Slashdot Mirror

← Back to Stories (view on slashdot.org)

McAfee Picks the Most Dangerous TLDs

Posted by CmdrTaco on from the all-fear-dot-vg dept.

CWRUisTakingMyMoney writes "Companies that assign addresses for Web sites appear to be cutting corners on security more when they assign names in certain domains than in others, according to a report to be released Wednesday by antivirus software vendor McAfee Inc. McAfee found the most dangerous domains to navigate to are .hk, .cn, and .info. Of all .hk sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors; it flagged 11.8 percent of .cn sites and 11.7 percent of .info sites that way. A little more than 5 percent of the sites under the .com domain — the world's most popular — were identified as dangerous."

21 of 184 comments (clear)

  1. .cx by Junior+J.+Junior+III · · Score: 4, Funny

    Home of the goatse. Danger Will Robinson!

    --
    You see? You see? Your stupid minds! Stupid! Stupid!
  2. Which is more dangerous, then? by Hawthorne01 · · Score: 5, Insightful

    5% of .coms, or 19% of .hk's? On a percentage basis, the .hk, .info, etc. But as a whole, my money's on .com's?.

    Bad math = bad reporting.

    --
    "Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
  3. Why the hell... by Jaysyn · · Score: 5, Funny

    ...would anyone want to take security advice from McAffe?

    --
    There is a war going on for your mind.
  4. not their problem by Brian+Gordon · · Score: 5, Insightful

    "Companies that assign addresses for Web sites appear to be cutting corners on security more when they assign names in certain domains than in others"
    um since when is that the registrar's responsibility? they just point a domain name at an IP address-- that's the extent of the service.

    1. Re:not their problem by aredubya74 · · Score: 5, Insightful

      Exactly. I'd be much more interested in looking at the stats by assigned IP blocks. That way, network admins could blacklist those ranges at their edge, adding exceptions as needed. It's a tough game to play, but it would also give admins an idea as to what ISPs are leaving obvious botnets intact and which ones aren't.

      --

      RW

  5. Define "Dangerous" by corsec67 · · Score: 4, Interesting

    Is that dangerous to someone running IE on Windows, or dangerous to the person, like scams?

    It seems like they kind of mashed the 2 together, but that is McAfee, so I would expect them to exaggerate the dangers of browsing without McAfee.

    --
    If I have nothing to hide, don't search me
  6. sorry, but i just don't get it... by ketamine-bp · · Score: 5, Interesting

    i live in Hong Kong.

    here, if we are to register domain names, especially .com.hk, we need business registration to get it registered, same goes for .edu.hk, .org.hk etc.

    the possible exception would be .hk, but i think the HKNIC (i forgot the name..) does have reasonable abuse TOS that these bad things get cancelled... so i would be glad if they could provide us with the domain names they flagged 'dangerous' and let's see how it goes....

  7. Because there are no more good dot-coms. by Rob+T+Firefly · · Score: 4, Funny

    Not even the malware folks can get a decent domain in .com anymore, they're all in use or squatted upon.

    --
    Slashdot Burying Stories About Slashdot Media Owned
  8. Age of website? by QuietLagoon · · Score: 5, Insightful

    I'd bet if they would find an even better correlation if they looked at the age of the website's domain registration, not the domain it was registered under.

  9. Re:I wonder... by cryptodan · · Score: 5, Funny

    I wonder where .xxx would've come in if it had been created. It would be 69%.
  10. I used Site advisor once.. by Warll · · Score: 4, Informative

    The thing is far from foolproof. When I was bored one day I decided to start clicking on just about all the Google Adwords adverts I could find. Most of them were for those scam sites, you know the kind "click here to buy Firefox, Buy supsciption to Bittorent now!" Over half the sites were green according to Site Advisor. Really I'm sure that their numbers here at least give an idea as the how "dangrous" these TDLs are, put really they are liekly far off from the truth.

  11. Chinese domains by Anonymous Coward · · Score: 5, Funny

    The problem with .cn domains: 30 minutes after you surf there, you want to surf there again...

  12. Word Problem Alert by Colonel+Korn · · Score: 4, Insightful

    5% of .coms, or 19% of .hk's? On a percentage basis, the .hk, .info, etc. But as a whole, my money's on .com's?.

    Bad math = bad reporting. When solving a word problem, one must find the mathematical expression that best expresses the question. You've got the wrong one.

    You're making the argument that what really matters is the total number of malicious sites in each domain, not the fraction of sites within a domain that are malicious.

    Clearly, however, the fraction is the more important metric. Consider a silly analogy:

    There are 100 violent criminals in my local jail out of a total population of 200. There are 1000 violent criminals running free in Hawaii out of a total population of 1 million. When choosing a safer place for a vacation, by your logic, I'd pick my jail, since the total number of offenders is lower. 50% of my fellows would be violent criminals. By my logic, I'd pick Hawaii, where there would be more criminals, but they'd only make up 0.1% of the people around me. I prefer my odds.
    --
    "I zero-index my hamsters" - Willtor (147206)
  13. Interesting bits by rock56501 · · Score: 5, Interesting
    I am willing to bet that there are a lot more .com site's registered than .cn or .info or whatnot, so the fact that 5% of the .com's are flagged is huge, seeing that most people think about going to .com's before anything else.

    One other interesting note is that .05% of .gov's are listed as dangerous. So is that like from when the www.nsa.gov website left that tracking cookie on your computer or is there a actual government website out there that is actually dangerous to visitors?

  14. But what about .nu? by mangu · · Score: 5, Interesting

    Home of the complete goatse collection. Enjoy yourselves!

    1. Re:But what about .nu? by Daimanta · · Score: 5, Funny

      My God, I though you were joking. And here I was, thinking that goatse was only 1 image.

      Thanks dude, that's 12 extra therapy sessions for me.

      --
      Knowledge is power. Knowledge shared is power lost.
    2. Re:But what about .nu? by Junior+J.+Junior+III · · Score: 4, Funny

      Home of the complete goatse collection. Enjoy yourselves! <darthvader>Nuuuuuuuuuuuuuu!</darthvader>
      --
      You see? You see? Your stupid minds! Stupid! Stupid!
    3. Re:But what about .nu? by css-hack · · Score: 5, Funny

      I don't know what's worse. The fact that I clicked, or the fact that it's already slashdotted.

  15. Only on Slashdot... by Anonymous Coward · · Score: 5, Funny

    ...would a link to the full set of Goatse pictures be moderated "Interesting"

  16. Re:Where can I get a list of these TLD to block ou by eln · · Score: 4, Funny

    I think it's cute how you still think any of the TLDs are still used for their originally intended purposes.

  17. Re:lies, damned lies, and mcafee by mattwarden · · Score: 4, Insightful

    Um, no. You are exactly wrong, in fact. It is true that there are a greater quantity of troublesome .ru sites in your example, but given a .ru domain and a .hk domain, the .hk domain is more likely to be troublesome. The fact that there are more .ru troublesome sites out there is only a result of there being more .ru sites out there. The only thing that affects is the likelihood that a given domain is a .ru domain.

    Consider this:
    Bag 1: 7 of 10 marbles are blue
    Bag 2: 35 of 100 marbles are blue

    There are more blue marbles in bag 2, but you are far more likely to pick a blue marble in the first bag.

    The point of the article is: how much of an indication is it that a .xy domain is dangerous?