Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Security The Internet IT

One in 25 Search Results Risky 69

Ant writes "According to Ars Technica, security researcher Ben Edelman revisited his May 2006 report on the relative risk of search engine results. In the original report, Edelman found that 5 percent of the results provided by search engines were marked as either "red" or "yellow" by SiteAdvisor, indicating that they presented some risk to the user. Now, Edelman says that his new study has shown that only 4.4 percent of such sites are risky, representing a drop of 12 percent since May... ... The study found that not only can regular links found by search engines be dangerous, the sponsored links that appear in prominent positions in the results pages can also be harmful. In fact, in the May study, sponsored links were more than twice as likely to be linked to malware than non-sponsored links (8.5 vs. 3.1 percent)."
This discussion has been archived. No new comments can be posted.

One in 25 Search Results Risky

Comments Filter:
  • by porkThreeWays ( 895269 ) on Friday December 15, 2006 @03:36PM (#17260774)
    1 in 25 search queries is for bukkake. It's no wonder =P
  • by goldspider ( 445116 ) on Friday December 15, 2006 @03:36PM (#17260776) Homepage
    Back when the Goatse and Tubgirl landmines were all the rage. And it was FAR more than 1/25!! I'm still using eyebleach!
    • Re: (Score:2, Funny)

      by Pinkfud ( 781828 )
      Heh, I set my share of those landmines myself. Those were the days! It was also quite funny (for the evil-doer at least) to make a pair of popups that called each other. Pop-pop-pop-pop....
  • Actual study link (Score:5, Informative)

    by Lord Grey ( 463613 ) * on Friday December 15, 2006 @03:36PM (#17260780)
    The actual study appears to be here [siteadvisor.com].
  • by Anonymous Coward on Friday December 15, 2006 @03:44PM (#17260946)
    ok, why doesnt google just notify the user of these yellow, red, (ie. government type terrorism alert colors) on top of each search result returned from a query. Based on these studies they (google) should be able to use the same algorithms the researches used to achive the same conclusion about unsafe sites.

    Or does google happen like all of these link farms, more advertisements and clicking = more profit for google? or id googles search algorithm to , shall i say, stupid? to distinguish the good guys (sites) from the bad...
    • by just_another_sean ( 919159 ) on Friday December 15, 2006 @04:14PM (#17261370) Journal
      I don't really want to argue one way or the other whether it is google's responsibility to do what you suggest but think of it from a logistics standpoint. Essentially your asking them to get into the AntiSpyware/AntiVirus game. They would need to setup a database of malware signatures, keep it up to date and then deal with the flack from users when they happen to miss something. Not to mention the whole "We're suing you for calling us spyware!" from the companies that deal in borderline, questionable software. I'm sure they would come out of the woodwork to sue someone with pockets like google's.

      If anyone has the resources to do something like this on a massive scale it's Google; but I can understand why they don't. To me this is akin to the argument that ISPs should cut off users with obviously infected boxes. Hell, ISPs could block sites using the same method you want Google to employ. Sure it would be helpful to the public at large but dealing with the customer service issues and false positives would be a real headache! Try explaining to Aunt Tillie why she can't get to knitting.com anymore because there is a trojan on her box spamming thousands of people everyday.
      • Re: (Score:2, Insightful)

        by Anonymous Coward
        They would need to setup a database of malware signatures, keep it up to date and then deal with the flack from users when they happen to miss something. Not to mention the whole "We're suing you for calling us spyware!"

        No they would'nt. All they would need is a small honeynet to detect this and flag legitimate sites installing spyware. Trust me, they have more than enough resources to do that no problem.

        As far as the sueing thing goes. People on search engines have NO legal grounds to sue google, period.
    • by Aladrin ( 926209 ) on Friday December 15, 2006 @04:34PM (#17261714)
      It'd become an arms race. Malware sites would simply rework their site until Google no longer listed them as malware, then do it again when Google figures out their new tactic.

      Nobody would be helped (especially not the 99% of users that would click anyhow) and Google would spend a lot of money for nothing.
    • Re: (Score:3, Interesting)

      by GeffDE ( 712146 )
      Well, I mean, google does do something like it...

