Web Of Trust does not block some malicious sites

Discussion in 'other anti-malware software' started by _kronos_, Nov 1, 2010.

Thread Status:
Not open for further replies.
  1. _kronos_

    _kronos_ Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    126
    Hi :D

    As you can read from the title of this 3d I verified this behaviour.
    When I do some search, and WOT marks the search entry with the red circle, it does not alert neither block!!

    This is not true for ALL the sites, but only for SOME of them.
    This bug seems to affect only Wot on Firefox and Chrome, on Opera it works fine.

    I tested it searching in google some terms as suonerie, sfondi ecc, and this is the result.
    I emailed the support, waiting for an answer.

    So, at the moment, BE CAREFUL when surfing the web using WOT until we have an official response from the support :)

    Regards
     
  2. _kronos_

    _kronos_ Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    126
    I received an answer from the support:

    Wot open the warnings basing on the users votes and on the reputation ratings.
    If the reputation is not reliable enough, then WOT shows the red circle, but does not block/alert when open the page!

    So I recommend to rate the malicious sites. By doing this you'll help the reputation ratings become more reliable!
    Be carefull on open pages marked as red..

    Regards :D
     
  3. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    After giving it a spin for awhile, found it utterly useless based on it's design and was rightly "booted" to the curb.
     
  4. _kronos_

    _kronos_ Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    126
    Well, it depends on the importance you give to it.
    Its purpose is not to save your pc, but give you a suggest on a search for unknown sites..:p
     
  5. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    But you said this:

    And that's the problem with it :ouch: It's not staffed by malware researchers out there to protect you but relies on anyone to comment. Some young punk can go about his business every night giving bad ratings to sites that don't deserve it. Can't tell you how many sites i got blocked but proceeded anyways and lots of "one word" comments - "trojan" or "virus" There's nothin there but a site that said freeware but most apps were paid! :rolleyes:
     
  6. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,633
    Location:
    UK
    Some malware researchers do contribute, such as Steven Burn who is behind the hpHosts hosts file. There are some other sources as well. From the FAQs:
    The comments left by users aren't related to a site's reputation:
    They also say:
     
  7. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    ;)

    ;)

    Like i said ;)
     
  8. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,633
    Location:
    UK
    Yes, you are right, and it is all supposed to be based on a meritocracy. Included amongst all that though are ratings from the likes of hpHosts. Some ratings seem to be initiated from requests in their forums to rate specific websites. The problem is people may misrate, but the system apparently has a failsafe against that. However, like any community, unless people help out and correct where there are mistakes, how can they improve?

    Interestingly, there is a thread on their forums regarding catching malware despite having WOT installed. I'm not sure if I'm allowed to link to that here, but it's worth a look. :)
     
  9. tobacco

    tobacco Frequent Poster

    Joined:
    Nov 7, 2005
    Posts:
    1,497
    Location:
    British Columbia
    Hello Tony

    Thanks for the comments

    Looking back, my initial post was abit harsh but wanted to point out to not expect too much from WOT - from a security standpoint anyway. Guess prevx has me abit stirred up :p
     
  10. scott1256ca

    scott1256ca Registered Member

    Joined:
    Aug 18, 2009
    Posts:
    144
    Personally, I like WOT. I didn't realize how much until I started using scroogle and the ratings don't show up there (they do once you configure properly, which I have done now) and I quite missed seeing them. But you do have to keep your expectations in line. For me, it is less about expecting WOT to block access and more about seeing red lights or green lights and avoiding sites if I have alternatives. I do occasionally go to sites rated poorly, but my "radar" goes a bit higher and I look out for anything remotely suspicious. Sometimes before I visit a poorly rated site, I do another search on it and find out if it is worth a visit. If you expect WOT to do all the work for you, you're probably not going to be happy with it.
     
  11. carat

    carat Guest

    It's useless but nice :)
     
  12. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    Well said. That is how I use WOT, just as a flag to be more alert at some sites. It's not foolproof, nor do I expect it to be. But if you start adding up 80% useful layers, you'll get to 99.9999999% pretty quickly. I don't expect that much protection from ClearCloud DNS either, but like WOT it is adding some protection without noticable slowdown or interference.
     
  13. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    WOT serves a purpose other than just to block malicious sites. If you're going to depend on it for that, I'll say kudos to you:p As a friend of mine once said : WOT community don't judge a website only if it's infected or can harm your computer.

    WOT community also takes into account "the reputation of a website in terms of four components":

    * Trustworthiness
    * Vendor reliability
    * Privacy
    * Child safety

    You can refer to the FAQ for more info/details.

    If you're only keen in specifically blocking malicious sites, then I am of the opinion that there are other more suitable tools/services out there that you can make use of such as a specialized DNS server like ClearCloud DNS, a web shield component in AV programs or perhaps something like a modified and maintained hosts file (which may arguably be outdated concept for certain members here)

    When used in conjunction with common_sense.exe, WOT may just fit the bill for some of us here...especially more so if you have a locked-down system of some sort (be it with a HIPS, anti-executable, or OS internals).
     
  14. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
  15. _kronos_

    _kronos_ Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    126
    Thanks Saraceno, great post, i did'nt see it yet

    Anyway this is the global situation for the browsers:
    Opera: low confidence level, works as expected and blocks the sites
    Chrome: i did not find a way to reduce the confidence level
    Firefox: about:config, and set weboftrust.min_confidence_level to a best vallue (for example 1)

    Regards
     
  16. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    1. Could you please explain this "confidence level"?
    2. How many entries are there for weboftrust in your about:config. I have more than a screenful! :eek:
     
  17. _kronos_

    _kronos_ Registered Member

    Joined:
    Dec 8, 2008
    Posts:
    126
    1) A page to be succesfully blocked has to be voted as malicious from a lot of people. Until a page does not reach that segnalations level, it will not be blocked. You will only see the red circle, but the page will not blocked.
    This happens for security purposes, to increase the accuracy of the segnalation.
    By the way i strongly recommend to modify that value on firefox from 8 to a low value (I set it to 1).

    2) I think it has nothing to do with the speech :doubt:
    If you want to do that change simply follow the instructions i said before.

    Regards
     
  18. vasa1

    vasa1 Registered Member

    Joined:
    May 1, 2010
    Posts:
    4,152
    FWIW, there's this line in prefs.js in the extensions folder:

    min_confidence_level: wot.confidencelevels[1].min + 2,

    I haven't tried messing with it.
     
Loading...
Thread Status:
Not open for further replies.