviously this isn't a hard and fast rule, but a forum where people can complain about the spyware they just downloaded would tend to scare prospective victims away.
The reason is simple. The test is loaded.
You are asked to choose between various free sites and have to judge just buy a screenshot wich one is save. That of course is very hard to do. Worse is that you can't choose the answer "none of the above" wich I think is the only real answer.
Frankly I wouldn't trust any screensaver or smiley site. Period full stop end of story.
Oh and as for people using virus scanners. Well yeah. Because others have hit them over the head and tied them to a chair and then installed the virus scanner for them and then trained them with a cattle prod not to remove it. They still go out of their way to make live hard for the virus scanners and still basically just get it.
Virus scanner == safety belt. Wearing a safety belt doesn't make you a safe driver.
It only takes common sense to keep your machine clean. Right the same common sense that tells you to limit your speed in dangerous road conditions?
Common sense is a misnomer because whatever it is it sure as hell ain't common.
MMO Quests are like orgasms:
You may solo them, I prefer them in a group.
No, that's the wrong approach entirely (a little knowledge can be a dangerous thing indeed), you can't possibly hope to keep track of all the hosts required, it's a losing battle.
The correct approach is to use better software, that blocks Spyware by design.
I found the test to be a classic push poll approach.
This is like lining up 16 Nigerian hookers, two at a time , and asking you you to screw one and see if you get AIDS. Well, statistically one in four has AIDS, so by the 16th hooker, you have AIDS -- guaranteed.
But, would you actually screw a Nigerian hooker? Not if you had any knowledge of what you're getting into.
Anyone who goes to a free screensaver website deserves every single virus they ever get. In fact, they deserve to be booted in the head.
The test is rigged in a fashion that ensures that even competent people end up in the mid-range.
In all seriousness, how many web savvy people are going to the types of sites they depict? None.
I scream. You scream. I assume that means we're both acquainted with the problem. We proceed.
Anyway perhaps linux users are even worse. How many of use just install packages from your distro without ever checking who actually wrote them?
Who cares who wrote them? The packages should be signed by the distributor. Presumably you trust the distributor or you wouldn't be running that distribution.
It was an easy test, and was full of clues.
There you go. All the information for scoring eight out of eight. Easy!
Essentially, think about how the website is making its money. If it's pushing something desirable as free, then it's suspicious - so unless it's obviously run by enthusiasts and has an easily-contactable community behind it, then there's almost no such thing as that proverbial free lunch...
Tedious Bloggy Stuff - hooray?