Do the spyware quizz...

[FreewheelinFrank]

create a test for people to take, the default assumption here is that the test is doable and *can be passed* and this is exactly how it is taken by most people based on the reaction here (and in similar tests).

The stated point of the test is to show how difficult it is to tell a safe site from a dangerous one: it's not meant to be a test you should pass if you're an 'expert'. It's just meant to make people think twice before downloading, and if it does that, more to the good.

[lee16]

The test is s simple multiple choice (with 2-4 options...) so infect you could pass it without having a clue what your doing.

The real idea of the test as far as i can see is to show you not to be "clicky happy", exercising cation is paramount since alot of infection/exploit problems can be avoided before hand.

Prevention is better then cure

--lee

[oldman]

The problem with this "test" is you know it's a test. You took the time to really look at the page. Some of the bad ones where very good. In reality, how many people really read the entire page, instead of just looking for a link?

But doing these types of tests should make people aware, there are things out there to be watchful for. Maybe just to be cautious when looking for "freebeies", if nothing else.

I got 6/8, missed bearshare and kazaa, not because there was anything vivually wrong with the page, but because you get adware as a bonus.

[polonus]

Hi "oldman",

I think the thing here is that you have the thought simmering at the back of your head, that there could be something wrong. And in the case of a second thought you are urged to check it. When I look at my Netcraft toolbar and I see a full red line at where it says "risk rating", I want to know why. And when I am stopped by the toolbar going to a link with the remark "this could be a malicious site", I will not easily ignore it. And I tell you I will feel a lot more secure with NoScript installed inside a FF or Flock browser, and know that it is real "added protection".
Some things I just cannot understand why they are so? For instance why older versions of Sun Java are left on machines, making them more vulnerable, and an old version is not automatically updated. Some ISP's care about infected users, and warn, some just go for the money and don't care a hoot...
Missing updates and patches is making you as a user more vulnerable. Still a lot of users lack this fundamental knowledge, same as with enhanced in-browser security, that is why we are in the predicament we face ourselves in to-day!

pol

[Vlk]

I got 3/8.

But I confess I have to agree with Lusher here, I wouldn't have any problem visiting any of these sites, no matter of SA says they're BAD or GOOD.

[oldman]

Java updates never worked as far as I know. I do understand why the update doesn't remove the older version. Some things won't work with the new one, though it's rare. I mean by version 1.3.x, 1.4.x and so on, not updated version. Sun does keep the older versions patched as shown in the topic started by FWF awhile ago. They also do tell you that these versions are available.

That's fine, but updating a version with a patch should remove/overwrite the previous patch IMO. (The patches are just fixing vulnerbilities). It doesn't, and no where on the sun site does it tell you that you still have the unpatched java siting there. Part of Sun's installation instructions should make users aware of that.

As far as the test, I did it "blind", no additional tools. This is probably the way most surf anyway.

VLK, just saw your post as I was replying.

As I said, because it was a "test", I took more time to really study the sites and look for things. There where probably 2 that I flagged as bad, that normally I wouldn't have given a second thought to visiting

[justin1278]

I got a 5 out of 8.

It honestly seems pointless to me though. They give screenshots, but the screenshots are limited to exactly that, you cannot judge by text on the site from certain pages, you cannot judge by other factors as well, just by the colours and what content they have on the page they took the screenshot on.

So according to the test, I am safe 62.5% of the time, and the other 37.5% of the time, I am at risk. That's fine, except for the fact that I have been 100% aware that I was on an unsafe site, when I was or am.