Slashdot Mirror

← Back to Stories (view on slashdot.org)

Regular Domains Have More Malware Than Porn Sites

Posted by CmdrTaco on from the wouldn't-have-seen-that dept.

SnugglesTheBear writes "New research pours scorn on the comforting but erroneous belief that Windows surfers who avoid smut and wares on the Web are likely to avoid exposure to malware. A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult website. In the UK, Avast found that more infected domains contained the word 'London' than the word 'sex.' Among the domains labeled as infected by Avast was the smartphones section of the Vodafone UK website. The mobile phone operator's site contained a malicious JavaScript redirect script that attempted to take advantage of an unpatched Windows Help and Support Centre flaw (CVE-2010-1885) to infect the machines of visiting surfers."

122 comments

  1. "London" is a heavily spammed term by Animats · · Score: 4, Informative

    "London", as a keyword, is a heavy spam target. I used to use "London Hotels" as a test case for SiteTruth's web spam detector. Google used to do badly on that search. (Since they started handling travel destinations as a special case, the first 10 Google results are now either paid ads or results from the business search engine.)

    1. Re:"London" is a heavily spammed term by Anonymous Coward · · Score: 0

      Who would have thunk it that sex is safer than no sex at all? :D

    2. Re:"London" is a heavily spammed term by Anonymous Coward · · Score: 0

      You may be 99 times more likely to get infected with non-sexual browsing, but sexual infections can be a bitch to clear up.
      Herpes is forever.

      And those caught infecting non-sex sites will get punished, but there's a stiffer penal code for sex sites.

    3. Re:"London" is a heavily spammed term by Anonymous Coward · · Score: 0

      "London" frequently comes up in my searches for UK porn. Goes with my bad teeth and binge drinking chick fetish.

    4. Re:"London" is a heavily spammed term by FlyMysticalDJ · · Score: 1

      That is why you should always practice safe sex.

    5. Re:"London" is a heavily spammed term by Z00L00K · · Score: 1

      And then it's a lot better effect to spread malware through ad networks.

      Design an ad that contains a time bomb and that triggers randomly will make it sneaky enough to penetrate machines randomly and inconclusive. Make sure that the ad is displayed on a high-profile site where a lot of users have low tech skills.

      Spammers and malware creators are getting sneaky and sometimes do have a legitimate front and a dirty back.

      --
      If builders built buildings the way programmers wrote programs, then the first woodpecker would destroy civilization.
  2. The question is by dmgxmichael · · Score: 2, Interesting

    How many of those redirects lead to adult sites? A very large number I'd imagine.

    Further actual numbers mean little - what percentage of porn sites are infected (or deliberately take malware related action) as opposed to legitimate sites?

    1. Re:The question is by logjon · · Score: 0

      Unless you think that porn sites make up less than 1% of the internet, the percentage won't dispell the idea behind this article. Further, deliberateness is irrelevant.

      --
      The stories and info posted here are artistic works of fiction and falsehood.
      Only fools would take it as fact.
    2. Re:The question is by vxice · · Score: 1

      shh we don't want more attention on our porn sites. Although when will people learn to stop going to shady sites that require executables on their web page. I mean pictures are just that, pictures and so are videos. Stick to simple video and picture content that does not allow for executable content and you should encounter very few problems.

      --
      every anarchist is a baffled dictator. Benito_Mussolini
    3. Re:The question is by commodore64_love · · Score: 4, Funny

      So however you look at it, you get fucked.

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    4. Re:The question is by nacturation · · Score: 1, Insightful

      Further actual numbers mean little - what percentage of porn sites are infected (or deliberately take malware related action) as opposed to legitimate sites?

      Exactly. 99 regular sites infected to 1 porn site infected is rather telling if there are 1000 times more regular sites, which would mean that you have a ten-fold increase in risk on porn sites. As usual, this is a non-story that boils down to nothing more than a press release for Avast: "You're at risk! Buy our crap which will slow down your computer and probably won't detect much anyways!"

      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
    5. Re:The question is by Anonymous Coward · · Score: 0

      How many of those redirects lead to adult sites? A very large number I'd imagine.

      Here's TFS again, close-captioned for the reading impaired:

      Web are likely to avoid exposure to <font size=48 color=red><strong> malware </strong></font>.

    6. Re:The question is by pseudorand · · Score: 4, Interesting

      > How many of those redirects lead to adult sites?

      Probably not many. After all, porn sites actually have a legitimate (or at least legal) internet business model with revenue. Why do they need to infect their customers with malware? The newspapers on the other hand are struggling to figure out how to get people to pay for their content.

