Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Security IT

Symantec: Religious Sites "Riskier Than Porn For Viruses" 343

First time accepted submitter kongshem writes "According to Symantec's annual Internet Security Threat Report, religious and ideological websites have far more security threats per infected site than adult/pornographic sites. Why is that? Symantec's theory: 'We hypothesize that this is because pornographic Web site owners already make money from the Internet and, as a result, have a vested interested in keeping their sites malware-free — it's not good for repeat business,'"
This discussion has been archived. No new comments can be posted.

Symantec: Religious Sites "Riskier Than Porn For Viruses"

Comments Filter:
  • by RandomAdam ( 1837998 ) on Friday May 04, 2012 @02:06AM (#39887349)
    But jebus will protect me so I don't need your silly anti-virus
    • by Anonymous Coward on Friday May 04, 2012 @02:53AM (#39887529)

      There have been many empires in world history that invested in religion.

      Those investments are now nice tourist sites.

      Go Jebus!

      • by sorak ( 246725 ) on Friday May 04, 2012 @08:27AM (#39889383)

        There have been many empires in world history that invested in religion.

        Those investments are now nice tourist sites.

        Go Jebus!

        Praising religion for the monuments is like praising the mafia for inspiring good movies.

        • Every religion has its plusses and minuses; you can't divorce the monumental genius of Bach from his Christian faith.

          Religion is responsible for atrocities as well as brilliant works of art. It depends if the people in question listened to the hate side or to the love side. Just like everything else in life.

    • by Anonymous Coward on Friday May 04, 2012 @03:41AM (#39887721)

      > But jebus will protect me so I don't need your silly anti-virus
      Jesus answered him, “It is also written: ‘Do not put the Lord your God to the test.'"

      • by arglebargle_xiv ( 2212710 ) on Friday May 04, 2012 @05:47AM (#39888257)

        > But jebus will protect me so I don't need your silly anti-virus Jesus answered him, âoeIt is also written: âDo not put the Lord your God to the test.'"

        Why would I want to test Linus?

        • But jebus will protect me so I don't need your silly anti-virus

          Jesus answered him, "It is also written: 'Do not put the Lord your God to the test.' "

          Why would I want to test Linus?

          It was a reference to Gnu/RMS, you insensitive clod!

          • Well, RMS himself did write "Warning: taking the Church of Emacs (or any church) too seriously may be hazardous to your health." It seems fitting.

    • by erroneus ( 253617 ) on Friday May 04, 2012 @04:16AM (#39887837) Homepage

      I was going to say something along the same lines "that users feel safer" [in the house of their lord].

      But I was also going to say "uhm... you think churches DON'T make money?!" They make LOTSA... tax-free money.

      • by WrongSizeGlass ( 838941 ) on Friday May 04, 2012 @05:38AM (#39888223)

        But I was also going to say "uhm... you think churches DON'T make money?!" They make LOTSA... tax-free money.

        Very true, but their website is not how they make their money. TFS made it clear that porn sites "already make money from the Internet and, as a result, have a vested interested in keeping their sites malware-free." If churches used a 'pay to pray' web model they too would be more inclined to make sure their websites were clean.

        About a month ago one of my clients got infected by going to their church's website. I was able to verify it simply by going to the church's home page with the browser agent set to any Windows browser (instead of as a Mac).

        • Also, although "The Church" makes money from donations, often a lot doesn't go to the individual parishes. A lot of money gets funneled up to the top, and a not insignificant amount (in the better churches) goes to help people in need either in the community, or in missions abroad. Church websites, especially just the ones for you local parish are often just run by people in the parish who have just enough knowledge to get it up and running, but don't have the time or expertise to maintain it, and ensure
      • by mcgrew ( 92797 ) * on Friday May 04, 2012 @09:40AM (#39890261) Homepage Journal

        I guess I'll have to RTFA, because I've never seen a church site with ads. How is this malware getting into the sites in the first place?

        When you say "you think churches DON'T make money" you raise a valid point. There are churches, and there are "churches". I wouldn't doubt for a minute that you might get infected by visiting a certain Baptist church in Florida, you know, the one that openly sins at soldiers' funerals.

