News 

For the past 11 months the company has been tracking Net usage with specially-developed Web crawling software and found that one in every 20 sites visited uploaded unwanted software to the visitor's PC, sent out spam or attempted to trick users into giving up sensitive information.

They say that they visited 95 per cent of all websites during the survey, downloaded and tested 475,000 pieces of software and automatically filled in forms, each with one of 1.3 million unique email addresses, to check for subsequent spam.

UPDATE: Note that the research was carried out by SiteAdvisor and not by MIT (Massachusetts Institute of Technology), as we originally reported (although two if its co-founders stduied there, the company is not affiliated with MIT).

Concluding that there was a hole in existing Web security products, the researchers decided to develop a browser plugin that warns users as soon as they visits an untrustworthy site. The result is SiteAdvisor, a free add-on for Firefox and Internet Explorer.

'We focus on the practical, everyday implications of using a particular website,' said Chris

ADVERTISEMENT

Dixon, SiteAdvisor co-founder and CEO. 'We believe consumers want to know, in plain English: "If I download this program, will it come with adware?" Or, "If I sign up here, how much and what kind of e-mail will I receive?" SiteAdvisor works so well for average consumers because it zeros in on the moment of decision, when users are about to interact with a dangerous site. We can tell them: "We've been here before, and here's what happened to us".'

SiteAdvisor is available from www.siteadvisor.com; although only Firefox (for Windows and OS X) and IE are currently supported, the developers have said that they plan to support all popular browsers.

The software's database is continuously updated and the researchers say that they are constantly discovering new scams. The latest of these it has labelled IP bunkmating (others call it IP sharing or host multiplexing). Put simply, it involves hosting multiple websites on a single server, with the same IP address, which act as placeholders for one undesirable site on that domain. In other words, what you see is not always what you get. Examples are given in the SiteAdvisor blog. It notes that as well as posing a security risk to users, IP bunkmating also has issues for Web developers whose hosting company serves several sites from a single domain.

'If you're sharing an IP address, get to know your neighbours,' advises SiteAdvisor's Jonathan Cohen. 'Having a legitimate site located on the same server as a crass or dishonest Web venture can be embarrassing and might restrict your ability to reach the widest possible audience.'