      What's more, I imagine mostly lonely guys visit porn sites. And who are lonely guys? Geeks! (present company excluded, of course :). And geeks use Firefox, NoScript, etc., so they're hard to infect. If you want to build your fleet of rooted zombies, I'd imagine sites that a bunch of old people who are still using IE 5 on unpatched Windows 2000 is your best bet. And unless they've responded to a Viagra e-mail, I would guess grandma and grandpa aren't visiting porn sites.

    7. Re:The question is by Anonymous Coward · · Score: 3, Insightful

      What's more, I imagine mostly lonely guys visit porn sites. And who are lonely guys? Geeks!

      Well, you'd be imagining wrong, because the correct answer to the question who visits porn sites is EVERYONE.

    8. Re:The question is by BenoitRen · · Score: 3, Informative

      Exactly. 99 regular sites infected to 1 porn site infected is rather telling if there are 1000 times more regular sites, which would mean that you have a ten-fold increase in risk on porn sites.

      Way to miss the point, which is that avoiding porn sites doesn't mean you won't get infected. This proves that there are many regular sites out there that are infected, ratio of anything be damned.

      As usual, this is a non-story that boils down to nothing more than a press release for Avast: "You're at risk! Buy our crap which will slow down your computer and probably won't detect much anyways!"

      Avast is free. It even says so in the summary.

    9. Re:The question is by Anonymous Coward · · Score: 0

      It's bad enough not to RTFM, RTFS, or RTFA -- but you couldn't even RTFBlurb that appears just below the text input box (the one that says Allowed HTML )? That's just pathetic...

    10. Re:The question is by Anonymous Coward · · Score: 0

      As usual, this is a non-story that boils down to nothing more than a press release for Avast: "You're at risk! Buy our crap which will slow down your computer and probably won't detect much anyways!"

      You're at risk! Install Linux!

    11. Re:The question is by FlyMysticalDJ · · Score: 2, Informative

      being a porn site isn't the silver bullet that means you will make money. Also, there was a slashdot article saying that more porn sites were infected than expected. I'm not exactly sure how these two articles mesh up, but specifically that article had said that people in the porn industry tend to trade content to lower operating costs. So all it takes is one link in the chain putting malware in that content to infect multiple sites.

    12. Re:The question is by ottothecow · · Score: 1
      VLC?

      I have watched stuff accelerated with audio that seemed fine (there is something to correct for the chipmunk effect) and most of their features are platform independent.

      --
      Bottles.
    13. Re:The question is by b4upoo · · Score: 1

      How about surfing from a live CD edition of a Linux distro? Talk about making a PC hard to infect!

    14. Re:The question is by Syncdata · · Score: 2, Informative

      A few rebuttles to your comment and others on this thread. Downloaded plugins and such are not necessary on a website for malware to transfer. All that is necessary is for an advertisement to load which contains the means for a cross site scripting attack. You don't even have to click on anything once you visit the site.

      And yes, these attacks happen on totally legitimate sites that are not very discriminating on the ads they run, or whose admins do not properly defend their server against worms/ teh h4x.

      XSS attacks are the #1 growing attack technique by far. As long as there is money to be made in infecting computers, techniques will get more advanced as offense is always ahead of defense in terms of Malware/AV software. Simple image and video content is all you need to transfer malware.

      I wish it was as easy as saying "Obey these 3 rules and you will not be infected", but that is simply not the case anymore. The people that write this software are honest to God,legitimate, Software Developers. You don't have to like em, but you do have to respect em.

      The only way to be 100% certain that you do not end up with malware at the end of the day is not AV software, it's not being cautious, it's not using a mac or linux, it's virtualized environments. And one of these days, even that might not be a panacea.

      --
      "Inattention makes clowns of us all" -Bean
    15. Re:The question is by sortius_nod · · Score: 1

      This is true.

      My most recent detection, by Avast, of malware on a site was from a client's site that is REALLY basic. Bit of HTML, that's all. The thing is he linked some "visitor counter" on the site, bam, malware.

      The most frequent sites to throw malware warnings by Chrome or Avast seem to be corporate sites, not porn. I don't think I've ever had one for redtube or youporn.

    16. Re:The question is by CarpetShark · · Score: 1

      Way to miss the point, which is that avoiding porn sites doesn't mean you won't get infected.

      Of course it doesn't. People who've been around the net from the early days are well used to seeing porn and goatse and all, so they've no big reason to avoid it. The vulnerable people are the n00b grandmas and managers who think porn is the scary part of the net and that being good by just playing those quizzes that everyone sends them.

      Honestly, this is common sense. Hardly article worthy.

    17. Re:The question is by nacturation · · Score: 1

      Exactly. 99 regular sites infected to 1 porn site infected is rather telling if there are 1000 times more regular sites, which would mean that you have a ten-fold increase in risk on porn sites.

      Way to miss the point, which is that avoiding porn sites doesn't mean you won't get infected. This proves that there are many regular sites out there that are infected, ratio of anything be damned.

