Slashdot Mirror

← Back to Stories (view on slashdot.org)

Naming and Shaming Toxic Web Apps

Posted by Soulskill on from the running-this-requires-access-to-your-neural-patterns dept.

itwbennett writes "Stanford Law School has released a wiki called WhatApp?, where users can rate all manner of web apps, browsers, mobile platforms, mobile apps, and social network apps on their security, privacy, and openness. Currently, the wiki 'lists some 200+ apps, but most of them have not been reviewed yet. So they need a lot of help,' writes blogger Dan Tynan. 'To review an app you select it from the list, then fill out a 9-question form rating its privacy, security, and openness, ranging from 5 (very private, secure, and open) to 1 (a steaming pile of vulnerabilities and violations).'"

52 comments

  1. LOL by Anonymous Coward · · Score: 0

    troll

  2. Wait by malkir · · Score: 3, Funny

    So all I have to do is download some shitty app and rate it, potentially exposing myself to the spyware/malware/security vulnerabilities were looking to avoid? Where do I sign up?

    1. Re:Wait by Some.Net(Guy) · · Score: 1

      ....someone is missing the point here.

    2. Re:Wait by WrongSizeGlass · · Score: 1

      So all I have to do is download some shitty app and rate it, potentially exposing myself to the spyware/malware/security vulnerabilities were looking to avoid? Where do I sign up?

      I'm surprised they don't have at least a 9 question application to signup and qualify the suckers, um, volunteers. I guess they'll let anyone test the apps? So it's Yelp but without the sales pressure?

  3. That's nice and all, but... by clang_jangle · · Score: 1

    Isn't the whole point of free (as in gratis) web apps to capture and exploit user info? These companies providing them aren't charities.

    --
    Caveat Utilitor
    1. Re:That's nice and all, but... by iYk6 · · Score: 1

      Yes, presumably web apps will receive low scores. However, the list also includes "browsers, mobile platforms, mobile apps", so maybe you will find something in one of those categories that fits you better.

  4. Web of Trust by commodore64_love · · Score: 4, Interesting

    This rate-the-app project sounds similar to WOT. It sounds like a good idea to me, since Web of Trust has helped me avoid a lot of spybots and other crap. http://www.mywot.com/

    --
    "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    1. Re:Web of Trust by Anonymous Coward · · Score: 0

      ...but don't you give up privacy by using an add-on that submits the sites you go to

    2. Re:Web of Trust by pgmrdlm · · Score: 1

      I would rather give up a small bit of information about the web sites I visit then have identify theft occur which costs me legal fee's proving I am not the person using that identity. Have my bank account emptied. Have my checks deposited in someone else's bank account.

      I would love to see a statistic of the number of people that committed suicide due to the loss of their credit and possibly job due to identity theft.

      Its all about YOUR precious privacy and NEVER about the people that are losing EVERYTHING because you don't like a specific application/program/law that would help protect the victims.

      By the way, you better turn off ALL Microsoft updates. You know that Microsoft has FULL access to EVERYTHING on your computer. You know damn well they are reviewing all of it. You are nothing but a number that they are crunching for every bit of data they can get.

      Go put on your tin foil hat. You know the government is also beaming rays at you to steal your soul.

      --
      Anonymous comments are as pathetic as the anonymous "sources" that contaminate gutless journalism from the New York Time
    3. Re:Web of Trust by Anonymous Coward · · Score: 0

      Warning: pedantry ahead

      I would rather give up a small bit of information about the web sites I visit then have identify theft occur...

      "I'd rather A, then B" means that your preference would be A, followed by B.
      "I'd rather A than B" means that your preference would be A in place of B.

      Personally, I'd prefer neither.

    4. Re:Web of Trust by AceofSpades19 · · Score: 1

      Well obviously, but sometimes you have to make a decision between which is worse

    5. Re:Web of Trust by BillMike · · Score: 0

      What a great picture!! I am truly impressed with your work. Well-done. [URL="http://www.oakleysunglassesmall.com"]cheap oakley sunglasses[/URL] [URL="http://www.oakleysunglassesmall.com"]oakley sunglasses sale[/URL] [URL="http://www.oakleysunglassesmall.com"]oakley sunglasses[/URL]

    6. Re:Web of Trust by BillMike · · Score: 0

      What a great picture!! I am truly impressed with your work. Well-done.oakley sunglasses sale cheap oakley sunglasses

  5. Hrm.. by Dread+Pirate+Skippy · · Score: 3, Insightful

    The people who are downloading these 'toxic' apps in the first place simply aren't going to visit this site before doing so. Folks who are already aware of the risks won't need a site like this to illustrate them...so who is this for?

    1. Re:Hrm.. by Jurily · · Score: 1

      All the people who don't fit into your generalizations.

    2. Re:Hrm.. by selven · · Score: 2, Insightful

      These are WEB apps, not downloadable ones (technically, the client gets downloaded into your browser cache, but that's usually the extent of it). It's about the ongoing security risk and harm that the apps are causing, and if you've been using Rockbox (to use their hall of shame example) for a year and you stop because of the website, they've still done you a service.

