Monday, July 16, 2007

Website visitors are greeted by new safety advisories


I’ve recently noticed that McAfee, with SiteAdvisor, and an org called StopBadware, have started providing tools to help visitors to websites that could harm their computers. I have a more detailed discussion here:

Much of this has developed recently, since the end of 2006, some of it during the past few weeks. The visitor is encouraged to study the links at this other posting.

It's true, that ten or twelve years ago, conventional wisdom held that no one could be harmed by just visiting a website or opening an email without opening the attachment, but that is certainly no longer true.

I thought I would mention a couple of other potential issues. I notice that both of these evaluate links given from the examined or rated site. Of course, when I link to any site (from one of my domains or from these blogs) I cannot control what a third party may do in the future. I do not link to sites that I know or believe to be harmful. Most linked sites are from media organizations or various advocacy groups and NGOs.

One possibility that will happen is that links become invalid with time. Sometimes files are moved, sometimes sites disappear. I don’t have any systematic way of keeping up with this when offering free content. If I discover a link is out of date and it matters, then I change the link or remove it. It is a case-by-case thing. Also, many media organizations and newspapers archive their stories after some number of weeks. Often, a visitor will be directed to an archive link and be asked to pay for the content with a credit card, by the newspaper. This is completely legitimate and under the control of the newspaper (not me) as the copyright owner. Some newspapers require free registration to view any content at all. Generally, they are very fair about privacy and email policies, but one cannot be absolutely sure that unwanted emails could not come.

I did have a couple of other issues. On doaskdotell, I moved a lot of content from my older domain, hppub.com, in July 2005, and disbanded hppub in August 2005. It was difficult to get all internal links changed cleanly, as some directory structures were changed. I believe that I have found all of these, but there could be a stray link or two. After I disbanded hppub, the domain name was picked up by a casino company, and mis-links (even for 404 unmatched files) brought up that company’s page. I think I got rid of all of these.

Another issue occurred in converting Word documents to HTML from the 2002 version of Microsoft Word. Sometimes (especially with bookmarked tags) Word would generate extraneous continuous links to whole sections of text, that would be visible when viewing in Mozilla but not Internet Explorer. The links were also misplaced: clicking on a link would actually bring up the previous link, leaving the visitor the impression that the file is “infected”. It wasn’t; this is a software bug. To fix these, I had to copy into Front Page, go into source code, and delete the extraneous href’s manually. It was tedious a few times. This problem occurred because Word used an XML-XSL mechanism in converting to HTML and generated unnecessary span statements. Microsoft no longer supports that version of Word and recommends a newer one. As far as I know, all of these problems have been fixed, but there could be a few strays.

I have not seen any evidence yet that SiteAdvisor or similar tools looks for these kinds of problems, but I can only assume that they may in the future, as they would alarm users.

I do realize that a lot of my content is old, and was built with manual tools in fashion eight or ten years ago. Yes, I am looking all the time at ways to automate and generate the content more safely without these glitches and potential “false positives” for site inspection and advisory software.

No comments: