A little while back I posted a link to a song lyric page and was berated in short order for posting a link to a site that was full of spyware and pop-ups, with a tone that clearly said that the problem should have been bleedingly obvious and I should have known better than to do such a heinous thing. A mod even came along and either broke or removed my link, I forget which.
Well, it sure wasn’t bleedingly obvious to me. Nothing untoward happened when I visited the site myself before posting the link. I didn’t see anything “suspicious” about the site (whatever that might have been). I use all the typical security precautions: use Opera or Netscape for most surfing, don’t use IE unless absolutely necessary, don’t download crapware, install all critical Windows/IE updates/patches, antivirus, firewall, pop-up blocker, Ad-Aware, Spybot, all regularly updated. I ran AA and SB right after seeing the complaint, and they found nothing. I do my best to run a clean machine.
So please educate me, as I am truly and honestly curious: If I am running all the proper precautions, how am I to know that a site is infested with spyware/pop-ups/other nasties? What did I do wrong (or not do that I should have)?
If there was a way to know if a page had spyware then we would not have such a problem with it
The #1 best thing you can do to stop getting spyware from websites is to stop using internet explorer. Get FireFox. The second thing you need to do is get Microsoft Beta Antispyware. People are very picky about antispyware apps and im sure people will post many different apps like adaware, spyware doctor, pest patrol ect ect. These are good and adaware is prolly the best of the bunch but I stand behind the microsoft one 100%. A lot of people run multiple spyware apps but I just run the microsoft one, which never finds anything because of my general surfing habits as well as using firefox.
In simple, ordinary run-of-the-mill practical terms, you cannot tell, short of visiting the site, waiting for popups to pop up and perhaps viewing the source code. You do well not to use IE, and have installed all the O/S patches/updates, etc., etc., etc., but most people do not approach what you’ve done.
Yeah, see, I understand all that. I guess the underlying reason for my question is my total surprise at being bitched at (and that was basically the tone), when I wonder whether the problem was not simply that the complainer had not been taking proper precautions. (If I’m wearing boots and jeans when I walk through the patch of poison ivy, is it my fault if you follow me barefoot?) But then the mod came in and twiddled with the link, which led me to think that maybe there was some justification for the rant.
(I didn’t ask about this in the original thread so as not to derail it any further – I simply apologized for whatever I had done and bowed out. But it’s still been bugging me and I’ve just now gotten around to asking about it.)
I don’t think it’s going to Kewk. Scarlett67 already isn’t likely to get spyware, along with you or me. But enough people still use Internet Explorer on unsecured Windows machines that posting an apparently legitimate link is going to hit them, and some will blame the poster for it.
In answer to the OP, I don’t really have any ideas!
I would be wary of sites that have ads for free programs such as screensavers, weather utilities, and those sort of things. I believe many of those little aps have spyware and people don’t realize it when they install it on their computers.
Well, specifically the problem is auto-installing spyware/malware etc. The kind that either installs through one of the myriad holes in IE or Windows, or pops up constant misleading requests to install.
Problems related to some program that you have to make an effort to download don’t count.
Actually, Microsoft’s Antispyware is by far the best for general use. It updates automatically (most of the others don’t), it prevents infection (only Spyware Blaster does this), and it’s free.
Also, never accept an unexpected Active-X control. See this for the horror story.
Well, there is usually know problem with running 2 or more anti-spyware programs - for bad infestations, it usually takes MS Anti-spyware, Spybot, and Ad-Aware to clean it up. Better to have the belt and suspenders and duct tape.
I’ll probably get broiled for this, but as an information security professional, my opinion is that if you are surfing “naked” you deserve to get hit with spyware, popups, viruses and anything else the bad guys are putting out.
I can’t make that purple monkey go away. I can’t put the people who give you smileys for your email while they monitor your activity out of business. I can’t track down everyone who’s using unprotected PCs on broadband connections as zombie spam relays and break their kneecaps.
All I can do is climb up on my desk and thump on my CISSP exam book and say anyone who doesn’t use a broadband router, keep their antivirus up to date and use spyware blockers deserves trouble.
**The OP didn’t know their link had spyware and popups because they took appropriate precautions that prevented them from being affected. ** I won’t say the Internet is dangerous, but there are plenty of known hazards out there, and the overwhelming majority of them are easy to defend against, and most of the defenses are very inexpensive, if not entirely free.
Grisoft’s AVG Antivirus is free.
Ad-Aware is free.
Microsoft’s Antispyware is free.
Firefox is free.
The Google toolbar (contains an effective popup blocker) is free.
Broadband routers are less than fifty bucks.
For the most part, these are all simple “download and click Install” efforts.
