(The quickest way to register)

Forum

  1. User picture
    • dns_sec_expert on Wed 29 Feb 2012
    • 03:39:14 PM UTC

    uni.me

    Site URL: http://uni.me
    Scorecard: View scorecard

    Introduction:
    uni.me is offering free (sub)domains ending in .uni.me (eg. www.yourname.uni.me) to the end of any url you want it to be at. It mostly links to good websites, but some people can abuse it so it can lead to harmful websites.

    In order to prevent abuse we have an active cooperation with companies such as Microsoft, Kapersky, IID etc. in place and malware domains reported from those providers are deleted from the zone file within 60 minutes.

    To rate the whole domain uni.me as bad site is simply not correct and harms our over 300,000 users. WOT should like other similiar services rate each subdomain individually.

    Has privacy policy?
    http://uni.me/privacy.php

    Has a way for users to contact site owners?
    http://uni.me/abuse.php

    Whois Information:
    http://whois.domaintools.com/uni.me

    Disclaimer:
    This post was generated automatically. All information is as entered by the site owner.

Comments:

  1. User picture
    • leofelix on Wed 29 Feb 2012
    • 06:57:10 PM UTC

    RE: uni.me

    Welcome to the web of trust forum
    please have a look here

    http://sitecheck.sucuri.net/results/uni.me

    web site: uni.me
    status: Site infected with malware
    web trust: Site blacklisted.

    Malware entry
    http://sucuri.net/malware/malware-entry-mwht291

    Norton Safeweb
    http://safeweb.norton.com/report/show?url=uni.me

    Google diagnostic (although that site isn't listed as suspicious) (date: 2012-02-29.)
    http://www.google.com/safebrowsing/diagnostic?site...

    Malicious software includes 1985 trojan(s), 1266 scripting exploit(s), 1234 exploit(s). Successful infection resulted in an average of 6 new process(es) on the target machine.

    Moreover you may have a look here
    http://www.mywot.com/forum/20322-uni-me-red-fla...

    Fix those flaws and I'll be glad to remove my rating and comment
    Thanks

    festina lente (hurry slowly)

  2. User picture
    • c۞g on Thu 01 Mar 2012
    • 04:26:16 AM UTC

    RE: uni.me

    http://www.google.com/safebrowsing/diagnostic?site=uni.me
    Part of this site was listed for suspicious activity 13 time(s) over the past 90 days.

    Malicious software includes 2021 trojan(s), 1281 scripting exploit(s), 1235 exploit(s). Successful infection resulted in an average of 6 new process(es) on the target machine.

    When Google SafeBrowsing can report:
    suspicious content was never found on this site within the past 90 days.

    send me a PM and I'll delete my ratings and remove this comment

    ∞ - and you and I Opto, ergo sum

  3. User picture
    • Myxt on Thu 01 Mar 2012
    • 07:40:01 AM UTC

    RE: uni.me

    @dns_sec_expert - You emphasize three points:
    1. Rating the root domain uni.me automatically colors the subdomains.
    2. There are a great many subdomains, of which some may be innocent.
    3. It is not your fault if your members abuse their subdomains.

    At present, I emphasize only one point: the malware was found on the root domain.
    You can't blame your members for putting it there.

  4. User picture
    • dns_sec_expert on Thu 01 Mar 2012
    • 12:46:15 PM UTC

    RE: uni.me

    Hello, thank you for your feeback.

    http://www.mywot.com/scorecard/co.cc -> this site is 100% the same as uni.me -> how comes it is rated green?
    http://www.mywot.com/scorecard/cz.cc -> previous version of uni.me -> rated yellow
    http://www.mywot.com/scorecard/bit.ly -> rated green altough it links to malware

    what I want to say is that your rating is simply wrong. on the domain

    http://uni.me/

    is no, never was and never will be malware. Every service which is used by a lot of users gets abused. However to flag a whole project (which on top of it has one of the best abuse prevention system in cooperation with Microsoft) because of a few abusive domains is wrong.

    You should try to look at each sub-domain as an own domain.

    http://www.google.com/safebrowsing/diagnostic?site...

    Thank yo again

  5. User picture
    • MysteryFCM on Thu 01 Mar 2012
    • 08:09:26 PM UTC

    RE: uni.me

    A few? That's not strictly true. Every iteration of cz.cc associated services, has had thousands of malicious hostnames abused through it. Yes they're quick to take action *now*, but weren't previously, and still aren't doing enough actual prevention, to prevent it happening in the first place (and I must stress - the other providers such as co.cc etc, are just as guilty of this).

    Regards Steven Burn I.T. Mate / hpHosts it-mate.co.uk / hosts-file.net

  6. User picture
    • w2u on Fri 02 Mar 2012
    • 06:38:07 AM UTC

    RE: uni.me

    These two sites are listed as phishing and injection sites.

    They are on your server. But not your main site.

    Small-whitebg-red Phishing Attacks (what's this?)

    Threats found: 2
    Here is a complete list: (for more information about a specific threat, click on the Threat Name below)
    Location: http://windowslivelogin.uni.me/
    Location: http://centric-access.uni.me/index.php

  7. User picture
    • c۞g on Fri 02 Mar 2012
    • 06:46:25 PM UTC

    RE: uni.me

    Originally posted by: dns_sec_expert
    what I want to say is that your rating is simply wrong. on the domain
    http://uni.me/

    is no, never was and never will be malware. Every service which is used by a lot of users gets abused. However to flag a whole project (which on top of it has one of the best abuse prevention system in cooperation with Microsoft) because of a few abusive domains is wrong.

