Techsurvivors

Archives => 2006 => Topic started by: sandbox on December 15, 2006, 07:50:16 AM

Title: Study shows one in twenty-five search results are risky
Post by: sandbox on December 15, 2006, 07:50:16 AM
QUOTE
Security researcher Ben Edelman has revisited his May 2006 report on the relative risk of search engine results. In the original report, Edelman found that 5 percent of the results provided by search engines were marked as either "red" or "yellow" by SiteAdvisor, indicating that they presented some risk to the user. Now, Edelman says that his new study has shown that only 4.4 percent of such sites are risky, representing a drop of 12 percent since May.

SiteAdvisor is a service provided by antivirus vendor McAfee that rates sites based on their affiliation with spyware, viruses, excessive pop-up advertisements, and junk e-mail. Edelman used the tool to run 2,500 popular keywords through several search engines, including Yahoo, MSN Search (now Windows Live Search), AOL Search, Ask.com, and of course Google.


http://arstechnica.com/news.ars/post/20061213-8417.html

this is a bit old but it tells a good story
Malware: what it is and how to prevent it
http://arstechnica.com/articles/paedia/malware.ars/1
Title: Study shows one in twenty-five search results are risky
Post by: RHPConsult on December 15, 2006, 09:29:33 AM
Does that mean (he asked, with jaw-dropping naiveté) that if one has an Intel Mac, w/WIN installed, it is just as susceptible to these web-gangsters as if it were a Dell/Gateway/or whatever box?

I'm thinking of installing XP on my new iMac (I can't believe I'm writing this!) so that my granddkids – on their frequent visits to the Olde Folks – can play some M$ games, as well as the Mac varieties they've used since they first could scroll and click.

Am I asking for trouble in any way, as long as we don't ever "search" on the WIN side, a most unlikely event?

I know, I know, I sense that what I don't understand is staggering!   huh.gif     eek2.gif
Title: Study shows one in twenty-five search results are risky
Post by: Paddy on December 15, 2006, 10:59:53 AM
The PC-junk will only affect the PC side of things though (as far as I can tell) - your Mac installation is still safe.

Good hygiene on the PC side (along with some supervision of the activities of the small fry) is a must and should protect you reasonably well. Anti-virus, anti-pop-up and anti-spyware/adware are all a must.

http://www.consumersearch.com/www/software...virus-software/
http://www.software-antivirus.com/

(I'd get the AOL software based on the Kapersky software, but use a throwaway email address so they won't bother you with their "offers")

Adware - Adaware is free. Not quite as highly rated as a couple of commercial products, but should be ok:

http://www.pcworld.com/article/id,119572-p...re/article.html

Pop-up blocker - Install Google Toolbar and enable the pop-up blocking. Also free, of course.

If you're going to offer them the option of playing games, be sure you use BootCamp. The GUI is limited to 8MB of VRAM in Parallels - which is abysmal or completely unusable for a lot of games.
Title: Study shows one in twenty-five search results are risky
Post by: gunug on December 15, 2006, 12:46:38 PM
Gives a new meaning to the "I'm feeling lucky!" button at Google!
Title: Study shows one in twenty-five search results are risky
Post by: Xairbusdriver on December 15, 2006, 12:53:42 PM
QUOTE
Does that mean...that if one has an Intel Mac, w/WIN installed, it is just as susceptible to these web-gangsters as if it were a Dell/Gateway/or whatever box?
Absolutely, exactly and YES. It's not the hardware that was/is the problem, it's always and probably always will be the OS. That's why Windows has been castigated for so long. Mac OSs have not been a problem. Linux/nix/nex/wheteverx, have not had the virus problems because they are a variant of Unix ( just as OS X is ). But Windows of any current/future flavor is still built on the same shaky foundation, just more duct tape and bailing wire on the newer versions. As long as Windows is around, I predict a good investment is in virus protection software companies.

