Friday, May 1, 2009

Surf Safely 3: We are A Community. Helping Everyone Surf Safely.

Welcome to Surf Safely Issue 3, the final issue in our collection of recommendations to stay safe on the web. Personally, this one is my favorite.

We talked about real time link scanning and robot crawling and their benefits as well as flaws. What about community based?


Style: Community Based Rating System

Overview:
WOT, one of the most popular Firefox add-ons, adds tiny color coded icons next to search results to tell you which sites are safe in addition to a toolbar button. There are 5 different colors available: Red, Orange, Yellow, Light Green, Green. The ratings are generated based on user contributions and ratings. This causes a lot of criticism of WOT. However, think again.

Unlike other systems, WOT not only rates Safety, but 4 categories: Overall Trustworthiness, Vendor Reliability, Privacy, and Child Safety.

What makes community based ratings more efficient?
Nobody and nothing is perfect. Just like SiteAdvisor and SafeWeb, its not perfect. Obviously, there may be some incorrect ratings here or there. So if you can't be sure, why use something that everyone can change and anyone can mess up the ratings. The answer is ... thats not true. The system is far more complicated than just: Unrated site, random user rates it down, the site becomes red. That is not how it works.

WOT users have something called an activity score. As you rate and comment on sites, your score goes up and as your score goes up, the less score you receive per rating and comment. Anyway, as people agree with your comments, your user personal trust increases. You cannot view your user trust as it is all automated. Higher score users typically have a higher trust than lower score since most higher score users have been users for a while. If you have a high reputation, it is not likely you will mess up ratings, so your ratings can have a large impact on the site's overall rating. On the other hand, if you have a low score, reputation, and is a new user, your ratings won't contribute much to the rating.

There are many manipulation prevention methods, which most people that criticize WOT about community ratings don't realize.

Now why is community based efficient? Imagine the following situation (which is actaully a true situation): A site starts off safe. Both WOT and robot crawlers rate the site Green for safe. A few days or weeks later, the server is hacked and it starts redirecting to sites hosting malicious software instead. WOT users who find out re-rates the site, tells others to check the site, and re-rate it to, therefore changing the rating. How long other systems take to change the rating is anyone's guess.


Performance:
As I mentioned in earlier issues, I use 3 site advisors: WOT, Norton SafeWeb, and AVG Linkscanner. WOT is the fastest loading of them all. Also, it is the only one that also functions on a dynamic version of Google, which has an extra piece of URL and coding. It loads with the page and doesn't slow it down at all.

Features:
4 Rating Categories so you can even use it as parental controls. By default, a warning screen shows upon visiting any dangerous RED and DARK RED site. You can easily change it to warn up to Yellow. In addition, you don't just have to warn, you can BLOCK it too. The blocking feature prevents browser exploits by loading the ratings BEFORE the page loads and blocking access before the page even gets a chance to load. This causes a slight sub-second browsing delay for obvious reasons. So you decide: Extra Security at the cost of slight page loading time or regular page load time but no malicious page blocking?

Warning Screen:


Blocked Screen (notice the URL):


The WOT Design team also created a Colorblind version.


Disagree with a rating and don't want to see the warnings? Rate the site yourself and voila! You're done. The warnings will stop appearing for you. If you want to request to change the site's rating completely, contact the WOT Support Team by clicking here. Their email response time is really snappy aka very fast (on weekdays).

How accurate compared to others?
In order to properly compare, you need to look at the overall trend, not just one particular site. In reality, WOT has the least inaccurate ratings overall and has the most frequently updated ratings as well as the most sites rated. New rogue sites are rated within one day of their appearance which is when many trusted sources such as Sunbelt Blog posts information about them. Many users know of these trusted sources, and then rate all the fraud sites.

As with previous issues in this series, we will test the rating on two known sites serving malicious software and files.

screensavers.com: RED


warez.com: ORANGE

The number of people icons on this mouse over popup indicates the confidence of the rating. The more people rate a site a certain color, the more confident the rating is.

Additional Notes:
A slightly modified URL of Google Searches cause all other site advisor add-ons to not function. However, people have reported this and the WOT Developers at Against Intuition have allowed this to work. So no matter which version you use, WOT will still protect you even if others don't!

Ratings on this blog have been provided by WOT. Mousing over any link gives you a button that when clicked will open the site's scorecard for the sub-domain (or domain). All sub-domains have their own sub-domain. All Twitter Profiles also have one too!

Visit our WOT Scorecard here!

Free Internet Security - WOT Web of Trust
Join the community, start spreading your knowledge with the world, and help everyone stay safe on the web!

1 comment:

  1. A very nicely done write up, picture views are great. Keep up the great work.

    ReplyDelete