      They're making a claim involving a ratio. I'm pointing out a flaw in their claim. If the ratio is unimportant, they shouldn't have mentioned it. And they've "proven" something that was already widely known in the security community and re-packaged it as news.

      As usual, this is a non-story that boils down to nothing more than a press release for Avast: "You're at risk! Buy our crap which will slow down your computer and probably won't detect much anyways!"

      Avast is free. It even says so in the summary.

      And we all know the summary is heavily fact checked by the Slashdot editors, right? From http://www.avast.com/free-antivirus-download : "Enjoy worry-free web surfing - Innovative Sandbox technology protects you from dangerous websites" -- not available in the free edition. And their free edition is only available for personal and non-commercial use only. Their business offerings start at $39.95 for a 1 computer, 1 year subscription.

      My point still stands that this is a press release designed to drum up more sales by spinning a problem as news while painting Avast as having the solution to this problem. Classic PR material.

      --
      Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.
    18. Re:The question is by Anonymous Coward · · Score: 0

      And how do you infect a computer through a cross site scripting attack?

      Cross site scripting is simply injecting javascript into a different site, e.g. through the querystring. It's still javascript, it's still inside the sandbox, and it has no more access than if said javascript was put on the attacked site intentionally.

      Getting javascript onto a different site does not get you any closer to infecting the target computer.

    19. Re:The question is by commodore64_love · · Score: 1

      VLC does work but it makes everything sound like a chipmunk. That's what is nice about the 2xAV plugin for Windows Player - it sounds natural even when sped-up

      --
      "I disapprove of what you say, but I will defend to the death your right to say it." - historian Evelyn Beatrice Hall
    20. Re:The question is by ottothecow · · Score: 1

      Have you tried recently? You may have to activate scaletempo in preferences (should be automatic post 1.0 though)

      --
      Bottles.
    21. Re:The question is by BenoitRen · · Score: 1

      They're making a claim involving a ratio. I'm pointing out a flaw in their claim.

      There is no flaw in their claim, as there are more porn sites out there than you think. More than a third of the domains consists of porn. Hence if there are 99 regular infected domains for every infected porn domain, there is a lot more malware on regular domains.

      And they've "proven" something that was already widely known in the security community and re-packaged it as news.

      The question is, though, has it ever been proven before? There are things in life we assume to be correct as part of common knowledge, but they have never been proven. Sometimes those turn out to actually be incorrect, so research like this is useful.

      Okay, Avast is not free for business, but I think they deserve less scrutiny because they do give it away for free to everyone else. They're not, say, Symantec. *shudders*

    22. Re:The question is by BenoitRen · · Score: 1

      Honestly, this is common sense. Hardly article worthy.

      Sadly, "common sense" isn't common at all. You should know this. Otherwise we wouldn't have most of the population thinking the web's porn domains are the scary part of the web.

  3. makes sense... by gandhi_2 · · Score: 3, Insightful

    there's competition in the porn world... they want to make money.

    vodafone, like most carriers, will be making money no matter what.... thanks to monopolies, duopolies, market segmentation and such.
    this creates a lazy attitude towards security, among other things.

    is anyone surprised by this, really?

    --
    THL phish sticks
  4. "sex" is too vanilla to sell by zill · · Score: 4, Insightful

    In the UK, Avast found that more infected domains contained the word 'London' than the word 'sex.'

    Maybe it's due to my weird fetishes, but none of the porn sites I visit actually contain the word "sex".

    1. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 4, Funny

      Most people don't consider TechCrunch to be a "porn" site.

    2. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 5, Informative

      Lets check the current list of smut...

      bigtube.com
      deviantclip.com
      extremetube.com
      fantasti.cc
      hardsextube.com
      new.hardcoreporntube.com
      newsextube.org
      pornhub.com
      pornmix.com
      slutload.com
      spankwire.com
      stileproject.com
      tnaflix.com
      wankspider.com
      xhamster.com
      xvideos.com
      youporn.com

          11.76% contain sex. And none will make you contract viruses of the electronic nor STD varieties.

    3. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 0

      FUKKEN SAVED!

    4. Re:"sex" is too vanilla to sell by tsalmark · · Score: 4, Funny

      Porn sites have words?

    5. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 0

      ... and of course everyone's favorite fetishes are the "London Bridge", the "London Broil", and the supremely intense "Jack London".

    6. Re:"sex" is too vanilla to sell by mano.m · · Score: 2, Funny

      Mod parent up 'Informative'.

      --
      Karma fed to this user will be promptly burnt. Be warned; be wary.
    7. Re:"sex" is too vanilla to sell by barzok · · Score: 4, Funny

      I read them for the articles.

    8. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 0

      In the UK, Avast found that more infected domains contained the word 'London' than the word 'sex.'

