Discussion in 'other anti-malware software' started by Anti_Spyware, Jan 8, 2006.
By going to the link that is contained in the first post of this thread
I Installed in Firefox 1.0.7 - seemed to work fine 'til I shut down, now nothing.
The extension is installed but doesn't appear to be functioning. Anyone else having luck with firefox?
I have 188.8.131.52, works fine with this version of FF
downloaded it and i think it has a lot of FP i typed in porn on google and every site came up green haha
What is FP?
Up yeah, I would try it but it won't install for me in FF.
FP = False Positive, something GOOD that is wrongly considered as bad by a software.
Thank you. You are now the official translator of lazy thread posters. I wonder how he confirmed that they are false positives?
I have been doing some testing of my own for over a week now. My biggest complaints so far is are frequency at which they update their information, and the amount of time that it takes for them to test a submitted site.
I submitted a personal web site last week for testing. It is still queued up for testing. It concerns me that it takes so long. This is a fatal flaw that they need to fix.
Why necessarily FPs? Porn sites are not "automatically" infected with anything per se, it's usually the links within links within links, etc that gets people into trouble.
A 'Green' rating would more than likely be correct with these sites, as there may be no ActiveX/email spam/drive-by downloads/pop-ups, etc on the original site itself, so yes, it's more than likely very accurate in that regard.
Just like if you googled for 'crack'/warez/etc... lots of green sites originally, but some red ones which do give unauthorised spam/downloads, etc.
Still, giving those sites a Green does not mean you can go there happily clicking on everything thinking you are in the 'Green Zone' and safe. The same applies to some legitimate sites which become infected by various means, unbeknown to the owners until too late.
Surfing safely no matter the site is still the order of the day.
Fatal ? It is free , as far as I know and , like anything else , take it with a grain of salt . Even inexperienced users do not really NEED this program . Kind of cool to play with but , as Tassie said , just because it shows green does not mean it is safe . They use their personal experience to say what is safe and what is not . I just think " fatal " is pretty harsh for a flaw in a program that is more of a novelty than a safety mechanism .
And the time it takes should be awhile . They cannot use their personal experience by checking out a site and giving their suggestion in a day or two . They need to wait to see if , and how much , spam may come in . I think a week may be a bit long but , I am sure they are checking many . Not just one or two .
And who says p0rn is bad for you?
People are assuming that it is timely and accurate information. It is in fact information that is weeks old. Therefore it is a fatal flaw in the system that can be exploited quite easily.
Here is the scenario: A malicious web site maker creates a benign site and submits it for testing. He then waits for his site to appear as tested and safe. He then modifies the site to deploy his dagerous payload. Now the site operates for weeks before it appears as red. Countless people who relied on Siteadvisor are now infected.
This current version does not meet security requirements to be relied upon enterprise wide. Every site needs to be tested at the very minimum on a weekly basis, preferably daily in order for Siteadvisor to be useful.
Would you call virus signatures reliable if they are a month old? Would you buy a news paper that was a month old? Information is useless if it is not timely and accurate.
I am sorry but , you miss the most important part here . Site Advisor is NOTHING like an AV . Even though you should back up your AV program because nothing is one hundred percent all the time , Site Advisor is not something that the masses should use as a protective application . As stated before , it is more of a novelty than anything else . Anyone who would use that program to protect them from so-called " bad sites " should NOT even be using the internet ! Call it what you wish but , this program is interesting at best and a joke at worst . Not putting them down because the program is fine . You are just putting WAYYYY too much emphasis into something that will never come close to protecting you . We are protected from bad sites with AV , AS , firewall , popup blocking , referrer blocking , cookie controling applications and so on .
You might want to ease up on Site Advisor as being such a serious protector and look at something more important and helpful .
Without the timely info , you claim it is useless . Again , it is a novelty . Use some common sense and GOOD protection and Site Advisor should be seen as a very unimportant application .
I concur. I consider SiteAdvisor as an indication with a bag of salt, although I like the traffic light colors (green, yellow, red) very much.
You both miss the point completely. This is a product. It is not a novelty. This cannot be a viable product if the information is not timely. From an enterprise point of view, this product would be fantastic if the information was timely. As it stands now, it is just a novelty.
This company will not be around for another year if they do not resolve this issue. It will wither if the information provided is proven to be unreliable. After all, the information is the product, and unreliable information is useless.
My criticisms of this product are not born from my dislike of the product. They are born from my belief in its potential. This is a tool that educates a user like no other. It gives users a way to learn about a dangerous site before they visit it. If you put a product like that out on the enterprise, then it can help reduce the amount of spyware and spam that corporate systems receive.