        I'm pretty sure that many clergy are in fact in it for the money. I've always said "never trust a preacher who wears a necktie" because the tie is the symbol of wealth and power, which is mostly what Jesus preached against. If the preacher is wearing a $4000 suit, you listen to him at peril of your very soul.

        Then there are churches like the one I attend. It's a big, rich church, but I don't see any of its clergy driving Escalades or wearing expensive clothing. The money mostly goes to the poor, and that's the poor everywhere. Much goes to Africa, but that's because so much of that continent is so impoverished.

        Last Christmas they donated two weeks worth of groceries to any family who had a child or children in Harvard Park Elementary, the grade school in the poorest part of town, because those kids don't look forward to Christmas. Christmas is when they don't get the government-funded school lunches, and those kids normally go hungry on Christmas break.

        Contrast that with Pat Robertson's church... yeah, some churches are scams. "Beware wolves in sheep's clothing."

    • Comment removed (Score:5, Insightful)

      by account_deleted ( 4530225 ) on Friday May 04, 2012 @05:11AM (#39888087)
      Comment removed based on user account deletion
      • Re: (Score:3, Insightful)

        by operagost ( 62405 )
        Have you worked for a small business before? It has nothing to do with being "religious types". It has to do with focusing on the non-IT stuff and not being educated. Small businesses have the same problem for the same reason: lots of really busy people wearing multiple hats who don't have time for IT. Maybe you didn't intend on sounding bigoted-- and being anti-religious on Slashdot is a virtue-- but you do.
      • by smpoole7 ( 1467717 ) on Friday May 04, 2012 @10:08AM (#39890573) Homepage

        > "I have jebus so I don't need to understand anything like technology"

        You know, I normally ignore comments like this, because this is arguably off-topic. Besides, you have a right to believe as you wish, and I will defend that right. But this time, I'm going to make an exception.

        It actually amuses me the number of people who insist that belief in God automatically prevents critical thinking. Or, as you imply here, that religious people are happy to be "ignorant." (Or whatever.) ANY large group of people, however you sort them, will contain a preponderance of "sheeple" (to use the most common perjorative) who are happy to let others tell them what to believe. That has ALWAYS been true.

        But there are plenty of us who believe very strongly in God and admire His design in nature and want to learn more about it. Those who think this is impossible -- sorry, but I'm going to say it anyway: just because YOU are incapable of simultaneously imagining the existence of a higher power and engaging in rational, critical thinking, don't assume that everyone is as narrowminded and limited as YOU.

        Of the millions of examples that I could give, I'll provide one: St. Jude's Hospital right up the road from me in Memphis. Many of the doctors and researchers there are devout believers in God, and yet they rigorously apply the scientific method to their research. They don't just pray and sing when sick kids come from treatment, they throw everything in their medical arsenal at that poor child. Further, their SCIENTIFIC research is directly credited with lowering (again, just one example of many) the survival rates of certain types of leukemia in just a few short decades. In the 70's, a child diagnosed with one of these illnesses died, period. Nowadays, the survival rates are over 90%.

        All because these *BELIEVING* doctors -- people who actually (*gasp*) believe in God, no less -- are perfectly capable of applying rational, critical thinking to research and methodology. Imagine that. :)

        • by yodleboy ( 982200 ) on Friday May 04, 2012 @10:22AM (#39890775)
          "research is directly credited with lowering (again, just one example of many) the survival rates of certain types of leukemia"

          Well that doesn't sound very nice. Not sure I'd want to see survival rates LOWERED...
        • by Sycraft-fu ( 314770 ) on Friday May 04, 2012 @11:50AM (#39892031)

          It isn't that belief in god prevents critical thinking, it is that some people use their belief as a reason to never have to apply any critical thinking. I have met more than a couple people who are like ones the GP describes, and not just related to computers. They don't take the time to understand anything, and their justification is "Jesus will protect me," or "Jesus will provide." They seems to think if they just pray hard enough, believe enough, that's all they have to do and an invisible parent will take care of everything.

          It really is a childish, in the literal sense, view. As a child, you see your parents as the ones who will protect you and make things right. "Dad will protect me," is something kids can say and mean it, and children count on their parents to bail them out if they get themselves in a situation they can't solve (which is why abusive and negligent parents are so harmful to development).

