McAfee Picks the Most Dangerous TLDs

CWRUisTakingMyMoney writes "Companies that assign addresses for Web sites appear to be cutting corners on security more when they assign names in certain domains than in others, according to a report to be released Wednesday by antivirus software vendor McAfee Inc. McAfee found the most dangerous domains to navigate to are .hk, .cn, and .info. Of all .hk sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors; it flagged 11.8 percent of .cn sites and 11.7 percent of .info sites that way. A little more than 5 percent of the sites under the .com domain — the world's most popular — were identified as dangerous."

.cx

[Junior J. Junior III]

Home of the goatse. Danger Will Robinson!

Re:

[192939495969798999]

Obviously, this study was about quantity of dangerous sites, not quality... we all know that .cx has the single 'highest' quality dangerous site.

A Windows problem, not a computer problem.

[westbake]

Yeah, it's too bad McAfee Inc acts like there's nothing in the world but Windows. If they were honest, they would have a list of browsers and OS really endangered but they would like to say this is a "computer" problem instead of a Windows problem. The words, "Microsoft" and "Windows" did not occur in the article.

Re:

[Deanalator]

Um, phishing and data mining are not just windows problems. Also this may shock and amaze you, but there are websites that will pop linux machines that go to them (all the information that an attacker needs to land on a specific target is in the user agent string).

Also, note that mcafee does more than host AV, and their researchers actually do care about more than just windows.

They're just slow

[sm62704]

I let mcgrew.info lapse, so .info should be safe now. However, horror awaits the unsuspecting eyeballs that cruise .org, since I have a journal at slashdot. I'm told it's far worse than goatse.

But what about .nu?

[mangu]

Home of the complete goatse collection [www.exet.nu]. Enjoy yourselves!

Re:But what about .nu?

[Daimanta]

My God, I though you were joking. And here I was, thinking that goatse was only 1 image.

Thanks dude, that's 12 extra therapy sessions for me.

Only on Slashdot...

[Anonymous Coward]

...would a link to the full set of Goatse pictures be moderated "Interesting"

Re:But what about .nu?

[Junior J. Junior III]

Home of the complete goatse collection [www.exet.nu]. Enjoy yourselves!

<darthvader>Nuuuuuuuuuuuuuu!</darthvader>

Re:But what about .nu?

[css-hack]

I don't know what's worse. The fact that I clicked, or the fact that it's already slashdotted.

Which is more dangerous, then?

[Hawthorne01]

5% of .coms, or 19% of .hk's? On a percentage basis, the .hk, .info, etc. But as a whole, my money's on .com's?.

Bad math = bad reporting.

Word Problem Alert

[Colonel Korn]

5% of .coms, or 19% of .hk's? On a percentage basis, the .hk, .info, etc. But as a whole, my money's on .com's?.

Bad math = bad reporting.

When solving a word problem, one must find the mathematical expression that best expresses the question. You've got the wrong one.

You're making the argument that what really matters is the total number of malicious sites in each domain, not the fraction of sites within a domain that are malicious.

Clearly, however, the fraction is the more important metric. Consider a silly analogy:

There are 100 violent criminals in my local jail out of a total population of 200. There are 1000 violent criminals running free in Hawaii out of a total population of 1 million. When choosing a safer place for a vacation, by your logic, I'd pick my jail, since the total number of offenders is lower. 50% of my fellows would be violent criminals. By my logic, I'd pick Hawaii, where there would be more criminals, but they'd only make up 0.1% of the people around me. I prefer my odds.

Re:

[gardyloo]

Clearly, however, the fraction is the more important metric.

    No, that's not clear. That's only even plausible if you restrict all of the sites you ever interact with to ones with a certain domain. No one does that.

Re:Word Problem Alert

[Mr. Underbridge]

He's right. If you pick a single site to interact with, the total number of sites that share that domain doesn't matter. His analogy is spot on.

In effect, he defined Bayes' rule for you.

Re:

[pha7boy]

There are 100 violent criminals in my local jail out of a total population of 200. There are 1000 violent criminals running free in Hawaii out of a total population of 1 million.

I'd pick your town. your criminals are in jail. the guys in Hawaii are running free. :)

5% of .coms, or 19% of .hk's? On a percentage basis, the .hk, .info, etc. But as a whole, my money's on .com's?.

