Because we criticize the claims of others, skeptics are often attacked. In the world of Internet skepticism, these attacks often come in digital form.
I’ve often written about using Web of Trust (and tools like it) to warn unsuspecting users about dangerous misinformation websites. It is inevitable that the owners of these sites will become aware of the negative ratings we’ve given them. But what if they decide to retaliate against skeptics?
It’s not really a question of if. Judging from a few instances I’ll document here, some are not only fighting to repair the reputations of their own sites in Web of Trust, but some are voting against skeptic sites in Web of Trust and other online site rating services as well. (Yes, there are other services that rate websites for end users beyond WoT).
So what’s a skeptic webmaster to do? What’s the best way to become aware of malicious activity like this as quickly as possible? Unfortunately there’s no one silver bullet, but I can recommend a few tips and one site that will let you monitor your site’s reputation in 30+ services in one fell swoop.
Read on for more details…
Some Alt-Med Sites Have Noticed
Starting in April of this year a few alt-med sites ran articles about our Web of Trust efforts with titles like “Quackbusters, Skeptics and the Web of Trust” and “Skeptics Hijack Web of Trust” and others. (Yes, of course those links include the nofollow attribute, why do you ask?)
Like much material written by pseudoscientists, these articles have a small grain of truth (skeptics are in fact active on Web of Trust) but get many details wrong. For instance, they seem to think activist skeptics are only found in North America, which I’m sure will come as surprising news to the many skeptics groups overseas.
These articles all seem to have been cribbed from the same press release, possibly issued by Tim Bolen, a notorious anti-science campaigner who seems to have trouble remembering where he went to school, and also doesn’t seem to understand how the Internet works.
Retaliation Against Me
There does seem to be evidence that some of them are retaliating as a result of these reports. In one case this retaliation hit close to home. Back in June Elyse Anders pointed out on Twitter that my own Twitter profile came up with a red icon in Web of Trust.
I must confess I was not even aware that WoT had a feature to rate individual Twitter profiles. Most WoT ratings are for the domain as a whole, so for instance any page on wikipedia.org gets the same rating. But some time ago the makers of WoT added an experimental feature to rate subsections of shared domains separately. I had never noticed it because around the time I started writing about Web of Trust, Twitter made a change to their URL structure that broke this feature in WoT.
In May, Twitter changed their URL structure back and the Web of Trust feature started working again – revealing the red rating on my profile. After it was pointed out to me I solicited the help of other skeptics to vote it back up into green. (You can help too, just go to this scorecard and vote green).
Since WoT votes are anonymous, I have no way of knowing who voted my profile down, but I can only imagine it was folks angry with my skeptic work, and in particular my articles about WoT.
It was just this sort of retaliatory voting that the now-defunct WOT Project was designed to combat. One hopes their early efforts to build up vote strength will help avoid some issues.
Other Anti-Skeptic Voting
I’ve seen other examples of skeptic sites with negative votes, perhaps created by people with an axe to grind. In early July I happened to visit the home page of the American Freethought podcast and got an unexpected warning screen from WoT. At that time the site scorecard looked like what you see here (at right for most of you).
As you can see this is a very poor rating, and it is clearly malicious and undeserved. For instance the vendor reliability rating makes no sense, because the podcast sells nothing on the site! (They do have a donation page, however).
I always tell skeptics to avoid voting in the Vendor reliability and Privacy categories unless they have specific knowledge of bad actions in those areas by that site. It is only ethical to vote truthfully based on your knowledge of the site, not speculation.
I immediately called this issue to the attention of John C. Snider (one of the hosts of the podcast, who happens to live in my town). He was previously unaware of Web of Trust, and therefore definitely unaware of this rating issue. I put out a call on Twitter for skeptics to fix this, and I think John mentioned it to his listeners. I am pleased to report the ratings showed an immediate upward trend, and as of now the site is rated fully in the green. Whoever had voted it down clearly hadn’t done so with a very large group of people, and their damage is now undone.
Not Just Web of Trust, Either
So you might be thinking, “Big deal, I have Web of Trust installed and I visit my own website often, I’ll notice if the icon changes.” That may be true, but what about the other services that rate web sites and URLs online? There are more than one. In fact, there are quite a few.
Many of them are focused on issues that go beyond the core competency of Web of Trust, such as:
- Computer viruses and other malware
- Phishing attempts
- Spam emails sent by the site
- Presence of third-party advertising cookies
- Pornography and other objectionable content
- Information or tools used by hackers & other criminals
Some of these services are algorithmic – that is they rate the site based on actually testing the content. For instance, Google’s Safe Browsing function (available in Chrome and Firefox) rates sites based on a robotic detection of the presence of malware during Google’s normal data collection for their search engine.
(And, in a bit of circularity, some of these services are actually incorporated into the Web of Trust reports as well — so a bad rating on a malware service can affect your WoT rating too).
Some of these services also incorporate user reports just like Web of Trust does. The nature of spam and phishing is such that they almost have to. (One man’s useful commercial email is another man’s spam). And as a result, some of these results can be influenced (at least temporarily) by malicious reports.