      If you perform a risky search (My best shot was "vista serial crack") and then click on a shady link...google will send you to this page [google.com] before allowing you to proceed onto your destination.
    • I once searched for some serial and google warned me it was a dangerous site.
    • Re: (Score:3, Interesting)

      by dynamo52 ( 890601 )

      ok, why doesnt google just notify the user of these yellow, red, (ie. government type terrorism alert colors) on top of each search result returned from a query. Based on these studies they (google) should be able to use the same algorithms the researches used to achive the same conclusion about unsafe sites.

      You can get the siteadvisor [siteadvisor.com] extension for Firefox. It does exactly that and also notifies you if you browse there through other means.

      • But the problem is, if you know enough about computers to install firefox and the siteadvisor plugin then you don't need it (that much).
        Joe sixpack on the other hand would never use anything but IE and google, so one of these two things must change. And google is by far the easiest one of them to keep updated.
    • I can browse the net all day long with Linux and not encounter any risky stuff, except for a few Goatse type images...
  • Such as XSS attacks. If Google caches a page with XSS in the url (and it has done so in the past), the attack, which is simply JavaScript and not detectable by most antivirus software, can run in the background, retrieving information about the user or even opening up holes to later take over the user's computer.
  • ...anyone asking you to give them all your money is considered risky.
  • When a company is allowed to continue doing business after being caught several times with its hand in the malware cookie jar and gets nothing more than a slap on the wrist, there becomes no incentive to cease malware/spyware behavior. This is an enforcement issue and enforcement is not good enough. I'll bet if you label malware as a form of terrorism . . . . Well, on second thought don't do that, too many innocents would get caught up in the dragnet.
    • by Vreejack ( 68778 ) on Friday December 15, 2006 @04:33PM (#17261692)
      Slap on the wrist? There should be so much justice.

      My solution is to use a custom hosts file. http://www.mvps.org/winhelp2002/hosts.htm [mvps.org] publishes a nice one. Whenever I click on a lick in a web search list and I immediately get a "link not found" then I can pretty sure I didn't really want to go there in the first place. A lot of advertisements show up as "404's" as well.

      • You shouldn't have to avoid sites entirely because of the kind of so-called "risk" that Edelman refers to.

        Just ask, what does this "risk" consist of, exactly? If you read Edelman's articles carefully, or watch his videos, you'll find that the supposed hazards always involve (a) clicking "OK" when a page offers to download or run some software (b) using a browser with ActiveX, VBScript, Java or other random-code-execution turned on or (c) some combination - plus using a root account.

        If your software is

        • by bedelman ( 42523 )
          I emphatically disagree. I've written plenty about security exploits, where users need not click "yes" (or anything else), nor need ActiveX, VBS, or any other such thing. Details [benedelman.org].

          In any event, the piece at issue in the original post considers many kinds of risks -- not just exploits, but also run-of-the-mill scams, like "free" ringtones that aren't. You may not regard such sites as "risky" or harmful, but there are plenty of others who do, because they don't like the prospect of being ripped off.
          • I haven't examined everything on that page, but most of it reinforces my point. Most of the exploits fall in one of the categories:

            * User installs some software and it turns out to be trojaned, or different than it purported to be in some way that's undesirable to the user.

            * Exploits that rely on user having ActiveX enabled (with or without confirmation, warnings etc.)

            * Exploits that rely on unpatched defects in other (non-browser) applications such as Windows Media Player initiating network connections.

            * Z
  • by Anonymous Coward
    SiteAdvisor is annoying. They have their bot visit your website and fill in forms with junk to see whether or not you will spam the email address they supply. They keep hitting the price request form on my company's website, so a salesperson ends up calling the phone number they supply (always goes to voicemail) to try to help someone that isnt' real. Why does McAfee think it's OK to spam me to see whether or not I'll spam them back?
    • by Anonymous Coward
      Can't you whitelist and blacklist bots? The main search engine bots are known, just whitelist those and reject all the others, send them to a tarpit.
  • Adds a whole new dimension to Google's "I'm Feeling Lucky" button.
  • ...is not 5%.
    • by CByrd17 ( 987455 )
      True, but that was the number from the original study. 1/25 is 4% which is in line with the 4.4% referenced.
  • Trust (Score:2, Insightful)

    by Joebert ( 946227 )
    In fact, in the May study, sponsored links were more than twice as likely to be linked to malware than non-sponsored links

    Well, if this search engine places this site in this special spot, it must mean that this site is trustworthy.