      Maybe it's due to my weird fetishes, but none of the porn sites I visit actually contain the word "sex".

      And there is a porn star named London.

    9. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 1, Informative

      tube8.com
      redtube.com

    10. Re:"sex" is too vanilla to sell by Anonymous Coward · · Score: 0

      Actually, the first entry on TechCrunch currently contains the word sex.

      "Bada Bing: Sex.com And Two Related Trademarks Up For Sale At Sedo"

  5. What are the percentages? by meerling · · Score: 4, Insightful

    It's all fine and good to point out that for every porn site there are 99 non-porn sites that have malware.
    But what are the percentages of said catagories infected?
          What percentage of porn sites have malware?
          What percentage of non-porn sites have malware?
    If the percentages are high enough for a category, it is a good idea to avoid that category, even if it is a tiny percentage of total sites.

    1. Re:What are the percentages? by logjon · · Score: 3, Insightful

      Assuming that porn sites make up > 1% of all websites (a pretty safe assumption,) then the ratio of (infected regular sites/uninfected regular) sites is still higher than that of porn sites.

      --
      The stories and info posted here are artistic works of fiction and falsehood.
      Only fools would take it as fact.
    2. Re:What are the percentages? by wisnoskij · · Score: 4, Informative

      Over 37% of the internet is porn (http://idle.slashdot.org/story/10/06/16/1722258/Over-a-Third-of-the-Internet-Is-Pornographic)

      therefore porn sites have a far smaller probability for malware then non porn sites.

      --
      Troll is not a replacement for I disagree.
    3. Re:What are the percentages? by Monkeedude1212 · · Score: 2, Interesting

      No, I think the percentages are kind of irrelevant.

      Basically what you are asking for is a census of the internet. And what qualifies as a porn site and what qualifies as a non-porn site can reeeaaaallly blur the lines. Suppose Break is used to showing off hot Swimsuit models? Pornographic? Probably not. They show a Pic of a spring break girl flashing? Ehhh it's hard to call it pornography even though theres nudity.

      I think it generally boils down to what sites can you trust vs what sites you can't trust. And that just cums with experience.

      Damnit I almost made it through the whole post without a pun...

    4. Re:What are the percentages? by tomkost · · Score: 1

      In other words, there are more people posting useless articles who are not name CmdrTaco than those who are. So, we should avoid those not named CmdrTaco since this article is definitely useless???

    5. Re:What are the percentages? by BenoitRen · · Score: 1

      I think it generally boils down to what sites can you trust vs what sites you can't trust.

      Wrong. You can't trust any site.

    6. Re:What are the percentages? by NevarMore · · Score: 1

      Except there are only two categories of websites:
      Porn
      Not Porn

      So you should be able to extrapolate the data you want from there.

    7. Re:What are the percentages? by JamesTRexx · · Score: 2, Funny

      Then I vote for more pornsites on the net!

      Either that or block everything but .xxx domains...

      --
      home
    8. Re:What are the percentages? by Anonymous Coward · · Score: 0

      The malware planters put it on legit sites because they know the majority of porn surfers are cheapskates who are looking for freebies and therefore have nothing to steal.

    9. Re:What are the percentages? by Anonymous Coward · · Score: 1, Informative

      Fifty-eight times higher, I believe, based on recent data that 37% of websites are porn.

    10. Re:What are the percentages? by Wolfraider · · Score: 0

      but but but...The Internet is for porn, or at least that's what the song said

    11. Re:What are the percentages? by FlyMysticalDJ · · Score: 1

      The study you mentioned.

    12. Re:What are the percentages? by nu1x · · Score: 1

      Generally, I consider porn to be when bodily liquids of genital genesis are displayed - described (or implied).

      --
      I have nothing to lose but my bindings.
  6. That doesn't necessarily mean they're wrong by mooingyak · · Score: 4, Insightful

    Does that still hold true in terms of traffic? It doesn't matter how many sites have malware, it matters how often those sites are visited. One high volume site with malware does more damage than a thousand sites that no one visits.

    --
    William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
    1. Re:That doesn't necessarily mean they're wrong by ArsonSmith · · Score: 0, Offtopic

      Are you sure? I heard of a study recently that fat women are more likely to have unwanted pregnancies and STDs then normal weight women.

      --
      Paying taxes to buy civilization is like paying a hooker to buy love.
    2. Re:That doesn't necessarily mean they're wrong by mooingyak · · Score: 1

      Snicker.

      So fat woman == lower self esteem == easier to convince her to ditch the rubber?

      --
      William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
    3. Re:That doesn't necessarily mean they're wrong by bertoelcon · · Score: 1

      That is because they are high volume sites. Fat usually equals tits you know.