The only good I can see from this is that Mac owners may become more security conscious, although that seems to not be the case with the majority of Windows users. dntknw.gif
Title: Study shows one in twenty-five search results are risky
Post by: sandbox on December 15, 2006, 01:28:49 PM
QUOTE
IT: ALSR in Vista Gets OEM Push
Posted by Zonk on Friday December 15, @01:35PM
from the at-leas-they're-trying dept.
Security
gr00ve writes "Eweek is reporting that all the major OEMs will enable DEP/NX in their BIOSes by default to allow Address Space Layout Randomization (ASLR), a new security feature in Windows Vista, to work as advertised. ASLR, which is used to randomly arrange the positions of key data areas to block hackers from predicting target addresses, is meant to make Windows Vista more resilient to virus and worm attacks." From the article: "Because most CPUs that ship today support DEP/NX, Howard explained that Vista users on older hardware can use the control panel to manually verify that PCs have DEP enabled. With full support from OEMs, Microsoft is effectively using ASLR to create software diversity within a single operating system, a move that is widely seen as Redmond's attempt to address the monoculture risk. The memory-space randomization technique will block the majority of buffer overflow tricks used in about two-thirds of all worm and virus attacks."

http://slashdot.org/
Title: Study shows one in twenty-five search results are risky
Post by: RHPConsult on December 15, 2006, 06:28:09 PM
Paddy
Thanks for the specifics. I'll be sure my son (the swticher) with the new Intel iMac also gets the word.

SB
Well . . . that certainly clears a lot of things up for me. eek2.gif

ABD
 salute.gif
Title: Study shows one in twenty-five search results are risky
Post by: Texas Mac Man on December 15, 2006, 07:30:00 PM
QUOTE(RHPConsult @ Dec 15 2006, 10:29 AM) <{POST_SNAPBACK}>
I'm thinking of installing XP on my new iMac (I can't believe I'm writing this!) so that my granddkids – on their frequent visits to the Olde Folks – can play some M$ games, as well as the Mac varieties they've used since they first could scroll and click.

Am I asking for trouble in any way, as long as we don't ever "search" on the WIN side, a most unlikely event?


I would think the safest way would be to put Windows on a separate partition, or a separate HD.
Title: Study shows one in twenty-five search results are risky
Post by: RHPConsult on December 16, 2006, 01:26:27 AM
The HD will easily accommodate both an extra OS X (my usual practice) on a separate partition, as well as one for XP.

Somewhat tangentially, my discovering, hereabouts, the solution to my longstanding "skinny" OPEN/SAVE dialog box "glitch", suggests that I should drop the separate partition for Documents – that's been my practice for years (pre- and post-OSX) – and use Tiger the way The Leader presented it to us.

Never too olde to learn.  I hope.
Title: Study shows one in twenty-five search results are risky
Post by: kimmer on December 16, 2006, 11:01:37 AM
QUOTE
Somewhat tangentially, my discovering, hereabouts, the solution to my longstanding "skinny" OPEN/SAVE dialog box "glitch", suggests that I should drop the separate partition for Documents – that's been my practice for years (pre- and post-OSX)

This was hard for me. I'd always saved my docs and pics on either a separate drive or partition, and having it all together was weird. I've learned though, so there's hope, RHP! I know you can do it. I know you can. smile.gif
Title: Study shows one in twenty-five search results are risky
Post by: Xairbusdriver on December 16, 2006, 11:21:00 AM
Sorry, I still don't think the 'one size fits all' approach is the best. Perhaps for complete computer newbies, but once one starts cramming more and more documents into a single folder, it makes for one messy shoebox. On the other extreme, it can be just as hard to find something buried at the bottom of 15 folders/directories. But isn't that what Spotlight is supposed to address? wallbash.gif

The 'computer' exists to help us, not the other way around. If we like to be more organized, the computer should not hinder that. That's still one of my biggest complaints about Apple's lack of ability to 'discover' its own apps on my hard drive, if they aren't lose in the "Applications" directory. Good grief, why can't the OSs developers be as flexible as all the other developers? No other updater for third-party apps requires me to keep it anywhere in particular, even when they suggest using the Applications folder. If they can find their own apps, anywhere on the drive, why can't Apple? It's ridiculous! rant.gif
Title: Study shows one in twenty-five search results are risky
Post by: Paddy on December 16, 2006, 11:42:32 AM
I've always used the Documents file as intended by Apple - I just have over 275 subfolders... tongue.gif

They're all alphabetical of course, and quite a few of them have subfolders.

