Comments on websites

User picture

Bad website rated Green

sab 29 dic 2007 16:42:00 UTC da DannyK

lyricsfreak.com sometimes leads to an adbrite page. I found this out when I went to visit it a few minutes ago and NOD32 came up with:
SWF/TrojanDownloader.Gida.A trojan

Please people, start rating this site red. Adbrite is rated red, but Lyricsfreak should be rated that too.

User picture

Your correct.

mer 02 gen 2008 09:11:33 UTC da anandnav

Well lyricsfreak.com has always been suspicious since long time now and I have even used it sometime back and had a lot of PC hang problems.

I have rated it in red.

Thanks for bringing this issue into consideration.

Regards,
Anand.

User picture

Rating will infect your pc

mar 25 mar 2008 13:59:17 UTC da Bald

Mmm...
If you want to rate it, your computer will be infected.

User picture

Yea, I just rated it red. As

mar 25 mar 2008 20:02:23 UTC da Rob

Yea, I just rated it red. As long as you are using Firefox with adblock, you should be alright but not all people have that kind of setup and they shouldn't really have to either.

User picture

hm

mar 15 apr 2008 23:35:11 UTC da kr8to

when u click my ranking does that count as overall ranking?

User picture

RE: hm

mer 16 apr 2008 18:25:43 UTC da stavros

It counts as overall of all users voted

User picture

Leaving a comment is a new possibility

gio 17 apr 2008 06:37:16 UTC da Esa S.

WOT version 3 and the scorecard gives you now a possibility to leave feedback without visiting a page. We have received requests on making it possible to give feedback without landing on a dangerous site, and now you can do it. I made an example by copying DannyK's finding:
http://www.mywot.com/en/scorecard/lyricsfreak.com

I see that Rob has also added his. You need to be a registered member to leave a comment, but anyone can view the scorecard pages. It is still imporatant to rate the site because comments do not directly influence the rating.

User picture

Heya

gio 17 apr 2008 15:43:22 UTC da icepick66

I don't see how you can change the rating on that page?
Clicking on the bars does not seem to do anything

You can only leave a comment, and the WOT plugin only lists mywot.com.

User picture

Re: Heya

gio 17 apr 2008 15:53:23 UTC da Sami

You can rate websites using the add-on, which always shows you the rating for the current site.

User picture

Well rating malicious site

gio 17 apr 2008 15:59:40 UTC da lordpake

Well rating malicious site would require visiting said malicious site, thus exposing one's computer to possible danger. I can see the dilemma in that :)

Basically at current state WOT is not suited for rating sites that for example have exploits in place. Because, as Esa said previously, comments do not directly effect site's rating.

User picture

Re: Well rating malicious site

gio 17 apr 2008 16:29:56 UTC da Sami

Yes, we know. I suppose it would be possible to let you rate sites on the scorecard in future, but we haven't really discussed this.

On the other hand, forcing you to actually visit a site before rating it makes it more likely that you confirm your suspicions instead of rating based on hearsay alone. It also helps in preventing users from accidentally rating the wrong site. For example, it's way more unlikely that you'll give a good rating to a typosquatter when using the add-on.

User picture

Some notes.

ven 18 apr 2008 02:21:20 UTC da Alex Tracer

Q: How to safely visit dangerous site?
A: 1) Use safe browser. Usually this means: "do not use Internet Explorer". Try fresh versions of FireFox, Opera or Safary.
2) Disable JavaScript in your browser.
3) Use antivirus that supports browser-integration.

Q: What about lyricsfreak.com?
I'm not sure but I think this site was hacked recently. "Black" hackers usually do such things to get more computers for their botnets. My own site was infected few times in the same way until I recasted site's security policy.

User picture

@Alex Tracer

ven 18 apr 2008 11:34:33 UTC da lordpake

In context of my previous post here I do find your post rather irresponsible. Regular home user has no SAFE way of visiting malicious site. And by malicious I mean sites that have exploits in place. What you suggested are simply means of narrowing the window of vulnerability. Not forgetting up-to-date Java, Flash, QuickTime, Windows etc.

Better leave visiting active exploit sites to security professionals and to those advanced users who have solid understanding of what they are doing.

User picture

Another way to rate malicious sites.

lun 16 giu 2008 20:44:52 UTC da Bald

There is also another way to rate a malicious site is using Adblock Plus, and I think there are very much people using it. You can just add the following filter:
*
This will block everything. Just add the filter, rate the site, go away from the site and remove the filter.