True. in cases like that, I think nominal values are better then ratios. fact is you're more likely to end up on a bad dotcom site then a bad dothk or dotcn site. However, there is another metric that would have to be considered: reasons for visiting sites. If you're surfing for legit purposes, how likely are you to click on a bad site? If you're searching for keys, cracks, or other stuff like that, you're more likely t

Re:

[masterzora]

His choice isn't between his town and Hawaii, but between the jail and Hawaii. If you still want to pick the jail, I hope you have fun getting in.

Re:

[JasterBobaMereel]

So you ban .hk sites and so fail to visit sites for businesses in Hong Kong ... Home of one of the busiest ports in the world and the Sixth largest stock exchange ....

Re:

[TubeSteak]

When choosing a safer place for a vacation, by your logic, I'd pick my jail, since the total number of offenders is lower. 50% of my fellows would be violent criminals. By my logic, I'd pick Hawaii, where there would be more criminals, but they'd only make up 0.1% of the people around me. I prefer my odds.

Wouldn't it also depend on how good you are at being able to avoid dangerous sites?
I guess I'm suggesting that you fail to take into account an 'internet skills' modifier.

And to make your example relevant, the numbers would be 40/200 (20%) and 50,000/1,000,000 (5%)
Otherwise I could make up my own straw-man example that skews the number any way I please.

Re:

[Mordok-DestroyerOfWo]

What sided dice do you need to roll for an internet skills modifier?

Re:

[Pope]

2d10, it's a percentage modifier.

Re:

[mckinnsb]

When solving a word problem, one must find the mathematical expression that best expresses the question. You've got the wrong one. You're making the argument that what really matters is the total number of malicious sites in each domain, not the fraction of sites within a domain that are malicious. Clearly, however, the fraction is the more important metric. Consider a silly analogy: There are 100 violent criminals in my local jail out of a total population of 200. There are 1000 violent criminals runnin

Re:

[Sockatume]

Nah. If you pick web sites at random, then sure, most of the bad sites are going to be .coms. That's not useful information though.

However if you're clicking on a link or entering a URL, you know the TLD. If it's a .hk, you now know you've got a 1 in 5 chance that it's going to try to screw you. If it's a .com, you know there's a 1 in 20 chance that it's going to screw you. That lets you choose which sites to avoid or be extra-cautious of.

Why the hell...

[Jaysyn]

...would anyone want to take security advice from McAffe?

Not helping things

[StreetStealth]

Seriously, though, this report doesn't help their credibility.

Why should we care which TLDs are more likely to contain malware? Are we actually going to learn anything from making random correlations like this? Obviously there are also plenty of scammers at "less dangerous" TLDs and plenty of honest folks at the "dangerous" ones, and there are of course vastly more precise ways to determine the safety of a site than by its TLD.

So of what value is this distinction then, apart from an amusing press release to

Re:

[smoker2]

I think the listed domains are more likely to be dangerous because the areas they cover are less developed than the western domains, technologically speaking.
Hence the owners of said domains are more likely to be switched on the possibilities the internet has to offer, which include taking those western suckers for as much as they can get.
As those people are a higher percentage under those domains by self selection, of course the numbers will reflect that.
I think as the technology gets more entrenched in t

Re:

[Joebert]

Because it sounds Irish, and my Irish drinking buddy kicks the shit out of anyone who tries to steal my money off the bar.

Re:

[Smallpond]

Since -2 can be an exponent, that's true.

not their problem

[Brian Gordon]

"Companies that assign addresses for Web sites appear to be cutting corners on security more when they assign names in certain domains than in others"
um since when is that the registrar's responsibility? they just point a domain name at an IP address-- that's the extent of the service.

Re:not their problem

[aredubya74]

Exactly. I'd be much more interested in looking at the stats by assigned IP blocks. That way, network admins could blacklist those ranges at their edge, adding exceptions as needed. It's a tough game to play, but it would also give admins an idea as to what ISPs are leaving obvious botnets intact and which ones aren't.

Re:

[Lord Ender]

I would be interested in seeing what SSL sites have malware. To know if Verisign is giving certs to badware hosts would be interesting.

TFA = nonsequiteur

[Tungbo]

Whether registrars are verifying domain owners has NOTHING whatever to do with which TLD the 'dangerous' websites are located in.

If they believe this article, those 'dangerous' website operators will just put their domain under .COM with no impact to them whatsoever.

Define "Dangerous"

[corsec67]

Is that dangerous to someone running IE on Windows, or dangerous to the person, like scams?