          That is usually something people slowly grow out of. As they are exposed to the world they start to understand that they have to be responsible for themselves, that nobody else is going to be there to protect them or look out for their self interest in all cases, so they have to take responsibility for themselves and their own life.

          However some people never grow out of the mentality. It isn't their parents, but something else, religion sometimes, that they see as the parental figure that will take responsibility for things when they can't or won't.

    • by smpoole7 ( 1467717 ) on Friday May 04, 2012 @06:46AM (#39888509) Homepage

      I love how these threads immediately devolve into endless religion-bashing.

      I haven't read the actual article, only the summary and the (few) comments here that leave the silly religion-bashing and actually try to figure out what's going on. It's actually quite simple: organizations which take their Web presence seriously will have full-time staff devoted to maintaining it properly -- be they porn, religious, political, or otherwise.

      Smaller organizations will try to "roll their own" -- and I'll bet some of them are running ancient IIS or Apache installs that have never been patched. Or, if their Web presence isn't vital to them (they've only got a Website because someone told them they needed one), and especially if they're with a small-time ISP or hosting provider that only checks and patches once a year, then yes, they're going to be attacked.

      It's really quite simple.

      • Funny how religion bashing means making jokes about religious people. Meanwhile, religious people are busy saying everyone else is going to hell, judging everyone, and passing legislation to limit our rights. I guess the difference is humor, so here, this is not religion-bashing.

        Religions are illogical and dangerous. Theyre generally hypocritical by their own standards, so its not that much of a suprise that they're irresponsible with their computer security. Curbing their influence on modern society
    • by poity ( 465672 )

      Modified old joke:

      Guy gets viruses on his computer -- botnet, porn downloader, everything. A co-worker comes by and offers to install anti-virus. He says "no thanks I'll trust Jesus." So he keeps working, ignoring the porn pop-ups, when a friend drops by and offers to install Linux. He says "no thanks I'll trust Jesus." So he just copes with it until his boss sees his screen full of porn ads and fires him. He loses his house, his wife, everything, and dies penniless in the gutters. When he finally sees Jesu

  • Solution (Score:4, Informative)

    by MrEricSir ( 398214 ) on Friday May 04, 2012 @02:11AM (#39887371) Homepage

    If the problem is that porn sites are more heavily monetized, that means the religions need to catch up. They could offer all kinds of services online for a price -- even eternal salvation.

    Some religions already offer this [subgenius.com], of course. Looks like a good deal to me!

    • Re:Solution (Score:4, Insightful)

      by djl4570 ( 801529 ) on Friday May 04, 2012 @02:31AM (#39887461) Journal
      It's not like the Jesus racket isn't heavily monetized. Between 1997 and 2004 they shook my mother down for north of thirty grand a few hundred dollars at a time. Multiply that by the number of middle class eighty year old widows out there and you reveal a huge pool of elderly marks. Send them solicitations that look like bills and profit. There's a reason that some folks referred to PTL as Pass the Loot. The sites in question do not have a deep well of technical aptitude to draw from. People with the critical thinking skills necessary to perform well in information technology have outgrown any need for invisible friends.
      • Re: (Score:3, Informative)

        by Anonymous Coward

        You have to understand this first:

        Ministries do not have to report profits (in the U.S).
        They are a larger industry than the p0rn industry - sadly this is very true.

        I'm sure that there are sincere ministry people out there - because they
        don't see the wealth of their "leaders" at the top. An exception is Family Radio,
        which seems to have been bankrupt by Camping (I noticed some of their radio
        stations have disappeared).

        I knew someone who flew. He was telling me about all of the private jets these
        ministries ow

    • Re:Solution (Score:4, Insightful)

      by cowboy76Spain ( 815442 ) on Friday May 04, 2012 @03:12AM (#39887603)

      Some religions?

      I dare you to tell me a single religion that has not used to made money from the stup... believers.

      Best scam ever, if you tell the victims about it they become mad at you.

      • by cduffy ( 652 )

        I dare you to tell me a single religion that has not used to made money from the stup... believers.