      --
      Anything can be found funny, from a certain point of view.
    4. Re:That doesn't necessarily mean they're wrong by JWSmythe · · Score: 2, Funny

          Nah, she'll just sit on you so you can't pull out. She's been gaining weight for attention for years, she needs that little crying shitting bundle of joy so people will look at her.

          Makes me think of someone I saw yesterday. She had an oxygen tank and cane, because she could barely walk. She had a dozen gallon boxes of ice cream, and enough other assorted crap foods that could feed a normal person for a month (or more).

          I can hear the conversation with her doctor now.

          "No ma'am, the human body isn't designed to carry the weight of an elephant. And please don't bring a bucket of fried chicken into my examining room again."

          "Are you saying I'm fat? I'm not fat. It's genetics that make me like this!"

          "Ma'am, the only genetics at work here are the ones that make you too dumb to realize you eat too much. And, where's my nurse?"

          "Sorry, I was hungry."

          Unfortunately, she was wearing a dress, and I saw her ankles. Well, there were no ankles, just a huge chunk of flesh that went from somewhere I don't want to even think about down to her shoes that were crushed under the pressure. And she was with her fat kid, probably all of 12 years old, about 5' tall and 180 pounds. Ya momma, treat your kids like you treat yourself.

      --
      Serious? Seriousness is well above my pay grade.
    5. Re:That doesn't necessarily mean they're wrong by ArsonSmith · · Score: 1

      That was the conclusion from the Doc reviewing the study as well.

      --
      Paying taxes to buy civilization is like paying a hooker to buy love.
    6. Re:That doesn't necessarily mean they're wrong by ArsonSmith · · Score: 2, Funny

      Off topic? We were talking about thousands of sites that rarely get visits. How are fat women not on topic?

      --
      Paying taxes to buy civilization is like paying a hooker to buy love.
  7. How is this useful stats? by Xerion · · Score: 2, Insightful

    "A study by free anti-virus firm Avast found 99 infected legitimate domains for every infected adult web site."

    Maybe there are just 99 regular websites to every porn site out there.

    1. Re:How is this useful stats? by crazypip666 · · Score: 2, Informative

      I assure you there aren't. If you believe this story, then more than a third of the internet is porn.

    2. Re:How is this useful stats? by c+era · · Score: 1

      Maybe there are just 99 regular websites to every porn site out there.

      You must be new to this internet thing.

    3. Re:How is this useful stats? by logjon · · Score: 0

      I'm going to go with "probably not."

      --
      The stories and info posted here are artistic works of fiction and falsehood.
      Only fools would take it as fact.
  8. Embarrassing by Gaygirlie · · Score: 2, Funny

    Vodafone UK infected... well, it WOULD be embarrassing if it was about any other company, but with all the bad things I've heard about Vodafone you probably get better quality service and stabler applications even via the infection than from Vodafone.

  9. There's a reason for that by Monkeedude1212 · · Score: 5, Insightful

    People in the porn business are in it to make money. For the most part, they work together. Ever notice how they all link/ad/popup to more sites all within their clique?

    There's more money in repeat subscriptions than regular joe getting infected with Malware.

    1. Re:There's a reason for that by Wowlapalooza · · Score: 1

      People in the porn business are in it to make money. For the most part, they work together. Ever notice how they all link/ad/popup to more sites all within their clique?

      No, of course I've never noticed that. No virtuous person would have knowledge of such things. Either that, or they're too busy looking at other things on those web pages...

    2. Re:There's a reason for that by Qzukk · · Score: 2, Funny

      Either that, or they're too busy looking at other things on those web pages...

      Purely for research.

      --
      If I have been able to see further than others, it is because I bought a pair of binoculars.
    3. Re:There's a reason for that by JWSmythe · · Score: 5, Interesting

          Actually, the reason you'd see the same or similar ads in a particular genre of porn would be that porn folks are usually pretty good at targeted marketing. For the successful ones, they watch their revenue streams very carefully. They learn (through trial and error mostly) which ad campaigns work, which ones don't, and the best placement on their pages.

          There are some shady dealings too, where folks running ad campaigns shave profits. If campaign A gives them 1:300 conversion rate, but campaign B gives them a 1:600 conversion rate, but all other things are the same (same type of content, same cost and membership length) you can look at the possibility that the company running the campaign is stealing from you.

          Popovers, popunders, jumping monkeys, or whatever aren't the biggest concern of the webmaster. If that ad method didn't make money, it wouldn't be used. It's not worth it for the webmaster to waste space and/or time with ads people don't click on, or worse, ads that don't pay.

          For most of them, it's far from their best interest, to have a malware infected site. If you go there, and your antivirus does kick off saying "This site is infected, run!", you're very likely not to go there again. You may tell your perv friends "Hey, don't go there, it has viruses." If it's a "clean" site (as in viruses, not smut level), you may be back every day, and tell your perv friends "hey, check this site out."

          Word of mouth doesn't seem like it would be that significant, but it is. I worked at one of the highest trafficked adult sites for many years. They got that big by word of mouth. SEO on the site was almost nonexistent, unless you are looking for their name only, which they usually abbreviated, making that useless too. It was in their best interest to keep it a safe place to go.

          I'd guess most of the malware stuff is either done by dirty webmasters who don't ever expect to have a repeat visitor, or (and more of) lost and lonely porn sites in virtual hosting environments, where the user permissions were all set wrong. Have 0666 / a+rw on your files is an open invitation for anyone else on that machine to cause you a lot of grief.

          A lot of times, people don't even know that the problem exists. I was helping someone out with a non-porn site. I pulled down a copy of the live site with wget. That was fine. I went to their location, and we downloaded the entire contents of their site, and there were two html files with javascript malware in them, that weren't linked from the live site. It appears someone else on the server had a script crawl through and add their malicious payload to any default.html that was world writeable. The script kiddies can't tell if the files are actually used, they just write to anything they can. Sometimes they'll stick it in any .html or .htm file that's world writeable, but that takes longer than just sticking it in any index.html or default.html that they can.

          Regular webmaster type folks usually only have a handful of sites. Porn webmasters usually have hundreds or thousands of them. It's all about how much exposure your content gets. If I have one site, the chances of someone tripping over my site are slim. If I have 10,000 sites, the chances get much better, which means my ads are seen and I can make more money. People rarely set up porn sites for their love of the topic. They do it to make money.

      --
      Serious? Seriousness is well above my pay grade.
    4. Re:There's a reason for that by quantumplacet · · Score: 2, Funny

      I was only there to get directions on how to get away from there.

    5. Re:There's a reason for that by mfh · · Score: 1

      There's more money in repeat subscriptions than regular joe getting infected with Malware.

      I don't have an opinion on what you just said. I just am happy to be discussing porn on Slashdot.

      --
      The dangers of knowledge trigger emotional distress in human beings.
  10. Due to stereotypes? by crazypip666 · · Score: 2, Insightful

    I would imagine that part of the reason for this is that the idea that so many adult sites are infected drives adult sites to be very careful, so they don't get infected. If it gets out that an adult site is infected, there are plenty of others out there for people to go to, adult sites simply can't afford to become infected.

  11. Huge conflict of interest here. by Anonymous Coward · · Score: 2, Insightful

    A "study" done by an anit-virus firm finds that there are a lot of infected web sites out there. Regardless of the validity of the study, it seems that there is a HUGE conflict of interest here. A company in the business of protecting users for malicous websites publishes a study showing that there are a lot of malicous websites out there.

  12. Cue the bad jokes.... by southpolesammy · · Score: 2, Funny

    Uptime.
    Penetration testing.
    Viral infections.

    Discuss amongst yourselves...

    --
    Rule #1 -- Politics always trumps technology.
    1. Re:Cue the bad jokes.... by Anonymous Coward · · Score: 0

      Discuss amongst yourselves...

      Oh, is that what they call it these days? ;)

  13. That is why by Anonymous Coward · · Score: 0

    I tend to stay on porn sites, it's much safer there.

  14. I volunteer by SolarStorm · · Score: 1

    To validate this study...

    Which sites did they "study"?

  15. Things in common... by Stick32 · · Score: 1

    This isn't surprising. In a way advertisers and malware authors have a lot in common. They both want to have their ware's in places with the highest visibility, and they both want you to get something you may not want or need... As much as we all love to joke about how much porn there is on the internet I think we all realize there's more to it than just that.

  16. Headline is Redundant by Anonymous Coward · · Score: 0

    "Regular" Domains..."Porn Sites"...

  17. this just in by tomkost · · Score: 1

    There are more people NOT named CmdrTaco than those who ARE. Yes, the total number is higher, but what about the percentage???

  18. Tthe malware targets affiliate marketing ... by tomhudson · · Score: 1

    Get rid of those affiliate marketing schemes and the financial incentive for click-jacking, etc., goes way down.

    Malware author: "If I can get credit for sending traffic to your site, then what's to stop me from infecting as many sites as I can and making money off it?"

    Want malware to drop? Boycott anyone who uses affiliate marketing.

  19. it depends by circletimessquare · · Score: 1

    what kind of infection are we talking about?

    an adobe flash attack vector?

    or hepatitis b?

    --
    intellectual property law is philosophically incoherent. it is your moral duty to ignore it or sabotage it
  20. Not only do porn stars use protection... by by+(1706743) · · Score: 1

    So do porn sysadmins!

    1. Re:Not only do porn stars use protection... by Anonymous Coward · · Score: 0

      Actually that is really a valid point, porn admins are one of the most competitive admins I have seen.