An Example, Courtesy Anti-Vaccine Advocates
Beginning back in June, Reasonable Hank (a pro-vaccine campaigner in Australia) got a report on Twitter that his site (and that of another skeptic blogger) provoked a malware warning for some readers. Oddly enough, the report came from an anti-vaccine campaigner who accused him of trying to infect her computer with malware.
He quickly determined that this was based on a user report to the Internet security company Trend Micro, and that there was a procedure to dispute the report, which he did. After documenting the incident on his blog, he found that a second report with a different service was made in August. He was able to work around that too. He strongly suspects that the anti-vaccine campaigners themselves made these reports, just so they could publicly accuse his site of malfeasance with some (slim) evidence on their side.
Like many aspects of skepticism this situation could turn into something like Whack-a-Mole. Because computer security is a competitive area important to many businesses, there are many competitors in the URL rating game. How can we check them all, or even know which ones to check?
A Partial Solution
Fortunately, one security company saw the need for a centralized URL checker and built it. It’s called URLvoid and it is a free service created by the NoVirusThanks Company for users to scan a web addresses with multiple web reputation engines at once. The main purpose is for end users to check out web sites before they visit them, for safety.
But as the owner of a website, you can certainly use it to check out the reputation of your own site. Here’s an example, part of the URLvoid report for my site What’s the Harm:
And so I can see that my site comes up clean on 30 different services. I work in computer security and even I’ve not heard of a few of these. But it’s good to know they are not giving me a bad rating.
And if they were, I could click the More Details link and explore further. Sometimes the more link drops you at the search screen on that service, but often it will take you right to the report for your domain. Usually from there you can find a way to request a re-evaluation of your rating or suggest a different rating.
Each service is a little different, so I don’t have the space to go into the details of each one. Some have a simple email alias to send requests, others require you create an account to open a ticket and so on. If you are lucky, you won’t have to learn the ropes of very many of them.
You may note that Web of Trust itself (listed as “MYWOT”) as well as Trend Micro and BitDefender (the two services that wrongly accused Reasonable Hank’s site of hosting malware) are included in URLvoid. So the service definitely would have saved Hank some time.
Unfortunately URLvoid doesn’t yet offer any way to get automatic updates of changes in your site’s status. However, you could use a web page change monitoring service like Versionista (which I wrote about here) to automatically monitor your results and get an email when they change.
Also, URLvoid is purely domain based now, so you cannot use it to check your Twitter profile rating in Web of Trust.
Conclusion and Action Items
Clearly in the current Internet environment, skeptics must be wary of attempts to damage their web site reputation. URLvoid provides a good tool for that.
Here are my recommended best practices:
- Scan each domain you control using URLvoid
- Be sure to include any alias domains (“skeptools.com” and “skeptools.wordpress.com”)
- Bookmark the results and return periodically to check
- Optionally use a service like Versionista to monitor changes
- Visit your Twitter profile page(s) periodically with Web of Trust loaded and check status
- Contest bad results as needed
- Ask for help from skeptics when necessary – it works!
By following these practices, you won’t have to rely on others to notice your reputation issue before you do.
Related Issue: Web Surfing Filters
A closely related issue is web filtering products which can block access to your website at companies, schools and other institutions with security or access policies. I know of at least one skeptic site (The Twenty First Floor) that has run afoul of these filters.
Unfortunately URLvoid does not cover these services, and I don’t know of an equivalent way to check your status in several at once. (If you know of one, suggest it in the comments). I’m currently researching this problem and hope to address it in a future post.
Oh, I forgot to mention one other trick. It won’t tell you about changes in rating, but the scorecard page for your site on Web of Trust has a link in lower left labelled “Subscribe to this scorecard’s comments”. This lets you get an automatic notification in your RSS reader (such as Google Reader) whenever someone leaves a comment about your site.
Grear information, thanks Tim. Bookmarked URLVoid. I have EXPOSURE coming up “detected”. The rest is now clean.
After the previous reports mentioned above, I also had a Mcafee notice sent to me by a friend. I’ve emailed Mcafee with no repsonse, so far. I’ll attempt to log back in to their site advisor after work. It kept timing out last time I attempted to register.
Thanks, just used WOT for the Farley twitter account as well as the Freethought one.. I highly encourage people to let the community know if they are under attack from anti-science proponents. We may be a small number compared to the paranormal crowd, but we are more organized and MUCH more tech savvy.
Thanks so much, Tim. Unfortunately I am currently locked in a battle with TrendMicro to get the “dangerous” warning removed from my blog. I know exactly how it got there–unscrupulous anti-vaxxers. The customer service rep told me that the warning was placed because of an anonymous report to the company about my blog. I have asked five times now via email and telephone to have the warning removed. Yet this company, which is fully aware of and has admitted to me that there is no malware or fraudulent activity on my blog, has yet to take the warning off.
Another trick that’s a favorite of Anti-vaxxers in Australia is to file false DMCA complaints on Facebook to get skeptic posts taken down.