        The less-organized ones might be a place to start on that. Some of my good friends identify as Dischordians -- if you believe Dischordianism literally you're explicitly Doing It Wrong, but there is a gestalt to be from the same, making it able to be reasonably interpreted as something more than the joke it appears on its face. (Also, having a religion which can only be adhered to if one is able to grok non-lit

    • by FatLittleMonkey ( 1341387 ) on Friday May 04, 2012 @03:21AM (#39887633)

      You're kidding right? Monetisation is the backbone of all major and proselytising religions.

      I think we should give porn (and other commercial sex services like prostitution) the tax free status possessed by all religions, no matter how stupid, dangerous, or just obviously fraudulent. If scientology, sleazebag televangelists and the pope can all soak the gullible for millions and not pay a cent in taxes, why shouldn't porn stars and prostitutes? At least they're honest when they lie to you.

    • I refer you to the concept of "Pardoner" in the mediaeval RC church.

    • Already done. You just have to tell people that you have worked out from the bible when the world is going to end and they just send you money..
  • Religion (Score:5, Insightful)

    by Cruciform ( 42896 ) on Friday May 04, 2012 @02:11AM (#39887373) Homepage

    First they infect the children. Then they infect the computer.
    Luckily a little bit of reading usually helps with the disinfection process.

  • Same for sex (Score:4, Insightful)

    by o'reor ( 581921 ) on Friday May 04, 2012 @02:12AM (#39887375) Journal
    It's probably more risky to have sex with religious/bigot folks than pr0n actors.

    There, someone had to say it :-)

  • More details? (Score:5, Interesting)

    by Inquisitus ( 937664 ) on Friday May 04, 2012 @02:13AM (#39887381) Homepage
    TFA is incredibly light on details. Where's the link to the report itself? How is a threat defined? And is than statistic of three times the number of threats normalized over all sites in each category (as TFA suggests), or just the infected ones (as the summary suggests)?

    It is interesting to note that websites hosting adult/pornographic content are not in the top five, but ranked tenth

    So how are they categorizing pornographic websites? What are the other 9 categories that are more "dangerous"?

    • Re:More details? (Score:5, Interesting)

      by RsG ( 809189 ) on Friday May 04, 2012 @02:15AM (#39887409)

      I'd like some more detail too.

      TFA specifically mentioned sites that have been hijacked. Which makes sense to me, since there can't be that many sites where the viruses are the work of the site owner - spyware is another matter entirely. Porn sites, especially pay sites, are bound to have better security than a site made by amateurs.

      Which leads me to wonder why religious sites would be hijacked more frequently than other amateur operations. Are they more vulnerable due to shoddy security practices? Are they attractive to people looking to spread viruses? Do they have a reputation for attracting users who may not have antivirus software installed?

      • Re:More details? (Score:4, Interesting)

        by dgatwood ( 11270 ) on Friday May 04, 2012 @02:22AM (#39887435) Homepage Journal

        Are the religious sites with the most viruses perhaps connected with religions that certain governments (whose names and faces have been changed to protect the ignorant) might associate with terrorism? If so, what's the chance that these viruses are, in fact, actually cyberwarfare rather than cybercrime? Just a thought.

      • That was my assumption on reading TFS. In my (admittedly limited) experience, there are an awful lot of religious sites out there that look like throw-backs to GeoCities and the golden age of MySpace profile pages. I can't imagine the well-meaning pensioners who are likely to set up their local bible study circle website is going to be that au fait with good e-security practices. You'd be lucky if they've even remembered to set an admin password.

    • Purely anecdotially, I imagine 'any site using z to end a word' comes in a the top.
  • I don't really have much to add to the conversation. I'm just happy to see somebody call it the hypothesis that it is, rather than the theory that it isn't.
  • by wvmarle ( 1070040 ) on Friday May 04, 2012 @02:14AM (#39887403)

    While their ideas may be true, by my understanding it's mainly the free porn sites that are riskiest. It used to be that they set up expensive dialers, or other ways to make money. I believe it's a way for them to make money other than by serving ads or selling subscriptions, and that actually webmasters installed that stuff on their sites. Those dialers at least tended to be called after porn sites, and actually gave (paid) access to the sites.

    Dialers don't work anymore these days of course, with no-one using modems and dial-up. And maybe webmasters have cleaned up their act too.