It seems like they kind of mashed the 2 together, but that is McAfee, so I would expect them to exaggerate the dangers of browsing without McAfee.

Re:

[xouumalperxe]

Just parse "dangerous" as "hostile", and your question ceases to have meaning. But yes, take a security vendor's assessment of the level of threat you're under with a grain of salt...

Re:

[Fallen Andy]

I may get marked funny for this , but dangerous to McAfee users perhaps :-O

Given the ongoing 1+ month series of SQL injection attacks, I have to call BS on the statistics for TLD's.

It doesn't really matter if "myobscurewebsite.info" is "dangerous". It really does matter if the UN website or Dept. of Homeland Security or NASA or some other "important" site is compromised - especially ecommerce sites which have high traffic.

Andy

I wonder...

[computerman413]

I wonder where .xxx would've come in if it had been created.

Re:I wonder...

[cryptodan]

I wonder where .xxx would've come in if it had been created.

It would be 69%.

sorry, but i just don't get it...

[ketamine-bp]

i live in Hong Kong.

here, if we are to register domain names, especially .com.hk, we need business registration to get it registered, same goes for .edu.hk, .org.hk etc.

the possible exception would be .hk, but i think the HKNIC (i forgot the name..) does have reasonable abuse TOS that these bad things get cancelled... so i would be glad if they could provide us with the domain names they flagged 'dangerous' and let's see how it goes....

Re:sorry, but i just don't get it...

[gad_zuki!]

This issue may not be the number of shady TLD registrants, it may be the number of compromised hosts. If .hk has too many hackers or a culture of crime then they may prey on local resources and use those for international spamming/phishing. Or it may be a target for other reasons (lax computer crime laws, etc).

Re:

[sydneyfong]

Well, I'm not in the security trade, so I'm nowhere authoritative. But I've never heard of any hackers or any culture of cybercrime in my circles, and the culture here is pretty apathetic to people with actual technical skills...

I don't know, it really doesn't sound likely.

Re:

[pavon]

It's possible that the malware isn't there intentionally. It is not uncommon for a website to be hijacked and have malicious javascript inserted but leave the rest of the site the same. Given the relatively small number of sites in the hk TLD, if a major hk hosting provider was hacked that could account for some of it.

It doesn't look like McAfee has posted this year's report yet. Here is last year's [siteadvisor.com].

Re:

[sydneyfong]

Hi. I'm in Hong Kong too.

I'd also like to say that the general .hk registrations have opened up only around 4 years ago, and last I checked the total number of registrations were at most around hundreds of thousands (too lazy to find out where to check now). So if anything the 19% of problematic sites might simply be due to relatively low number of registered domains. Even then I don't really recall 1 of 5 sites being shady ones...

Anyway this story really surprises me... :-/

(Do I actually know you? Your nam

Re:

[sydneyfong]

OK, here's the statistics:

https://www.hkdnr.hk/aboutHK/statistics.jsp [hkdnr.hk]

In short, .hk has about 160K registered domains. More than half of them are under the schemes which require business registrations (see GP).

I'm having trouble thinking that around 50% of the domains which are open to the public (anybody in the world) are dangerous... I haven't come across a single one which seemed shady... (and I own a .hk site too)

Weird....

Re:

[ketamine-bp]

yes.
email me ur msn if you wanna chat =)
methionine at gmail dot com...
actually, does slashdot have a messaging system?

Because there are no more good dot-coms.

[Rob T Firefly]

Not even the malware folks can get a decent domain in .com anymore, they're all in use or squatted upon.

Age of website?

[QuietLagoon]

I'd bet if they would find an even better correlation if they looked at the age of the website's domain registration, not the domain it was registered under.

I used Site advisor once..

[Warll]

The thing is far from foolproof. When I was bored one day I decided to start clicking on just about all the Google Adwords adverts I could find. Most of them were for those scam sites, you know the kind "click here to buy Firefox, Buy supsciption to Bittorent now!" Over half the sites were green according to Site Advisor. Really I'm sure that their numbers here at least give an idea as the how "dangrous" these TDLs are, put really they are liekly far off from the truth.

Chinese domains

[Anonymous Coward]

The problem with .cn domains: 30 minutes after you surf there, you want to surf there again...

Welcome to Slashdot

[Akardam]

30 minutes after you surf there, you want to surf there again...

You must be new here...

Stats To Drive Sales?