    3. Re:Hrm.. by clang_jangle · · Score: 1

      These are WEB apps, not downloadable ones (technically, the client gets downloaded into your browser cache, but that's usually the extent of it)

      That is incorrect.

      if you've been using Rockbox (to use their hall of shame example)

      Rock You Live != Rockbox!

      You're like a regular font of disinformation here -- distracted much?

      --
      Caveat Utilitor
    4. Re:Hrm.. by selven · · Score: 1

      These are WEB apps, not downloadable ones (technically, the client gets downloaded into your browser cache, but that's usually the extent of it)

      That is incorrect.

      Please explain.

    5. Re:Hrm.. by WrongSizeGlass · · Score: 2, Funny

      Please explain.

      Sure. I'll use a car analogy:

      Salesman: Well I can't _give_ you the car, but I _can_ let you have this little number for practically nothing: only $38,000.
      [bullets hit the car]
      Homer: [suspicious] Hey, what are all these holes?
      Salesman: [quickly] These are speed holes. They make the car go faster.
      Homer: Oh, yeah. Speed holes!
      [bullets riddle the car and smash the windshield]
      Salesman: You want my advice? I think you should buy this car.

      Any questions?

    6. Re:Hrm.. by Anonymous Coward · · Score: 0

      RTFA (or even TFS). If you still want an explanation, you're beyond help.

    7. Re:Hrm.. by Rary · · Score: 1

      These are WEB apps, not downloadable ones (technically, the client gets downloaded into your browser cache, but that's usually the extent of it)

      That is incorrect.

      Please explain.

      The summary says "web apps". The actual website, however, says "online and mobile apps". What they're actually rating are mostly downloadable applications, although some really are web apps.

      --

      "You cannot simultaneously prevent and prepare for war." -- Albert Einstein

    8. Re:Hrm.. by Anonymous Coward · · Score: 0

      Academics, obviously.

  6. Re:The most toxic DESKTOP App by coolsnowmen · · Score: 1

    I can't sell if you are being serious, or you are tying to parody the stereotype of /. ers.

  7. Re:The most toxic DESKTOP App by Anonymous Coward · · Score: 0

    Mission Accomplished!

    !Yours In Ulyanovsk,
    !Kilgore Trout

  8. Re:The most toxic DESKTOP App by Anonymous Coward · · Score: 0

    ^ Whoever this guy is, I want more of him. Pointless linking, stupidly fake-formal sign-off, awesome name, overcapitalization, and no walls-of-text! This is a troll I can enjoy. Mod Kilgore Trout up!

  9. Re:The most toxic DESKTOP App by Anonymous Coward · · Score: 0

    Your standards are acceptably low. You've qualified for a free Windows upgrade to 'Vista Platinum*'.




    * Vista Platinum is not compatible with ponies, omg ponies or ponicorns.

  10. WhatApp by $RANDOMLUSER · · Score: 3, Funny

    So near and yet so far.

    They could have used WhatsAppDoc.

    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
    1. Re:WhatApp by JakartaDean · · Score: 1

      Jesus you had me laughing out loud -- at work. Funniest thing I've seen on /.

      --
      The subject who is truly loyal to the Chief Magistrate will neither advise nor submit to arbitrary measures (Junius)
    2. Re:WhatApp by BillMike · · Score: 0

      Howwwfeeling I don’t believe it. That is a great picture but I am scare about it. You have a good job. Thank you.cheap polo shirts Ralph Lauren Hoodie lacoste polot shirts

  11. Who is qualified to do this? by yoblin · · Score: 1, Insightful

    How is anyone qualified to actually rate a WebApp on its security most of the time??? Certainly not the average user, and I doubt even a security researcher unless they are given access by the developer. Until it's too late, you won't know that the developer set all the server passwords to 'LOL' or is selling your information to criminals....

  12. Here's one of the worst: Entrust Truepass(TM) by Anonymous Coward · · Score: 0

    Entrust Truepass is a real POS.

    It's a java applet that some paranoid websites like to use. They claim "zero footprint" which is an outright lie. It only works with a handful of java JREs, and a few web browsers.

    The only reason anyone buys it is that it's the only java applet with FIPS 140-1 certification, so if you need to tick that box on your checklist, and you like java, you're stuck with it.

    Unfortunately I know Entrust Truepass well since my company's bank, Scotiabank (a major bank in Canada) requires Entrust Truepass for online business banking. Not only that, they require IE 5.5 or IE6 because this crappy java applet doesn't work well with firefox, chrome or safari.

    And Entrust Truepass doesn't work with web proxies.

  13. I saw this on SNL by TheVidiot · · Score: 1

    Oooooo eeeeee! WhatApp with that? WhatApp with that?

  14. A better way by PopeRatzo · · Score: 0

    I've got a better idea. Let me rate the apps without downloading and installing them. I'll be the judge of whether or not they're probably safe to use and free of malware.