  21. Oh great .... by xednieht · · Score: 1

    Like I needed a reason to visit porn sites...

    --

    Hope is the currency of fools
  22. Java Issue by helix2301 · · Score: 0, Flamebait

    Java in general is a security nightmare. Adobe had a huge hole in it because of the javascript that runs. Mysql has database injection holes because of the javascript that runs. This is part of the reason why adobe now has the option to turn off the javascript from running in Adobe Reader. Also why so many sites are getting away from being java based. They are trying to eliminate the security problems.

    --
    http://www.thetechnologygeek.org
    1. Re:Java Issue by Anonymous Coward · · Score: 2, Informative

      javascript isn't java

    2. Re:Java Issue by bannable · · Score: 3, Insightful

      JavaScript is not Java, and both the Adobe vulnerability and any SQL injection vulnerabilities that exist are the result of poor programming, not JS.

      --
      "If you see a man on a horse, he is likely an enemy. Kill the man and eat the horse."
  23. Red Light District ... by DrJimbo · · Score: 4, Interesting

    I lived in a centrally located but rather crummy neighborhood of NYC back in the early '80s. Late at night cars would be backed up up several blocks waiting in a line so they could turn down my street and pick up a hooker.

    Funny thing is, the neighborhood seemed perfectly safe. I never had any trouble getting to or from my apartment at any hour of the day or night. I figured it was probably one of the safest areas of NYC because any crime would have been bad for business.

    --
    We don't see the world as it is, we see it as we are.
    -- Anais Nin
    1. Re:Red Light District ... by Anonymous Coward · · Score: 1, Interesting

      By this fascinating logic, Mafia headquarters should be totally safe.

    2. Re:Red Light District ... by Anonymous Coward · · Score: 1, Interesting

      I just had to reply, first time ever on /.

      Yes. Mafia-controlled neighborhoods ARE very safe. It's the modern version of Pax Romana. Just don't challenge the status quo there.

    3. Re:Red Light District ... by Anonymous Coward · · Score: 0

      Of course. Why would they want to attract such attention to themselves?

  24. regular domains w/ more vs. more regular domains by Anonymous Coward · · Score: 0

    I didn't RTFA.

    BUT, the title seems misleading, given what the summary says.

    "Regular Domains Have More Malware"

    from the summary:

    "Avast found 99 infected legitimate domains for every infected adult website. In the UK"

    This doesn't mean that regular domain have more malware. It simply means that there's more regular domains with malware, which shouldn't surprise anyone, since there are more regular domains period.

  25. What is this world coming too.... by puppetman · · Score: 2, Informative

    when swingers are more likely to have an STD than a prostitute and a regular domain has more malware than a porn site.

    Obviously, the sex-professionals, be it high tech or human beings, are far more careful than an amateur.

    1. Re:What is this world coming too.... by Anonymous Coward · · Score: 0

      Obviously, the [...] professionals [...] are far more careful than an amateur.

      Duh. This surprises you?

  26. Porn sites have a built-in defense mechanism by HouseOfMisterE · · Score: 1

    Porn sites have a built-in defense mechanism. It's hard to hack when your hands are busy.

  27. The Answer is... by Anonymous Coward · · Score: 0

    If you want to rob people, you go to the busiest places.

    So really if you use a search engine, and search for the most popular things then you may as well assume you are going to find something.

    you want to view porn and not get bugs, run a different OS in a virtual machine, turn of javascipt in the browser and don't install flash. Or use a PS3!

  28. Of course by bobjr94 · · Score: 1

    The porn site people are smart and dont want to load your computer with malware and get blocked in firefox as an attack site. They want to be discrete and keep you coming back. Its the hackers that who dont care who's site they ruin by sneaking in hidden iframes and fake anti virus scanners.

  29. Analogy by bradgoodman · · Score: 1

    Yea, but that's sort of like saying "Hookers take more Penicillin than Doctors do".

  30. Re:regular domains w/ more vs. more regular domain by Anonymous Coward · · Score: 0

    Do you really think only 1% of the internet is porn?

  31. Percentage of porn sites by SnugglesTheBear · · Score: 1

    Researchers at Texas A&M are crawling the web and finding such statistics such as these. I do believe they have found that around 20% of websites on the internet are porn sites.

    --
    Would you hug a bear?
  32. The answer is ... by hduff · · Score: 1, Troll

    Don't use the web if you use a Microsoft OS and browser.

    --
    "I believe in Karma. That means I can do bad things to people all day long and I assume they deserve it." : Dogbert
    1. Re:The answer is ... by mjwx · · Score: 1

      Don't use the web if you use a Microsoft OS and browser.

      Remember that's a Boolean and. So if you're using a Microsoft browser with a non Microsoft OS then you're safe to use the web, you should probably seek professional help but you're safe.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
  33. If a man is tired of sex by bugs2squash · · Score: 2, Funny

    he is tired of life...