[RavenofNi]

I could be missing something, but the implication here seems to be that McAfee and TFA seem to think that domain registation companies should be responsible for what I do with my domains...

Hundreds, perhaps thousands, of companies are in the business of registering domain names; some are large and well known, while others are small and less reputable, offering their services on the cheap and with flimsy or no background checks to lure in more customers.

I've never had a registration questioned beyond my payment information...nor would I expect any sort of deeper investigation into my desire to register. Granted, most hosting providers specifiy restrictions on content/usage, but TLD registrars? Not in my experience at least...perhaps someone else can enlighten me?

No

Re:

[FishWithAHammer]

While your point is good, I lol'd at this from McAfee: "excessive pop-up ads."

"Excessive" pop-up ads? How about any pop-up ads?

Re:

[bhtooefr]

Christmas Island (.cx) has content restrictions... specifically, on obscene or pornographic content.

(Yes, THAT .cx. That's why goatse was shut down.)

Use Linux/Firefox and nobody gets hurt...

[drpickett]

What complete non-news. I read TFA, and the most informed statement that it made was don't buy your Prozac from China. Brilliant.

of course they're dangerous

[v1]

Those sites are just chock full of advertisements for Norton and download links to NOD32...

My TLD is pretty safe

[Protonk]

Nothing wrong with mine [wikipedia.org]....

Numbers in names

[otacon]

I know they aren't TLD's but has anyone noticed ads on tv that have URLs like www.37CreditHelp.com or www.62CollegeDerees.com I always wondered why they do that. It's kind of a red flag to me when I see that.

Re:

[sm62704]

It's because all the dot coms are being used or squatted. You can't get "CollegeDegree.com" but you CAN get "67CollegeDegrees.com", or rather could before it was registered.

Re:Numbers in names

[camperdave]

I think part of it is marketing research. They know which timeslot, and which show, a particular ad with a particular numbered website is going to appear. The number of hits that they gather off of a numbered website will tell them how effective that particular ad is. That way, they can tweak their marketing strategy: ie. buy more time on certain channels, or in certain time slots, or against certain types of shows.

lies, damned lies, and mcafee

[the_rev_matt]

I agree that crap math is the key to this story. If there are 1,000,000* .ru sites and 6.8% are hostile, that's almost 70000 sites, if there are 25,000 .hk sites and 19% are hostile that's (lemme get my slide rule real quick) 4,750 sites. Clearly the .ru TLD is more likely to cause troubles.

Note I'm pulling all numbers out of thin air for demonstration purposes, I've no idea if these are the actual numbers but it's safe to assume that McAfee spent less than half the time and effort on their report than I did in writing this comment.

Re:

[masterzora]

Now maybe if you choose a random URL out of all possible URLs, something with a .ru TLD is more likely to cause troubles. Good to know. But if you're going to some URL, you *know* the TLD. If you see that the TLD is .hk and 19% of .hk sites are hostile, you have a higher probability of trouble being caused than if you see the TLD is .ru and 6.8% of .ru sites are hostile.

Re:

[blueskies]

Clearly the .ru TLD is more likely to cause troubles.

But only if you look at it in a stupid way. If i'm browsing to get two different websites one in the .hk TLD and one in the .ru TLD, I'm more likely to be harmed at a randomly selected .hk site.

Re:lies, damned lies, and mcafee

[mattwarden]

Um, no. You are exactly wrong, in fact. It is true that there are a greater quantity of troublesome .ru sites in your example, but given a .ru domain and a .hk domain, the .hk domain is more likely to be troublesome. The fact that there are more .ru troublesome sites out there is only a result of there being more .ru sites out there. The only thing that affects is the likelihood that a given domain is a .ru domain.

Consider this:
Bag 1: 7 of 10 marbles are blue
Bag 2: 35 of 100 marbles are blue

There are more blue marbles in bag 2, but you are far more likely to pick a blue marble in the first bag.

The point of the article is: how much of an indication is it that a .xy domain is dangerous?

Re:

[Bill, Shooter of Bul]

I think this article is pretty informative of which slashdotters can't apply math to real world situations.

Re:

[smoker2]

Clearly the .ru TLD is more likely to cause troubles.