    I'm betting that most of us here at /. could make some very accurate educated guesses as to whether something should be downloaded and installed without having to risk actually getting infected with malware. In many cases, we could probably do it based on the URL alone.

    Just put us in charge. Oh, and give us the power to punish those who would spread malware. We'll get it straightened out in no time.

    --
    You are welcome on my lawn.
    1. Re:A better way by derfel+cadarn · · Score: 0, Offtopic

      This is one of the reasons we have virtual machines.

    2. Re:A better way by PopeRatzo · · Score: 1

      Nobody recognizes sarcasm any more.

      So sirius all the time, dawg.

      --
      You are welcome on my lawn.
    3. Re:A better way by Anonymous Coward · · Score: 0

      Picture not, mouseover text vaguely related.

  15. For this scheme to work... by Lead+Butthead · · Score: 1

    For this scheme to work, the toxic app host/author has to know and a sense of moral. The very fact these apps exists implies their host/authors either have weaken or non-existent sense of moral, therefor this scheme will never fly.

    --
    ELOI, ELOI, LAMA SABACHTHANI!?
  16. That is not what "Web App" means by Anonymous Coward · · Score: 0

    A web app is something that runs on a server. Some of the stuff in the summary is web apps, most is not.

  17. RockYou is in the hall of shame, not RockBox by Chris+Pimlott · · Score: 1

    You've made a mistake; RockYou Live is in their "penalty box", not RockBox. The two are totally unrelated; RockBox isn't even a webapp, it's an (excellent) open source firmware for portable music players. They don't ask for your personal information at all.

  18. Re:The most toxic DESKTOP App by quantumplacet · · Score: 0, Offtopic

    stupidly fake-formal sign-off, awesome name,

    Kilgore Trout is the fake sci fi author in Kurt Vonnegut books.

  19. how about... by naplam33 · · Score: 0

    facebook?

  20. Dogfood by pizza_milkshake · · Score: 1

    I don't see an entry for itself

  21. Four words: Farmville and Mafia Wars by Zantac69 · · Score: 0, Offtopic

    Those, IMHO, are the two most annoying wastes of time evar. EVAR! Should be rated toxic as such.

    --
    1331461 is only semiprime *sigh* Alas - I am just short of 1337.
  22. Re:bitCh by Anonymous Coward · · Score: 0

    You down. It was AnotRher folder. 20 so there are people move forward, as one 0f the These early

    precisely!

  23. Re:The most toxic DESKTOP App by Anonymous Coward · · Score: 0

    Does it make me odd if I read that last word as pornocore?

  24. [ProductName] is lethal by w0mprat · · Score: 1

    Someone write up a warning about the [ProductName], I heard it's a Killer App!

    How to play: substitute ProductName for iPad, Android, JooJoo etc

    --
    After logging in slashdot still does not take you back to the page you were on. It's been that way for 20 years.
  25. Hi by marieosmond · · Score: 1

    Thanks for the great update http://www.bankruptcyattorneyincalifornia.com/

  26. I just contributed... by Hurricane78 · · Score: 1

    I rated the “WhatApp?” wiki as really crappy and unable to overcome a singular bias towards the opinion of the most powerful entities. ;)

    --
    Any sufficiently advanced intelligence is indistinguishable from stupidity.
  27. Thanks! by RyanCalo · · Score: 1

    Thanks for all of the /. feedback. Love it. So, just to clarify: ratings and reviews are based on a lot of things---technical knowledge, close reads of supporting documentation, etc. We don't let "anyone" review apps. We have 20+ approved experts at this time, some with computer science backgrounds, others with legal knowledge, still others with a background in privacy compliance. That said, we don't want to raise the bar excessively high. If you read a review, you can judge for yourself based on the expert's bio whether you trust them. In addition to expert ratings and reviews, you have news feeds, a wiki, comments, and the opportunity for the developer to claim the app and add notes. WhatApp.org is trying to improve on the status quote---namely, jack. We have StopBadware.org for really malicious software, plus CNET and others write up apps from time to time from the perspective of security. Sitejabber.com also does a nice job with community review of websites. But I'm not aware of any central repository of information on consumer values like privacy, security, and openness of online and mobile apps. Improving on nothing is our (modest) goal. It's a work in progress, and we really appreciate the many, many people who have signed up to contribute. PS: One thing we could really use help on is adding apps. Any user can add an app to review. Please consider it.

  28. OT: Windows 7 in 1/2 GB by RAMMS+EIN · · Score: 1

    ``OS 10.6 requires 1 gigabyte; no exceptions. But WIN7 runs well on just 1/2 GB. Apple's OS appears *twice* as bloated.''

    I gather you are talking about RAM, not diskspace. But would you perchance have any pointers to reducing Windows 7 disk space usage? It irks me that an OS I rarely use sits there eating up > 10 GB of disk space, but I lack the knowledge of Windows to do something about it. If I could get the disk space

    --
    Please correct me if I got my facts wrong.