    --
    Nullius in verba
    1. Re:If a man is tired of sex by Locke2005 · · Score: 1

      But if a man is tired of looking at glossy, retouched pictures and videos of food, he isn't necessarily tired of eating.

      --
      I've abandoned my search for truth; now I'm just looking for some useful delusions.
    2. Re:If a man is tired of sex by Anonymous Coward · · Score: 0

      ...But if he's tired from masturbating, maybe he should get a life.

  34. Am I the only one who isn't surprised? by asdf7890 · · Score: 3, Insightful

    Am I the only one who isn't surprised? I would expect porn sites to be less infected than regular sites.

    Admins and designers who work on such sites are more likely, than those that work in more "innocent" areas, to be exposed to the lower end of human behaviour through using spammers and ropey affiliate schemes to draw in traffic. If you are aware of what nefarious things you do (or could do) and more importantly what your competition do or could do then you are going to be more clued up on how careful you need to be with site security.

    Ignoring the lower end of human behaviour (there must be at least one or two porn sites out amongst the millions that don't spam/crack/what-ever to make an extra few $), to be successful financially a porn site need to be secure, otherwise people would just hack in and take the content for nothing. It is simply good business for them to be security concious, especially the smaller outfits/franchises that are run by a small team (where the designers/programmers/admins are more likely to be directly affected in the wage-slip if the site is hacked). Designers, programmers and admins working on a small and possible not very sensitive part or a much larger organisations output (like the vodafone example mentioned) may not be as directly aware of such issues. The "smartphones section" of their site, assuming this is a phone/contract sales area, is not likely to have cracking types trying to steal content. Now a site (or part there of) that is offering paid-for downloadable content I would expect to be "safer" than other areas for the same reason as a porn site: the content needs to be protected more than the content of a brochure page.

  35. False Positives? by lastrogue · · Score: 0

    Is it possible that Avast could be finding false positives in the scans that the are running? I know it's quite possible on scanning of my local files and what not, but I'm not too familiar with the scanning of websites.

  36. You are correct by zoomshorts · · Score: 0

    Enough said.

  37. Are you sure? by SmallFurryCreature · · Score: 3, Funny

    Are you truly prepared to traverse the deepest darkest corners of the internet? Where unspeakable things happen and are best left untouched? Where your very soul is at risk and your sanity might be stripped from you with one wrong click?

    Do you really got what it takes to fire up your browser and go to a mobile phone operator site?

    I think not.

    --

    MMO Quests are like orgasms:

    You may solo them, I prefer them in a group.

  38. Now I'm confused by AliasMarlowe · · Score: 1

    Which category did they place www.sexlondon.co.uk in?

    --
    Those who can make you believe absurdities can make you commit atrocities. - Voltaire
  39. Maintenance by Anonymous Coward · · Score: 0

    I agree, they have a business model.

    Secondly, porn sites tend to be, you know, *maintained*. Software is updated, patched, so the website works.

  40. Doubtful by Anonymous Coward · · Score: 0

    Define: Legitimate site? (everything NOT porn?)
    I highly doubt this study. From personal experience, ANY shady website (whether porn or not) is MUCH more likely to contain viruses. Heck, the only time I was infected in my life was on a porn site browsing with Firefox with Avast enabled - I think the shady sites have a decent incentive to create awesome mal-ware as they don't have a real business model. Granted, some porn-sites make plenty money without mal-ware and I'm sure those are just as unlikely to contain a virus as slashdot.org or google.com. It's not the porn that makes the site risky - but I will say porn-sites are more likely to be "shady".

  41. Keep your PC secure... by TekJannsen · · Score: 3, Funny

    ...by avoiding non-porn sites altogether!

    1. Re:Keep your PC secure... by kevinburke08901 · · Score: 1

      some site like these also carry male ware local escorts male escorts transexual escorts massage parlors strip clubs

  42. poor comparison? by Anonymous Coward · · Score: 0

    Wouldn't a more accurate comparison have looked at the ratio of infected porn sites to total number of porn sites compared to the number of infected regular sites to the total number of regular infected sits?

  43. Certainly.. by cheros · · Score: 1

    .. Do you have any idea how hard it is to digest such pictures? :)

    --
    Insert .sig here. Send no money now. Owner may sue, contents will settle. Batteries not included.
  44. Headline Misses The Mark by VxJasonxV · · Score: 1

    I think the real story here is two fold;

    The first is [obvious]:
    More pages with Malware contained 'London' because of those Geo-Spam ads that usually come from Virus-laden ad networks. "Hot Singles waiting for you in London!" You know those ones. Facebook does it too, just a little bit less flagrantly.

    The second is the fact that Vodafone UK is serving up Malware. That's awesome.