Less than 10% of ru domains will cause trouble, you can nearly double that figure for hk. So irrespective of how many total registered domains there are under either domain, you have a higher percentage chance of hitting a bad site under hk.
This only holds true as long as you hit hk sites as equally often as you do ru sites. If domains were bars, then if you found yourself in chinatown, then you would have a fair chance of encountering trouble, because a

List is incomplete

[UnknowingFool]

WTF? They left out the most dangerous TLD of them all: .cowboyneal

Interesting bits

[rock56501]

I am willing to bet that there are a lot more .com site's registered than .cn or .info or whatnot, so the fact that 5% of the .com's are flagged is huge, seeing that most people think about going to .com's before anything else.

One other interesting note is that .05% of .gov's are listed as dangerous. So is that like from when the www.nsa.gov website left that tracking cookie on your computer or is there a actual government website out there that is actually dangerous to visitors?

WAG explanation

[jdh3.1415]

Companies that assign addresses for Web sites appear to be cutting corners on security more when they assign names in certain domains than in others, . . .

Of all ".hk" sites McAfee tested, it flagged 19.2 percent as dangerous or potentially dangerous to visitors . . .

A little more than 5 percent of the sites under the ".com" domain -- the world's most popular -- were identified as dangerous.

If I recall, when I registered my .com domain name, the only thing I had to verify is that I'm human, via captcha. I can't imagine how they could be less secure for other domains. Perhaps, they do away with the captcha?

I doubt this has anything to do with registrars' verification procedures. If I made a wild a55ed guess to explain this, I'd say many of the .com sites are larger and have better security. Sites on other TLDs are smaller, less secure, and have been hacked.

I wonder if the author's ex

You know, Google browses everything

[Maxo-Texas]

So they either have awesome virus scanners,
Or they reinstall regularly
Or they use very robust scanners that are some how immune to the various injection attacks.
Or they are horribly infected.

Re:

[Chief Camel Breeder]

The robust-scanner one, almost certainly. This is likely an easier job than hardening an interactive web-browser. Their robot has no need to execute anything it comes across, so downloaded script needn't be allowed to execute anything, ever. It has no need to render any of the media, so none of the image-library attacks can work. They don't have to keep anything that they scan, so no save-to-disc code. In short, they can maintain exceptionally strong separation between their scanner and its host.

If the

Statistics for phishing domains are different.

[Animats]

SiteAdvisor is basically an anti-virus program connected to a web spider; it downloads pages and looks for hostile code. This is valuable as a firewall feature, but it doesn't say much about whether a domain is worth visiting.

PhishTank [phishtank.com] has a list of sites currently involved in phishing scams. Let's take a look at that. At SiteTruth [sitetruth.com], we have historical PhishTank data in a database, with 40997 phishing attacks recorded. So when we ask the right question (which is "SELECT SUBSTRING_INDEX(domain,".",-1)

Good .info site:

[sconeu]

http://www.spybot.info/ [spybot.info]

Re:Where can I get a list of these TLD to block ou

[Brian Gordon]

What the heck? The numbers are less than 20%.. would you block out 80% of a TLD?

Re:

[Tridus]

Is there anything in .info worth reading anyway?

Seems like its only purpose is to garner registration fees.

Re:

[Brian Gordon]

Um, yes. info is my favorite TLD. com is for commercial, net is for network services, org is for community organizations, us is for patriotfags, name is for 2-page autobiography websites... what do you do if you have a miscellaneous site or a site for hosting a programming project? Drop it in .info! (see sig)

Re:Where can I get a list of these TLD to block ou

[eln]

I think it's cute how you still think any of the TLDs are still used for their originally intended purposes.

Re:

[Brian Gordon]

Well they aren't but they should be.

Re:

[Brian Gordon]

No but you're not playing by the rules.

Re:

[Bryansix]

Yes, Anarchy for all!
Crowd: Booo!
Fine Anarchy for some and miniature flags for others
Crowd: Yay!

Re:

[cheater512]

Good. I'll snag your site as well with the block. :P

Re:

[TheRaven64]

gnuplot.info [gnuplot.info]?

Re:

[mikael_j]

I actually have a .info domain that I use for my personal website (mainly because the registration cost for the domain was almost nothing just as they started up the .info TLD), I also know of a few other useful .info sites like growl.info.

/Mikael

Re:

[CogDissident]

www.the-underdogs.info is a good gaming site. They were on .com, but it got cyber squatted. And then .org got cyber squatted too.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[Crazy Taco]

Don't forget .ng (Nigeria). I don't think anything good ever comes from that domain.

Re:Where can I get a list of these TLD to block ou

[zeromorph]

Here is the list: cz info nl ru st up id net biz org

Don't forget .ng (Nigeria). I don't think anything good ever comes from that domain.