    They payed to be in that spot ?

    Well, if they're able to pay for that spot, they must be trustworthy.

    What do you mean where did they get the money to pay for that spot ?
    How should I know ?
  • This may be stating the obvious (and for once I'm not being ironic) but if you happen to run SiteAdvisor (as I do) and do a Google search, the relevant ratings come up as an integral part of the search results.

    So, perhaps the question others have asked should be re-stated as "Why don't Google offer a site advisory service as part of their engine?" Perhaps because third-parties do so already? Google is, after all, primarily a search engine, albeit a distorted one due to proliferating sponsored links. OK,
  • by l2718 ( 514756 ) on Friday December 15, 2006 @05:10PM (#17262196)

    Sorry, but I am detecting crap. The process of measuring something in real life has inheret errors built into it. I doubt Dr. Edelman can measure the fraction of dangerous search results so accurately so that decimal digits have any meaning. Given that his methodology is to perform particular searches, for example, it's not obvious that his search pattern exactly represents that of a typical user, that his definition of a dangerous site is accurate, or how big are the fluctuations in search result placement in the search engines. Actually, I doubt you can even define the parameter he's measuring accurately enough for the difference between 4.4% and 5% to make sense. Very telling is that at not point does the study [siteadvisor.com] bother to address the error bars of the methodology. This indicates that no-one has any idea what the results actually mean, and that we should treat them with grave suspicion.

    Specifically, the implicit claim in the article that the difference between 4.4% and 5% is statistically significant [wikipedia.org] is bougs. The real byline is "fraction of dangerous websites remains unchanged". The two numbers are clearly equal within any reasonable error of measurement. Note that Dr. Edelman's study does not actually make this comparison.

    • Re: (Score:3, Insightful)

      by l2718 ( 514756 )
      For another example why error bars matter, think back to the Florida Elections Debacle of 2000. Essentially, the errors inherent in the elections process were much greater than the effect that the balloting was supposed to measure, rendering the entire results meaningless. Of course, someone had to be declared a winner so as a matter of legal fiction, Mr. Bush was (rightfully, I suspect) declared to have carried the state. However, it is meaningless to talk about who really won the election -- the differe
  • If I type in "hirusite hermaphrodite midget donkey porn" and click "I'm feeling lucky," I wonder what the risk of the linked results will be...
  • Uh oh (Score:2, Funny)

    by Sir_Lewk ( 967686 )
    I would RTFA, but it might be risky...
  • by WCD_Thor ( 966193 )
    Why is this news worthy? Seriously, if you haven't realized that the sponsored links are full of shit by now, just go shoot your self, it would be doing yourself and the world a favor.
  • Edelman found that 5 percent of the results provided by search engines were marked as either "red" or "yellow"...his new study has shown that only 4.4 percent of such sites are risky, representing a drop of 12 percent
    well now you just know that the statistics are accurate with math like that. Seriously, that makes less than no sense. Sounds like they just made up some stuff to advertise SiteAdvisor.
  • Now which of siteadvisor and Wikipedia would you say is more accurate?
  • by mapkinase ( 958129 ) on Saturday December 16, 2006 @07:23AM (#17267666) Homepage Journal
    Arstechnica article says:

    Edelman used the tool to run 2,500 popular keywords through several search engines
    (1) That means that many of the sites you find by typing "sex", "porn" or "Brittney Spears" are dangerous. "Thank you!"

    (2) I would appreaciate a study that will show me how dangerous are the searches that are useful to me, that is searches not for the popular keywords, but, in opposite, on words and phrases that represent some notions, phenomena, concepts that I do not know.

    (3) How the presented statistics differ by the category? For example, I would like to see separate results for searches categorized under "Entertainment" and "Science".

As you will see, I told them, in no uncertain terms, to see Figure one. -- Dave "First Strike" Pare

Working...