Sadly , it is people like you that keep these types of programs afloat . No program of this genre' will EVER be what you wish it to be . Again , nice idea but , it will never be . Well , never say never but , based on your own words , this type of program can ALWAYS be fooled . These programs are not based on anything other than the personal view of the developer . It is NOT a program to use to protect yourself . PERIOD ! It never will be because they are easily fooled AND it is based on personal views . If you and I go to the exact same site at the exact same time and stay the exact amount of time as the other , would it surprise you that I get an ad or two and you do not ? Personal opinion is what the program is . That is all . And you talk about the possibilities ? Good luck because what you want out of this type of product is nowhere in the near future .
Now , that IS my point .
And thanks Erik . Glad someone sees this for what it is and does not look so deep into as to think it is security for your computer .
While I will agree it's still in it's early stages of development....we'll definitely have to agree to dis-agree when it comes to calling it a joke
I doubt very seriously if folks like Ben Edelman or the SiteAdvisor Team consider their work on this program a joke
different strokes for different folks
warez had LOADS of reds
I agree they do not . Good for them . It is a joke unless you use it properly . Properly meaning , if it is green , enter at your own risk . lol . Sheesh . For people who know nothing of security , this will do more harm than good . It is , sorry . I cannot explain it anymore . You guys are humorous . I think it is great you like it . Hope you enjoy it . Sure you will .
I will continue to have fun with it as that is all it is good for . A novelty program .
I got an e-mail reply from them on this and they said that both ideas are on their to-do list.
I just sent them some more ideas. I suggested that they put time stamps on the reports and that they increase the frequency at which they test sites. I also asked them how they handle robot.txt and the ROBOTS meta tag. I am curious if they ignore them, or honor them. Lastly, I asked them about their business model and how they plan on making money from Siteadvisor. I will post their response as soon as I get it.
Well if a website has a RED mark, I hope it's TRUE, otherwise the website (supposed to be green) will have less visitors and that would be unfair.
Of course the webmaster can complain, but how fast will it be rectified ?
It happened already with the Bluetack Hosts file, where a website was wrongly blacklisted.
A software like SiteAdvisor affects the whole internet, because all websites are marked and as long it's true, no problem, but what if not ?
Here is a posting from their blog site:
It addresses this very issue and how they handle it.
Yes. Cheater87 seems to be using the term wrongly. He's talking about something BAD that is considered good.
SiteAdvisor data, completess, and timeliness
Howdy, folks. Ben Edelman here. Sorry to join this discussion a bit late. But I figured I'd at least try to chime in with what I know, to the extent it seems relevant and useful.
Notageek, I'm sorry to hear you had trouble with the SA installation sequence. You might consider writing to SiteAdvisor feedback to describe the problem more. They might be able to help you, or they might be able to fix the problem so it doesn't affect others in the future.
Close_Hauled, Your concerns are well-taken. I take your basic worry to be the completeness of SiteAdvisor's data. The web is awfully big, and crawling it all, often, may be unrealistic. I share this worry, in principle. But SiteAdvisor has been enlarging its server farm, increasing capacity significantly. Now, with that capacity SiteAdvisor has some choices: It can recrawl already-tested sites more frequently; it can test more sites that seem to be high priorities objectively (e.g. based on many links from other sites); or it can test sites that users specifically request. Frankly, I think #2 and #3 are generally more urgent than #1. I do like recrawling from time to time, but for many sites that's not super-urgent. Kazaa.com is still going to get a red next month, just like this month. All that said: With the greater server capacity on hand, I hope you'll see that data gets better and better. Data completeness is one big reason why SiteAdvisor still describes itself as in "preview" mode, rather than officially and fully launched.
Your worry about seemingly-good sites turning bad is very sensible too. As you say, it's not easy to know how to address this. Certainly no one claims that SiteAdvisor is a replacement for existing anti-spyware and anti-virus tools, and these other prorams may offer some useful additional protection in this case. Also, though, do consider SiteAdvisor's user feedback system. All submitted comments are promptly reviewed by SiteAdvisor staff, and sites' ratings can and do change after SiteAdvisor receives persuassive feedback. That doesn't mean SiteAdvisor will get the answers right in the first hour, but it might not be far behind.
In thinking through SiteAdvisor's prospects, I guess I focus on the big picture of areas where SA can most readily assist. We all know that search engines link to lots of bad sites. SiteAdvisor can definitely help users stay away from some of the bad sites. Will others slip through? Maybe sometimes. But the more users SA gets, and the more folks who help submit observed bad actors (like those folks who intentionally start off good, then flip to bad shortly thereafter), the more likely that SA will catch even those bad guys that otherwise slip through the automated tests. Meanwhile, in my own testing, I've been very impressed with SA's existing completeness. Just when I think I've found a "new" never-before-seen distributor of some notorious adware, I check SA's ratings and see that SA already knew about it. So color me impressed.
Full disclosure: SA provides me with data for use in spyware research and academic writing. Also I'm on their advisory board. So take all the above for what it's worth.
Been using it for 2 days now... love it!!!
Separate names with a comma.