.no - Norway

.sh - Saint Helena
.it - Italy

sherlock

Re:

[Not The Real Me]

I agree with blocking .ru
I'd add .am to the list of blocked TLDs.
Never go to a .am or .ru site using Internet Explorer. However, Opera or Firefox with Java and Javascript disabled, and the Flash plugin disabled, is reasonably safe for .am and .ru TLDs.

Re:Where can I get a list of these TLD to block ou

[Sloppy]

If visiting a page could pose a risk, then you would be much better served by upgrading your browser than installing a blacklist. Most browsers should be able to visit the most maliciously-made-as-possible webpage with no risk at all. What are you doing, downloading and executing code from web pages?

Re:

[fracai]

not even http://growl.info/ [growl.info] ?

hang your head in shame.

5%, I'm surprised

[goombah99]

5% seems absurdly high.

I wonder how the 5% was chosen? I mean how does one actually sample this in a meaningful way. For example, suppose one enumerated every possible webpage and sampled those randomly. Or, given that that is impossible, suppose one enumerated every TLD and samlpled those.

This still would not accord with user experience. User experience is you start from some place on the web and click outward following links. Usually the starting place is some aggregator like Google.

Following that kind of trajectory is not the same as uniformly sampling TLDs or webapges, but is how users interact.

I can say with certainty that 5% of the links I click are not "dangerous".

Re:

[jandrese]

I suspect they flag a lot of questionable stuff as "dangerous" when it really isn't all that bad. This is McAffee after all. They're going to use these statistics to try to sell people on their internet shield or whatever they call it. Plus, a random sampling of .com sites would hit a whole lot of domain squatters, who's pages are almost always questionable.

Re:

[blueskies]

You're a complete idiot. If you are running IE there are sites out there that will compromise your computer. Their plug-in is a free (as in beer) and you get access to why exactly a site is marked as dangerous. They will even show you which downloads they think are bad -- go download them and deal with the exploits and malware if you really think it is BS.

Sure they are selling security software, but why don't you at least check it out before shooting your mouth off?

Re:

[jandrese]

I'm not saying such websites don't exist, but I suspect McAffee is flagging stuff like cross-domain cookies (frequently used in trackers) and other such stuff that's not going to take over your browser/rape your mother.

Re:

[blueskies]

Try out their plugin. It tells you exactly why a given site is marked harmful. Things aren't marked red unless the have some seriously bad behavior. Cross-domain cookies are not marked as red. I'm not positive, but i think yellow contains things like automatically changing your browser home page, or adware in a download that doesn't actually harm you.

Re:5%, I'm surprised

[gnuman99]

The 5% number cames straight out of goatse.cx's ass

Re:

[dubbreak]

The 5% number cames straight out of goatse.cx's ass

After looking at those 12 goatse pics I am convinced they must have fallen out the the goatse's ass (shudders).

Re:

[wolf30082]

What is all this in real numbers, anyway? 5% of .com could be 800 times 20% of .hk This is just a silly-season piece of useless fluff, don't you think?

Re:

[Tom]

I wonder how the 5% was chosen? I mean how does one actually sample this in a meaningful way.

Given that this is from McAffee, which kind of has a little of a business interest in making people afraid of the unseen dangers of that Intarweb thing, my guess is the sample was taken like this:

* Enter a random string into Google
* Visit the first 20 websites that come up
* Record that one looked kind of shady
* 1 of 20 = 5%
* Write press release using that figure

Re:

[jotok]

Welcome to the wet, wild, wooly world of liesstatistics.

What Mcafee's methodology lets them claim is that if you closed your eyes and went to a random website, some percentage of the time it may expose you to risk. With such a low proportion in the .com domain, it basically means that you may as well treat it as a random event and not worry so much about.

The thing is, as you point out, the average user doesn't blindly go to random websites. There are maybe 20 sites I visit regularly, and none of them have

Re:

[Stormwatch]

I don't think I've ever been to a .info site.

Then check my lil' personal site, http://matilha.coolinc.info/ [coolinc.info]

AFAIK it has no phishing, but it has my furry art. NSFW, obviously. :P

Re:

[sm62704]

Ok, now .org is dangerous too.

Re:

[shri]

With due respect, a DNR's job is not to police domains. If they start policing domains, it opens them up to severe liabilities when things go wrong. Whats wrong with making money by the way? Thats the HK way...