    You should try to look at each sub-domain as an own domain.

    http://www.google.com/safebrowsing/diagnostic?site=www.uni.me

    co.cc / cz.cc are not the topic...
    "free" services get abused, which makes it harder for the service to maintain. It's not up to each user to report back to the service and say, "Hey I violated the ToS scold me." It is the service's responsibility to detect breach. Expecting other third=party sources to keep the servers "clean" is, IMO, "passing the buck."

    What you're saying is, "Welcome to my house, excuse the mess in the various rooms, we have a lousy maid." Your house... your responsibility to keep it clean.

    As far as the WWW subdomain prefix
    In WOT the domain reputation is the same for:
    example.com
    www.example.com
    www1.example.com

    Visiting: https://www.mywot.com/scorecard/www.uni.me
    returns the same scorecard as: https://www.mywot.com/scorecard/uni.me

    Linking to SafeBrowsing for www.uni.me when the domain is not used is pointless.
    http://uni.me loads without redirecting to www.uni.me
    Therefore: SafeBrowsing diagnostics for uni.me is valid and accurate.

    ∞ - and you and I Opto, ergo sum

  8. User picture
    • dns_sec_expert on Sat 03 Mar 2012
    • 09:37:18 AM UTC

    RE: uni.me

    Originally posted by: MysteryFCM
    A few? That's not strictly true. Every iteration of cz.cc associated services, has had thousands of malicious hostnames abused through it. Yes they're quick to take action *now*, but weren't previously, and still aren't doing enough actual prevention, to prevent it happening in the first place (and I must stress - the other providers such as co.cc etc, are just as guilty of this).

    Thank you Steven. Compared to the other people writing here against uni.me you are the only one who is understanding the situation and is actively helping to make the internet a safer place for all of us. Thank you for this.

    As you mention correctly, any abusive domain which gets reported is deleted within 60 minutes from our zone file. There is NO regular registrar for second level-domains who takes quicker action as you know yourself.

    The problem with WOT is simply that the system itself is not working reporting properly when flagging the main domain uni.me as malware since its not true as you know... This is the only point I wanted to make by starting this post here. If WOT wants to flag sites wrongly its not a problem for my business but it's not good for the WOT service itself since it provides false information.

  9. User picture
    • Nick Vini (not verified) on Sat 03 Mar 2012
    • 09:51:26 AM UTC

    RE: uni.me

    Originally posted by: dns_sec_expert
    WOT should like other similiar services rate each subdomain individually.

    WOT does not rate websites, its members do. Your thought isn't correct, at every time there is possibility to rate each subdomain individually, just if subdomain has no any ratings it inherits the parent domain's reputation. Also, when a parent domain has many untrustworthy subdomains that have been rated poorly for that reason, the parent domain also suffers, so every negative ratings offered to subdomains distributing malware or spam do affect you site's reputation, it may explain why you have a bad reputation on here.

  10. User picture
    • dns_sec_expert on Sat 03 Mar 2012
    • 09:58:26 AM UTC

    RE: uni.me

    Originally posted by: VeretekkCEO
    These two sites are listed as phishing and injection sites.

    They are on your server. But not your main site.

    Small-whitebg-red Phishing Attacks (what's this?)

    Threats found: 2
    Here is a complete list: (for more information about a specific threat, click on the Threat Name below)
    Location: http://windowslivelogin.uni.me/
    Location: http://centric-access.uni.me/index.php

    Those sites are not and never where on our server. You need to try to learn how DNS and our service works before making false statements about where files are hosted...

    Both of those sites where reported by our data providers long time before they appeared here and removed. Therefore they should have a) never appeared on WOT as malware (since the problem was solved beforehand already) or b) de-listed within reasonable time since the problem was solved.

  11. User picture
    • dns_sec_expert on Sat 03 Mar 2012
    • 10:14:59 AM UTC

    RE: uni.me

    Originally posted by: g7w
    co.cc / cz.cc are not the topic...

    uni.me=cz.cc :)
    Co.cc is responsible for most malware,phishing and other scams. Inform yourself a bit please.
    Originally posted by: g7w
    "free" services get abused, which makes it harder for the service to maintain. It's not up to each user to report back to the service and say, "Hey I violated the ToS scold me." It is the service's responsibility to detect breach. Expecting other third=party sources to keep the servers "clean" is, IMO, "passing the buck."

    What you're saying is, "Welcome to my house, excuse the mess in the various rooms, we have a lousy maid." Your house... your responsibility to keep it clean.


    you are telling me you know how our internal abuse processes and tools are working? Do you know all the measurements we take in order to keep the service clean? While I agree with your statement it does not apply for uni.me. We very well take pro-active measurements ourself. However the WOT rating is based on a handful of user reports which do not represent the reality. 
    Originally posted by: g7w
    Therefore: SafeBrowsing diagnostics for uni.me is valid and accurate.

    Safe browsing does only block sun domains and not the main domain uni.me as you can test for yourself. That is the whole point I try to make here on WOT: your rating is false since the domain uni.me is clean and always will be clean in contrary to your rating as malware.
  12. User picture
    • dns_sec_expert on Sat 03 Mar 2012
    • 10:25:01 AM UTC

    RE: uni.me

    Originally posted by: Nick Vini
    WOT does not rate websites, its members do. Your thought isn't correct, at every time there is possibility to rate each subdomain individually, just if subdomain has no any ratings it inherits the parent domain's reputation. Also, when a parent domain has many untrustworthy subdomains that have been rated poorly for that reason, the parent domain also suffers, so every negative ratings offered to subdomains distributing malware or spam do affect you site's reputation, it may explain why you have a bad reputation on here.

    I am the first person who applauds to the approach of community based ratings. However if a site has a handful ratings only it should not be flagged with a bad (or good) reputation already since its not very representative to make a judgement based on a dozen of votes (which are on top of it for subdomains and not for the domain listed on WOT).