Skip navigation.
Home

Should we embrace StopBadWare

Collaborate with StopBadWare and send badurls to them
51% (32 votes)
Offensive Computing develops own inhouse badurl tracking database
40% (25 votes)
Ignore bad urls
10% (6 votes)
Total votes: 63

For those of you who voted

For those of you who voted no, could you elaborate on why? This project seems to be the exact thing that was discussed in our forums. We recently met one of the organizers, and the project seems to have good buy-in from Google. The list of sites is available as well, so it seems like a great idea.

Rationale for "Yes"

While I wasn't terribly impressed with the number of sites on the StopBadware site, I will give them the benefit of the doubt that they are just getting started. The information available is generally useful, and the project's goals are what they should be, IMHO.

I could not vote "No": the Open Source world is full of forks and duplicate effort. That is fine, as it is largely "donated time" and everyone has the right to do what they will with their free time, but the lack of focus has held OSS back in many respects. For example, Linux could knock M$ out of its top spot if there was less duplication and more focus.

No flames, please -- I happily use Linux daily, but would not consider installing any of the distros for a novice user like a family member. Some of them are close (e.g. Ubuntu), but I have spent hours making things work under Linux (Ubuntu, FC4/5/6, etc.) that work "out of the box" on WinXP. For example, X11 fonts, nVidia TwinView, interoperability between OOo Impress and MS PowerPoint, ...

In short, a hearty "Yes" vote for not reinventing the wheel - collaboration is good. :)

While I wasn't terribly

*****************
While I wasn't terribly impressed with the number of sites on the StopBadware site, I will give them the benefit of the doubt that they are just getting started.
*****************

I have heard about this site in March this year, so they are not just getting started.

just getting started

Right,

they don't have a terribly large database yet, but what i would do is maybe setup a form on this site to collect bad urls which would just send them over there. Im sure this community could beef up their database in no time and I'd probably want to make it easy for people to access the information from here as well. Keep the comments and votes coming please, we really want to know what everyone thinks!

V.

After reading their report,

After reading their report, it just seems to me that they are verifying the site/url stated is bad.
It is almost the same as what SiteAdvisor and Scandoo is doing.
I thought the list that we are going to make is the exact url/location of where malware and exploits are.

For example, with the recent VML exploit, not-so-recent WMF or even the
latest XMLHTTP exploit, if someone in OC knows of a particular location where someone can get infected (just by visiting the site), he/she can share the information here. Likewise for malware, where he/she can just post the exact location to download the executable.

Just my 2cents.

AH I see

Ok I was under the impression they actually gave the full url. Ok so what we will do is track it ourselves and forward the info to them as well.

Thanks for the input guys!

V.