As long as I remember to put things where they belong, I'm fine. Most of the time it works, and when it doesn't, there's always Spotlight. smile.gif

I just installed the 15-trial version of Parallels and WinXP Pro on my MacBook Pro. Very painless. Will probably upgrade to the paid version later today - see no reason not to. Now I need to go find all that anti-everything-nasty software and FF for Windows and we'll be all set. Decided that NOT being able to play games was a big plus - keeps the under-16 set in this household from messing around with Mom's laptop. Besides, they spend quite enough time playing WoW on their own Macs!
Title: Study shows one in twenty-five search results are risky
Post by: RHPConsult on December 16, 2006, 11:43:39 AM
You're both right! harhar.gif  Devilish2.gif

Although I'm recommending that Jim have some more eggnog!   eusa_dance.gif
Title: Study shows one in twenty-five search results are risky
Post by: tacit on December 19, 2006, 04:12:20 PM
Grr.

I hate sensationalist, vapid news reporting like this.

First of all, it is very, very, very important to understand that a red or yellow Site Advisor ranking does not actually necessarily mean a site is 'risky.' The yellow Site Advisor rankings can mean many, many things, some of which have nothing to do with "risk" at all.

Let me tell you a thing or two about Site Advisor.

Site Advisor lists my Web site, www.xeromag.com, as "yellow." It says my site is "risky" because it is a source of spam, and falsely claims that when the Site Advisor automated robot "signed up" at Xeromag.com, it started receiving spam.

This is bunk, because there is no way to "sign up" at my Web site. In February of this year, I filed a formal complaint with McAffee about my listing, and a McAffee Site Advisor employee acknowledged that the listing was incorrect and promised to correct it.

That was ten months ago. I'm still listed as "yellow."

It gets worse, too.

Sites that link to, or make reference to, "yellow" sites are ALSO listed as "dangerous." Every person who links to my Web site is listed as a "red" dangerous site. That includes my own Web sites (such as my T-shirt site villaintees.com and my other sites), and it includes every other person who links to my site. Linking to a supposed "yellow" or "red" site gets the linking site listed as being "dangerous" as well.

It seems clear that McAfee's goal is to list as many sites as possible as "bad," because that is how McAfee drums up business for their security programs. If they actually took care to list only malicious sites, such as sites with viruses and so on, then the number of "bad" sites they list would go way, way, way down.

And most sites that have viruses and other malware are only up for a few hours anyway, or days at most, and then get shut down...so it would not be possible to keep up with "bad" sites.

So we have a supposed "bad site" advisor, written for the purpose of selling products, that has no oversight and no effective way to appeal a listing, that lists sites that are harmless, and that lists sites that link to sites that are harmless, but does not and can not actually list the most harmful sites.

It's rubbish, and unfortunately, this lack of oversight and this business agenda means the operators have no motivation to make sure their listings are accurate. But people believe the listings, without actually investigating or even questioning what will put a site on this list.

I'm waiting for the first person who is falsely listed as I am and who has money to sue McAfee and bring the whole sorry, pathetic charade crashing down. If I had the money, I'd sue them myself.
Title: Study shows one in twenty-five search results are risky
Post by: sandbox on December 19, 2006, 07:03:04 PM
Well that's a drag. They also claim that spamassasin gives your domain a score of 15.
Did you have a form back in Feb. when the complaint was lodged?
Title: Study shows one in twenty-five search results are risky
Post by: krissel on December 20, 2006, 01:38:38 AM
QUOTE(Xairbusdriver @ Dec 16 2006, 12:21 PM) <{POST_SNAPBACK}>
That's still one of my biggest complaints about Apple's lack of ability to 'discover' its own apps on my hard drive, if they aren't lose in the "Applications" directory. Good grief, why can't the OSs developers be as flexible as all the other developers? No other updater for third-party apps requires me to keep it anywhere in particular, even when they suggest using the Applications folder. If they can find their own apps, anywhere on the drive, why can't Apple? It's ridiculous! rant.gif



The main reason Apple "recommends" putting their apps in the Applications folder is for ease in upgrading. When you go to the next version of the OS it expects certain files to be in certain places and named properly. There are other apps that also require you to have not changed the name or moved parts of the app.