User picture

"As long as you are using

sab 07 giu 2008 14:56:00 UTC da phantazm

"As long as you are using Firefox with adblock, you should be alright..."

I'll recommend NoScript as well
(only available for FireFox)

User picture

into the lion's den...

lun 09 giu 2008 19:08:53 UTC da woova

Alex' suggestion to disable javascript isn't feasible. The WOT scorecard rating relies on javascript. Disable javascript and you'll receive an error msg when trying to send a rating (and the comment text field will be unavailable to you)
-=-
"Sorry, this page does not work correctly without JavaScript. Please enable JavaScript on your browser."

The myWOT staff might consider adding a "report an unsafe site for review / verification" contact form to the website "support" menu (displayed only to logged-in members) and / or an additional flyout within the context menu of the browser plugin, similarly labeled "report an unsafe site for review / verification".

Verification?
The point is that some sites may merit "special handling" or may seem especially malicious (to the reporter, er, testifier), seeming to merit immediate "red flagging". A staff-verified rating (heavy weighting, definitive 'confidence') would expedite the rating process.

Another situation related to "special handling" and verification:

Consider what will transpire when a testifier reports on the "domain"
badsite.tld:8081/goboom.htm

He probably doesn't realize that the link he followed led to content which is being served from a non-standard port. He places a rating, submits a comment...

...and anyone reading the scorecard who attempts to "verify"
that badsite.tld is indeed bad, finds only innocuous content when they visit -- because the the "baddie" site owner is maintaining a "front", by also serving content from
badsite.tld:80

User picture

Into the cats den..?

mar 10 giu 2008 14:48:45 UTC da phantazm

I agree that it is not a good idea to disable javascript. Then again allowing javascript in all directions is not safe either. That's why I like NoScript, as it allows you to allow one site, and still dissallowing others. Some cats are indeed lions, some cats are just kittens. Therefore a differentiated response is optimal.

However, NoScript is only for FireFox.
And perhaps too complicated for newbies...

User picture

hiya

mar 10 giu 2008 20:39:25 UTC da woova

This thread opened with:
"lyricsfreak dawt com sometimes leads to an adbrite page"

Attention to the SOMETIMES factor spurred my "into the lion's den" remark.

Lion's den, slippery slope, can-o-worms... however you label it, verification will be problematic when content is being randomly / conditionally displayed at a given URL.

User picture

If you get any of that trogan-ware ..then??

mar 24 giu 2008 13:59:08 UTC da Parridox

If you get hit by any trogan download viewer or other means of there virus-ware.You can then no longer trust your Operating System too be stable an clean, You or i would if it was me,Do a online scan if able to get one,Turn off my System restore so that the virus can not hide on my PC, or called jump around,not being caught by my Anti-virus or Spyware killer i use.When it is all clean, after the scans of them,i will turn on my System Restore again.I do not turn it onto full 12 % or what it is able too use.I set it at 3 too 5 % of space to use.The extra backing up will not help anything.I was reading in some tech news somewhere's.
I use as a anti-virus: ( BitDefenderFreeEdition v10 - Built 247
http://www.BitDefender.com
Spyware killer i use an trust: http://www.SuperAntiSpyware.com

P.S. Both of these programs are FREE editions !
I hate anything that takes away from clean health of my PC. Thank you .!

User picture

Heres what I use...

mar 24 giu 2008 17:05:39 UTC da Yatti420

I dont have a specific browser for visiting potentially bad stuff.. I do have lots of layers though to protect me..

My Standard Windows Setup...
Router>Comp..
Firefox2\3 (always clearing pvt data etc - with phishing etc protection enabled)
HostsMan (MVPS list)
PeerGuardian 2 (various lists for p2p\trojans etc)
Spybot Search & Destroy (SDHelper enabled)
Clamwin Antivirus..
Stinger Standalone Antivirus
Custom Removal Tool for USB viruses I pick up at school constantly..
IE7 Pro for adblocking in IE etc.. (with WOT synched)
...

I have various initial posts on the tools i use etc.. Way back in the forums..

Peace
---------
Jared Gray

User picture

Visiting bad sites.

sab 28 giu 2008 00:58:44 UTC da logicman

My best advice is - don't!

