Safe site or not?

Discussion in 'other anti-malware software' started by GES/POR, Oct 20, 2007.

Thread Status:
Not open for further replies.
  1. GES/POR

    GES/POR Registered Member

    Joined:
    Nov 26, 2006
    Posts:
    1,490
    Location:
    Armacham
    Finjan is flagging NoAdware.net and linkscanner isn't. So it might be an fp but it also might be genuine. Ok for malware/files there is jotti and others but what about this type of precaution. How can i check. The site itself is of no use to me, i just wanna c for myself how well these progs r working.

    googled for porn and cracks just 2 c what results these programs might give me, especially the different results is interresting.

    porn: freeviewmovies.com Finjan flags it and Linkscanner isn't

    cracks: if u type in cracks at google search ull notice alot of sites getting flagged by Linkscanner but way less by Finjan. So who is more right?

    Finjan seems a lil slower, it gives out a lil more info on what kind of malware/behaviour is warned about.
     
  2. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    NoAdware used to be a very suspicious/almost rogue app.
    Hint, if the Noadware.net site isn't using any exploit, LS may not flag it. There are adware sites which don't use exploits/drive-bys.
     
  3. rogert30062

    rogert30062 Registered Member

    Joined:
    May 1, 2006
    Posts:
    68
    Location:
    Atlanta
    Hi,

    (a) I think we're right about NoAdware, and Finjan is wrong. I think NoAdware is poorly written software, but I don't think it's bad.

    (1) It asked nicely about installing itself. Most bad things don't ask.
    (2) A system scan returned a single false positive. Most bad things make up all sorts of crap being on your system to scare you. A false positive is a sign of a poorly written/ poorly tested program... not a rogue.
    (3) It uninstalled when I told it to. Rogue generally fail to uninstall.

    (b) I _think_ we're right about Freeviewmovies.com. It's a nasty porn site, but it's not using any sort of exploit, or even social engineering, other than _offering_ to install a toolbar. Most social engineering places really try to twist your arm. Now, the toolbar is pretty dubious, but I'm not convinced that it deserves to be blocked.

    (c) I think we're right about the cracks sites. All cracks sites are stunningly dangerous, and we block them as soon as we find them. You simply cannot trust them. Either find a freeware version of software, or buy it. Don't use cracked software or you'll be a victim at some point.


    Cheers

    Roger
    CTO
    LinkScanner.com
     
  4. Mrkvonic

    Mrkvonic Linux Systems Expert

    Joined:
    May 9, 2005
    Posts:
    8,698
    Hello,

    I have a philosophical question:
    How does one define a safe site?

    Without going into politics, wouldn't a "radical" site be more damaging than a nudity site? Or why should porn be considered inherently wrong?

    Regarding the cracks sites:
    There are many sites, especially gaming sites, which offer game patches - cracks in a way - to allow cheats, modifications etc. They are not necessarily bad. Most still assume that you have actually bought a game and merely are trying to improve it.

    There's also the question how and to what end you use the sites and their content. In that regard, browsers are evil, because they allow you to reach crack sites and P2P software is evil, because it allows the temptation of piracy to be materialized.

    Back to porn, why is a site x considered "nasty porn site?" Are the movies nasty - which is a matter of taste and culture - or the site itself, because the scripts are trying to achieve something, regardless of the content?

    I think the site flagging software should leave the moral issue to the user and the code issue to the bot. In other words, let me choose what's good for my eyes and soul, while the bot takes care of the scripts - if at all such a choice should be made regarding the necessity of site blocking / filtering software.

    Furthermore, blocking sites because of the downloads available is also wrong, in my opinion. Poorly coded software could be dangerous, but what about Sony rootkit, for example? No one would have dreamed of flagging Sony bad. And again, no one really has to download anything.

    So, if this software is to have any merit, it should do what the user cannot, decide regarding the code. Plus ignore the actual text, because it's funny that del command in a post should be flagged as dangerous. And finally, what about the server scripts?

    Mrk
     
  5. fcukdat

    fcukdat Registered Member

    Joined:
    Feb 20, 2005
    Posts:
    569
    Location:
    England,UK
    Thanks GES/POR for the link:thumb:

    http://www.castlecops.com/t205385-MD5_4120301af70f2e56acf3a42e96de343b_fvm_porn_toolbar_exe.html

    Suspect file(VT=2/32)

    With reguards NoAdware.net i noticed that Kaspersky/AntiVir started flagging their main executable as fraudware recently along with others:blink:

    hXXp://www.noadware.net/noadware.exe
    http://www.castlecops.com/postlite204403-noadware.html

    It is a very poor peace of payware(gives the legitimate ASW vendors a bad name)as it is widely advertised through sponsored searchs/links etc and in my testing has continually underperformed versus a lot of free softwares.

    IMO good call by Kasp/AntiVir although i have not yet seen it distibuted in same way as winfixer/SpySherrif and such other puke:gack:
     
  6. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    "Porn," as you so lightly call it, was shown by the late, great FBI Director J. Edgar Hoover to be a sign of PREversion. In the name of The Purity of Our Precious Bodily Fluids, Wing Commander Mandrake, PREversion must be fought at all costs. Now, Mandrake, I have to shave. Give my regards to The President and to Dr. Strangelove. And don't avoid women, Mandrake, but do deny them your bodily essence.

    Yours Sincerely,
    Gen. Jack E. Ripper
    Burpleson AFB.
     
  7. dw2108

    dw2108 Registered Member

    Joined:
    Jan 24, 2006
    Posts:
    480
    Sorry for posting in such a silly way. Didn't mean to break the continuity of this thread.

    Dave
     
  8. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Let me say!
    If this is the thinking of a philosopher, I am not sure what I should expect from an ordinary person.

    I could not stop myself.
     
  9. StevieE9

    StevieE9 Registered Member

    Joined:
    Jan 16, 2007
    Posts:
    139
    It isn't the 'porn' that is wrong, it is the spyware and general malware CODE that is likely to be hidden (for which the site owners get very well remunerated for by the spyware injectors) within the site that is wrong.
    A 'radical' site is far less likely to be doing business with people who want to hijack your PC.
     
Loading...
Thread Status:
Not open for further replies.