    Now those religious sites, they are usually set up by people with a passion - to spread a certain message, about a religion or otherwise, and that are often people with little or no knowledge on setting up a website and keeping it malware free. As such I would expect such sites to be a relatively soft target for malware attackers, that then use the site to distribute their wares without the webmaster knowing. A very different scenario.

    That porn sites are often in it for the money, will definitely also help. At least they'll have someone around that knows how to secure a web site.

    • My favourite theory about porn-site viruses is that they rely on the shame factor- you're far less likely to haul your laptop into PC World's Repair Centre and admit you got stung downloading embarrassing quantities of videos featuring men in nappies being ridden like a horse than you are if you got stung reading some cookery website.

      What that says about people's opinion of religious websites I couldn't possibly comment.

  • Condoms (Score:3, Informative)

    by The Evil Atheist ( 2484676 ) on Friday May 04, 2012 @02:16AM (#39887415)
    This is what you get when you preach abstinence-only sex education.
  • "pornography leads to terrible crimes against women and children" [from http://conservapedia.com/Porn%5D [conservapedia.com] citing my sources for the reliable truth of the matter... this is reliable isn't it?
    • Ahh, Conservapedia. The only way to vandalise CP is to post facts.

      It really makes me sad, sometimes, that these people exist -- but I'm glad they're allowed to express their retarded, deranged opinions freely and without fear of retribution... because it allows everyone to see what twats they really are.

      • I don't let myself read Conservapedia articles on topics I actually care about anymore. That includes some of their math articles, most of their science articles, and all of their gay articles. It makes me too angry to be unable to correct their ridiculousness. As an example, here's a gem from the Elementary Proof article:

        elementary proofs minimize the underlying assumptions, as in avoiding the assumption that there is a unique, algebraically manipulable square root of negative one

        (-1 has two square roots, -i and i, not one; the construction of the complex numbers from the real numbers is basic and entails no extra assumptions in standard formulations.)

        Andy Schlafly

      • Actually, I think that in line with Poe's law, they have by now accidentally banned all serious users and the remaining trolls are running the show. Makes no difference of course.

        Regarding the porn article - one should point the to the fact that they accidentally agree with some feminists in that regard. It'll be hysterical!

      • by SuricouRaven ( 1897204 ) on Friday May 04, 2012 @04:21AM (#39887853)
        I used to troll them, years back. Then they decided, entirely seriously, the Hitler and most of the Nazi party were gay, and that the holocaust was secretly a homosexual conspiracy to exterminate the jews for their belief in Leviticus. At that point I realised that nothing I could write could be half as crazy as what the legitimate users believe.
    • "pornography leads to terrible crimes against women"

      Gay porn doesn't. I'm sure "The Trustworthy Encyclopedia" mentions this somewhere, or soon will :).

      • When I last checked, the article on 'sex' was about two pages, half of which was under 'sex in the bible.' The article on homosexuality was the size of a small novel, and seventy sections had grown so long they had to be spun off into their own 'homosexuality and X' articles.
  • Religious Sites "Riskier Than Porn For Viruses"

    Is that the risk of a meme or a computer virus?

  • Original report (Score:5, Informative)

    by Chrisq ( 894406 ) on Friday May 04, 2012 @02:49AM (#39887513)
    The original report is here [symantec.com]. The relevant paragraph says:

    It is interesting to note that Web sites hosting adult/pornographic content are not in the top five, but ranked tenth. The full list can be seen in figure 16. Moreover, religious and ideological sites were found to have triple the average number of threats per infected site than adult/pornographic sites. We hypothesize that this is because pornographic website owners already make money from the internet and, as a result, have a vested interest in keeping their sites malware-free – it’s not good for repeat business.

