Protection From 'Drive By' Internet Invations

Published: Saturday, May 27, 2006 Online-Casinos.com

PROTECTION FROM 'DRIVE BY' INTERNET INVASIONS

New products to ward off nasty spyware and adware

With the rising incidence of spyware and adware "drive-by" bugs, Internet surfers need to take additional measures to protect their systems, and several interesting new products can help achieve this.

Since March the McAfee anti-virus group has been offering a browser plug-in that works with Mozilla Firefox and Microsoft Internet Explorer, providing alerts in a user-friendly way.

Called "SiteAdvisor" the program puts a rectangular button in the bottom corner of the browser. If a site being surfed is safe, the SiteAdvisor button stays green. But when a questionable Web site is visited the button turns red or yellow (depending on the risk level) and an information balloon expands with details on the threat.

SiteAdvisor ratings are based on threats that include software downloads containing adware or spyware, malicious code embedded in Web pages, phishing attempts and scams, and the amount of spam that a registered user gets. The product takes it a step further with Google, MSN, and Yahoo. With these search engines, it puts a rating icon next to individual results. This safety feature and time saver, steers users clear of dangerous sites before they click on a link.

On a practical level, one user experimenting with the facility reported that when the site Screensaver.com appeared in his Google search results, a red SiteAdvisor warning appeared next to it. When he hovered over the icon, it delivered stats on the site. According to SiteAdvisor, Screensaver.com offered a download that contained what many consider adware or spyware, and any e-mail address he used to register with the site received several "spammy" e-mails a week.

McAfee says that with SiteAdvisor it has preformed a security analysis of 3.3 million Web sites using an automated process. SiteAdvisor collects these sites by constantly crawling the Web using hundreds of computers. Its analysis includes checks for deceptive sites and browser exploits. But SiteAdvisor goes a step further and downloads any software that a site may offer visitors, then checks it for spyware and adware. Over 725 000 software titles have so far been analysed.

To evaluate spam levels, SiteAdvisor has registered a unique e-mail address at 2.5 million sites. It then weighs the volume of e-mail that each account gets and evaluates how spammy the messages are. The software calculates the risk that a site poses based on those criteria and assigns it either a green, yellow, or red label. A red site fails SiteAdvisor's safety tests because it either distributes adware, sends a high volume of spam, or makes unauthorised changes to a user's PC. Yellow sites send a high volume of "non-spammy" e-mail, display many pop-up ads, or prompt a user to change browser settings. Green sites are safe.

Some sites apparently produce unexpected results. For example, registering with the United Nations Web site can result in a user receiving up to 57 uninvited e-mails a week!

Currently, SiteAdvisor is available for free, and McAfee plans to deliver a premium version of its product by September this year.

Other companies are active in this increasingly important shielding scene. A UK-based firm called ScanSafe offers a free Web-based tool called Scandoo, where users can key in searches for either Google or MSN. When it displays search results, it rates the security threat that each site poses. Scandoo even goes a step further than SiteAdvisor: Along with security and privacy advisories, Scandoo puts up warning flags about pornography and pirated software. A browser plug-in is also in the works, according to the company.

Non-profit group Stop Bad Ware.org (backed by Google, Lenovo, and Sun Microsystems) has begun to create a massive database of questionable Web sites. The database will be made available to the public, nonprofits, companies, and government officials when operational. Stop Bad Ware.org says it also is working on an application that would evaluate Web sites offering downloads and warn surfers about security threats as they stumble onto them whilst surfing online.