That said you can move the Apple apps to other locations and they will be found for general use but expect possible problems when you update a program. If you always do an archive and install it won't matter of course. At one point in the past I had iTunes and iPhoto on another partition due to space problems. But now my drive is large enough to keep things together.
Title: Study shows one in twenty-five search results are risky
Post by: tacit on December 20, 2006, 04:20:47 PM
QUOTE(sandbox @ Dec 20 2006, 01:03 AM) <{POST_SNAPBACK}>
Well that's a drag. They also claim that spamassasin gives your domain a score of 15.
Did you have a form back in Feb. when the complaint was lodged?


Yep, I sure did. When I wrote to the SiteAdvisor staff back then, they said that the form was probably the reason that my site was listed.

I rewrote the form so that it mangles the email addresses of users who post in it. I dropped an email to SiteAdvisor letting them know about the change, and received a reply the next day saying that the site would be removed from their list.

Instead of removing it, they actually increased its "threat level"--it used to be "yellow," now it's "red." They also redlisted every site that links to it--and that is a whole lot of sites.

The pragmatic side of me suspects their redlisting is mere incompetence, the sort of laziness you see in any business or entity that operates with no oversight whatsoever. The cynic in me suggests that maybe some employees of McAfee have a personal agenda of their own, and redlisted the site because they do not like what I have to say.
Title: Study shows one in twenty-five search results are risky
Post by: sandbox on December 21, 2006, 02:46:03 AM
I had noticed the RED listing. wink.gif

Is there no way the FTC or a third party could intervene?

Maybe a good ol anti SiteAdvisor campaign would tune them up? Or maybe your already doing that and their reaction has increased the level?

If there is no oversight there really isn't much you can do, is there?  coolio.gif
Title: Study shows one in twenty-five search results are risky
Post by: tacit on December 21, 2006, 06:54:28 PM
QUOTE(sandbox @ Dec 21 2006, 08:46 AM) <{POST_SNAPBACK}>
I had noticed the RED listing. wink.gif

Is there no way the FTC or a third party could intervene?

Maybe a good ol anti SiteAdvisor campaign would tune them up? Or maybe your already doing that and their reaction has increased the level?

If there is no oversight there really isn't much you can do, is there?  coolio.gif


Unfortunately, no. There's not much I can do.

I wrote an email to them again at the beginning of the week; as of today (Thursday), I have received no response. I can understand what they are attempting to do, and even admire it; unfortunately, the site seems to work with no accountability and without even any stated policy on how a site becomes listed, nor any stated policy or procedure by which a person may challenge that listing.
Title: Study shows one in twenty-five search results are risky
Post by: Xairbusdriver on December 21, 2006, 07:58:26 PM
QUOTE("krissel")
The main reason Apple "recommends" putting their apps in the Applications folder is for ease in upgrading. When you go to the next version of the OS it expects certain files to be in certain places and named properly. There are other apps that also require you to have not changed the name or moved parts of the app.
That's exactly my point! But the ease is for the Apple installer/updater, not the customer. Apple designed they OS and the updaters to specificly not perform any kind of search, all they do is sniff for the app in the "Applications" directory ( either yours or the hard drives ) if it ain't there, and despite the fact that its dom file is where it's supposed to be, the installer simply quits.

Of course, third-party developers can't take that monopolistic, Microsoft inspired attitude, they depend on goodwill and customer satisfaction, so they make upgrades simple even if somewhat more computer intensive. But they don't require rigid compliance with procedures that make using the computer and maintaining its logical arrangement of apps/documents less than personal. I feel for those who have an Application folder crammed to overflowing with every conceivable app they ever 'installed'! WOW.gif That, simply chaos, IMHO.

Spotlight was not designed to find applications. Why would it have been, if everyone followed Apples rules? dntknw.gif Secondly, if Spotlight is so handy and is used by so many other developers, why shouldn't Apple use it for its own operations, like finding its own apps? You can't have it both ways. Either Apple is to stupid to use its own technology or it just doesn't care about.

If you want to use a single Documents folder, fine. But that's no better than having Documents folders for each app. I suppose that's what you mean you've done by having multiple folders and even sub folders. But there is no installer/ipdater that I know of that needs to 'see' where the docs for any program may be located, so I don't see what that has to do with my complaint about the "Applications" directory 'rule'.

I usually avoid the problem by simply moving Apple's apps to the Application folders top level so their crippled installers can do their thing. Fortunately, that is not too often, as they usually update the updater within a few days of making the first one available. harhar.gif As noted by many here, I usually wait a few months, until the final updater arrives! blush-anim-cl.gif That way I only have to move the Apple app twice, instead of twice for every new updater until the final one.

While Apple still makes the best consumer OS in the known universe, IMHO, that doesn't mean they are perfect ( as in every thing works the way I want it to ). I think that quality of "for the rest of us" is starting to disappear from the corporation. That is easy to do as they grow and the connection from the top to the customer gets further and further increased and crowded with 'managers' who are usually more concerned about their paycheck than making 'waves'. And the fact that His Steveness has a somewhat strong personality probably doesn't help.

Oh well, I need another shot of eggnog! And a few of my Great-Grandmother's cookies! yum.gif smile.gif
Title: Study shows one in twenty-five search results are risky
Post by: krissel on December 22, 2006, 03:48:39 AM
QUOTE(Xairbusdriver @ Dec 21 2006, 08:58 PM) <{POST_SNAPBACK}>
Oh well, I need ... a few of my Great-Grandmother's cookies! yum.gif smile.gif



 eek2.gif  Wow, they must be pretty hard by now.    getsick.gif   grinch.gif
Title: Study shows one in twenty-five search results are risky
Post by: Gregg on December 22, 2006, 07:54:34 AM
Internet Search is a game of chance. Nothing ventured, nothing gained.
Title: Study shows one in twenty-five search results are risky
Post by: kimmer on December 22, 2006, 10:51:20 AM
QUOTE(krissel @ Dec 22 2006, 01:48 AM) <{POST_SNAPBACK}>
eek2.gif  Wow, they must be pretty hard by now.    getsick.gif   grinch.gif

 rofl.gif  rofl.gif  rofl.gif

That's what I thought. Maybe we should all send XABD a tin of *fresh* cookies?
Title: Study shows one in twenty-five search results are risky
Post by: sandbox on December 22, 2006, 11:12:41 AM
QUOTE(kimmer @ Dec 22 2006, 11:51 AM) <{POST_SNAPBACK}>
rofl.gif  rofl.gif  rofl.gif

That's what I thought. Maybe we should all send XABD a tin of *fresh* cookies?




Enjoy  yum.gif http://www.selmas.com/
Title: Study shows one in twenty-five search results are risky
Post by: kimmer on December 22, 2006, 11:30:15 AM
^Oh yummy! I was thinking a tin of homemade ... but ... those do look yummy.
Title: Study shows one in twenty-five search results are risky
Post by: Xairbusdriver on December 22, 2006, 02:51:37 PM
Not stale at all! I used to make them by the hundred's to hand out when stopping at different FedEx stations ( don't think I ever got to Canada in December, Karl! at least not after I got some seniority! smile.gif ). Now I just make them for my wife's DAR party, close friends and to keep my weight up! blush-anim-cl.gif

The original recipe was really for a kind of Ginger Snap, but by lowering the oven temp and shortening the cooking time, they end up being chewy! So far, no one has reported sickness due to under cooking! harhar.gif They are best when still warm, especially with ice-cold milk in a frosted glass! yum.gif
Title: Study shows one in twenty-five search results are risky
Post by: kimmer on December 22, 2006, 03:00:46 PM
QUOTE(Xairbusdriver @ Dec 22 2006, 12:51 PM) <{POST_SNAPBACK}>
The original recipe was really for a kind of Ginger Snap, but by lowering the oven temp and shortening the cooking time, they end up being chewy! So far, no one has reported sickness due to under cooking! harhar.gif They are best when still warm, especially with ice-cold milk in a frosted glass! yum.gif

Well, I'll share a cookie recipe if you will share this one with us. wink.gif