If you want to investigate a site, use a spare PC set up for just that purpose.

Other than that, I strongly recommend SandboxIE - it will 'sandbox' not just IE, but any program.

If you run your favourite browser in a sandbox, when you delete the sandbox file,
you delete everything that was downloaded or modified during your browsing session -
bookmarks, cookies, viruses, trojans - the lot.

Study up on how to use SandboxIE before you download it.

btw, it's free. Just a 5 second 'nag' screen after each computer re-start.
Or you could pay.
http://www.sandboxie.com/

http://www.siteadvisor.com/sites/sandboxie.com?ref=safe&client_ver=FF_26...

Stay safe, people.

User picture

I have used PeerGuardian2,

gio 03 lug 2008 04:24:35 UTC da MissMimi

I have used PeerGuardian2, it seems good to me when I, but it kept on crashing. I don't like instable programs.

Someone told me about WinASo, and told me to check it out. It's a really good program; You should check it out. It is a registry optimizer, and it does more. Works wonders.
http://www.winaso.com/
The problem is, to get all the options, you need to buy it. The free downloads are for evaluation purposes.

I also use McAfee (which has borwser integration), and the oh-so-famous Ad-Aware.
I recommend getting different programs that focuses on different areas.

And I barely go to lyrics sites. So I'm good there =]

User picture

Yeah!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

sab 09 ago 2008 22:00:38 UTC da Robot369

lyricsfreak.com is know rated red.

User picture

I think I was a little too curious...

dom 10 ago 2008 18:42:55 UTC da Curious

I have downloaded some lyrics to see if my Avira antivirus will take effect, and it allways were saying "your computer is infected with spyware... click here to clean it" I don`t have the Avira Premium so it can not clean against spywares but I have Glary Utilities and he has the Spyware and adware remover so my Mac is clean now.

User picture

I think that this needs to be revisited...

mer 13 ago 2008 19:56:31 UTC da JoATMoN

And this is one of the reasons why I am unsure about allowing just anybody to rate sites. Who is moderating the sites or contacting webmasters to see if the site has been hacked or redirected without the owners knowledge?

This site has the same scripts running on it as MYWOT.com does...so are you going to give WOT a red rating as well?!?!?!

Shouldn't there be a group of mods or admins or security teams that can verify sites that people are unsure of and report CORRECT information here? This site just seems to have been hacked at the wrong time and an overzealous WOT user demanded that EVERYONE rate it as red instead of actually doing the proper research.

Telling others to visit the site isn't helping...Contacting the Webmaster will. Either he contacts you saying that the problem is fixed, or he doesn't contact you, which most likely means that the site IS malicious. Besides...why are you DOWNLOADING lyrics? Shouldn't you just copy and paste them from the page onto notepad?

User picture

If a site has been hacked,

mer 13 ago 2008 19:58:46 UTC da Rob

If a site has been hacked, the site is still dangerous and people need to be warned of this.

User picture

If you don't want to rate via site...

mer 03 set 2008 14:23:08 UTC da Toptiger5

If you don't want to go to the site to rate, write http://www.mywot.com/en/scorecard/SITENAMEGOESHERE

User picture

The truth

ven 05 set 2008 21:56:49 UTC da Saul_Luque

Why can't some people be mature and give it a rating it deserves

User picture

lyricsfreak.com

sab 06 set 2008 08:33:19 UTC da andre9

I like this website. I did not find any malware or problems with it.

User picture

It's the ad network they use ...

sab 06 set 2008 13:06:00 UTC da lordpake

They use AdBrite, afaik that specific network has been involved in serving malicious ads for some time now. Another example is Clicksor. These two are enough to make me use both NoScript and AdBlock and encourage others to to so also, to get rid of every ad. I realize this hurts legitimate website owners/ad networks, however in this case few bad apples do indeed ruin the entire harvest!

And not everyone always gets the same ads, so if one person got infected by visiitng the next might not ...

Now whether to rate site red or green or yellow because of their ad network is one question. Another is, why does the site continue to use such an ad network, which continues to support advertizers with malicious intent/ads which can possibly compromise computers?

"Men make good pets."

User picture

good point

sab 06 set 2008 17:10:20 UTC da andre9

thanks lordpake, am changing my rating as we speak, thx

12seguente >Ultimo >>
Copyright Against Intuition domanda di brevetto depositata