    Figure 16, interestingly, does not show religious and ideological sites, I assume it is grouped with "Education/Reference". The full top 10 is

    1. Blogs/Web Communications
    2. Hosting/Personal hosted sites
    3. Business/ Economy
    4. Shopping
    5. Education/ Reference
    6. Technology Computer & Internet
    7. Entertainment & Music
    8. Automotive
    9. Health & Medicine
    10. Pornography
    • Re: (Score:3, Interesting)

      by Grygus ( 1143095 )

      Wait. Triple the average number of threats per infected site doesn't mean that you're more likely to get a virus by visiting one of those sites; it means that you're more likely to get multiple infections from a site that is infected, but that is not the same thing at all. You might get a similar result if 99% of all religious sites were safe, but each of the other 1% had every virus and worm in the wild, for example - infections per bad site are extreme, but you'd still be 99% safe visiting those kinds o

  • Religious and ideological site users (and designers) are much less likely to be technologically savy.

    Click here if you love jesus! [viruses-are-us.net] is pretty likely to get a good number of hits on a religious site -- similarly for Obama haters (or lovers). It's a reflex action that will get these people in some really hot water.

    Porn site users, on the other hand, are a bit more jaded.

  • by Hentes ( 2461350 )

    Rather than trying to keep in mind which sites not to visit you could just upgrade your browser to a version that can't be hacked by a website. Of course, AV companies would get far less money without naive people believing their FUD.

  • Since I've been 'religiously' reading slashdot for over a decade now, incalculably more regularly than I've gone to church, shall I assume that slashdot is likely delivering me malware right now?

    Seriously, since CmdrTaco left, and to be honest, many years prior to that and the recent SlashBI goodness, things have been going way downhill. This past year I've still skimmed each 600+ post global warming article, because it seems important enough, and the slashdot flamefests, despite the signal to noise ratio,

  • Atheist porn fans have less malware. The benefits to not being a religious prude just keep on a coming.
  • by speculatrix ( 678524 ) on Friday May 04, 2012 @05:13AM (#39888095)
    I have met many clever people who are members of churches, but their time given to their churches is voluntary.

    Often the equipment has been donated as well, and so is usually not particularly modern either.

    The website design is usually managed by a committee, as is the choice of hosting provider, and costs are kept to a minimum.

    The net result is that once the web site is finally done, it may be neglected, or someone inherits the responsibility for it who knows little about its history, and might be more secretarial than technical. Thus security updates get neglected, and quite often there are many user accounts with weak passwords.
  • by fsgtae ( 122880 ) on Friday May 04, 2012 @05:17AM (#39888121)

    The Symantec report, the Internet Security Threat Report, 2011 Trends, did not say what the article in the OP claims.

    The actual report is here: http://www.symantec.com/content/en/us/enterprise/other_resources/b-istr_main_report_2011_21239364.en-us.pdf [symantec.com] . Page 33 of the report, the only discussion of religion, states

    "religious and ideological sites were found to have triple the average number of threats per infected site than
    adult/pornographic sites."

    Three points:

    1. The report lumps religious and ideological sites together. Maybe the infected sites were ideological (non-religious) sites. You cannot conclude anything about religious sites at all from that statistic.

    2. The report implies nothing about the safety of religious/ideological sites. It just says that if a religious/ideological site is infected, then it has more threats on average than an infected adult site. If the percentage of religious/ideological sites that are infected is lower than the percentage of adult sites that are infected, then religious/ideological sites could be much safer on average. Indeed, figure 16 on page 36 of the report doesn't list religous/ideological sites as dangerous. The point is that the safety of religious/ideological sites as a whole must account for uninfected sites. The "number of threats per infected site" is just about irrelevant.

    3. If there is any limit to the gullibility or statistical illiteracy of internet users, I have yet to perceive it.

  • No one thinks that playboy.com is a malware site, but malware authors would rather use the promise of free porn on example.com or via an executable from a torrent than set up a religious site.
  • You expect a whore to give you a virus so you practice safe hex. No one ever expects the Church to give you a virus.
  • It should be expected because religions ARE viruses.
  • Anonymous did DDOS against it but I think failed to penetrate. Some religious groups take security more seriously than others.

  • by SoVi3t ( 633947 ) on Friday May 04, 2012 @08:50AM (#39889683)
    I fix PC's for an ISP in the bible belt of the USA, and I have to fix about 20 computers a day with viruses, and they've been to no porn sites, downloaded no torrents or mp3's or illegal software. But they ALL have Daily Bible Guide or some sort of religious shit that they threaten me not to remove.

Real programmers don't comment their code. It was hard to write, it should be hard to understand.

Working...