Yeah, at some point I need to do a DMCA tips and tricks post, unfortunately I haven’t had to deal with any so I don’t have a ton of advice to offer.
One of the reasons they are so brazen about abusing the DMCA in Australia is because there’s a common misconception that the United States courts don’t have jurisdiction to punish them for the abuse. This ignores the fact that you have to explicitly consent to the jurisdiction of the service provider (i.e within the United States).
Whether or not they can enforce judgment is another thing.
However Meryl Dorey commits perjury with her false declarations AND travels to the United States. I am hopeful that these actions will someday result in arrest and prosecution.
Thanks Tim. Appreciate the tips.
Excellent timing, as I discovered yesterday that, as a result of a post on Facebook urging followers to check Web of Trust, my own site had received a vote for “hateful or questionable content”. Why? Because I blogged about Burzynski, and a particularly diligent online follower decided to track down lots of blogs and use WOT to try to trash their ratings.
Fortunately those comments don’t actually affect your rating, which is the more important thing. It’s easy enough for skeptics to vote the site back up, and add several positive comments (as I see they’ve done) to push the nonsense down on the screen.
Pingback: Stealth Skepticism - Skepticality
Surely that you were unaware of the WoT rating of Twitter profiles sums it up.
You aren’t using WoT either.
Whilst crowd sourcing makes sense for this sort of thing it is only useful if enough people contribute to override any orchestrated manipulation, otherwise it risks being biased by an active minority of any stripe. As far as I can tell only Facebook seem to take them particularly seriously, FB blocks me posting the top ranked “bad” site on their list even though it appears to be a run of the mill porn site with no annoying pop-ups (which most of the people were complaining about). The WoT re-evaluation doesn’t seem to hack it either.
Google and the other big Internet players were doing a non-profit malware detection for websites in stopbadware.org and google are just acquiring VirusTotal according to the news wires. They provide automated ways to say “I cleaned it up”, which is of course easier with malware detection than something vaguer like “reputation”, since you can quickly tell if the malware you found is still there.
BTW: I’ve had the same issues with Trend Micro falsely listing sites, and worse not giving a clear reason (it is remarkably hard to prove the negative, that everyone trying to visit your site sees the content you expect). I eventually called them on the phone and got it fixed quite quickly.
Not sure I see your first point. I use WOT every day and rate several sites a week.
When Twitter launched what was called “New Twitter” in late 2010 and early 2011, they added “#!” into most of their URLs. This was widely discussed because it was a major architectural change for the site. But it meant that WOT while looking for something like “http://twitter.com/krelnik” was instead seeing a URL like “http://twitter.com/#!/krelnik”. Those don’t match, so it wouldn’t call up the right rating. Thus for the entire time New Twitter existed, the plug-in couldn’t show me my rating.
WOT always deemed the Twitter feature “experimental” which was why they chose not to fix it, as you can see in this support thread.
I first wrote about WOT in March of 2011, so until Twitter got rid of the hash-bangs in May of this year, I’d never had the opportunity to see this feature work correctly. It had been broken the entire time I used WOT.
Pingback: Virtual Skeptics webcast #5 – September 12, 2012 « Skeptical Software Tools
Pingback: WoT is this I don’t even | reasonablehank
Pingback: Virtual Skeptics, Episode 5 (12 Sept 2012) « The Virtual Skeptics
Pingback: Content Roundup for September 2012 « Skeptical Software Tools
Pingback: Morning Toolbox – October 3, 2012 – Google, Pundits and More Politics « Skeptical Software Tools
Pingback: Reviews – MyWot Trustworthiness Exposed | Avoiding Scams Online
For the skeptics reading here, that last pingback on “Avoiding Scams Online” is somewhat entertaining. It’s an affiliate marketer (not a business known for being reputable) complaining that his site got down-voted on WoT. He links to another affiliate marketer whose father’s business got down-voted too.
The father’s business is selling those bogus “hydrogen generators” that claim to raise your gas milage but actually do nothing. So clearly WoT is causing pain amongst the scammers.
Pingback: Morning Toolbox – October 17, 2012 – Meet, Develop, Disavow « Skeptical Software Tools
I recently made the mistake of asking for individuals to rate my site. It went from 96 on everything to 20 over night. Not only that but I got banned from their site for leaving legitimate comments and criticism, they called it spam. I believe that WOT is out to get money from their badges in a promise to raise the websites rating.
I’d have to have more details to comment, for instance what is your website about? Certain types of businesses never fare well in WoT, for instance anything relating to affiliate marketing, multi-level marketing or email marketing. That’s because there are so many bad actors in that space.
Rather than ask people on the WoT forum to rate your site, why not get your friends and customers to vote? I think that’s much easier and more likely to go your way.
The site is http://meltmyscents.com its an MLM for Scentsy Family Inc. I would have but I decided not to even cater to that site. They banned me from posting due to “Spamming”, I guess rating websites and leaving comments for those site is spamming. Besides Google and Facebook have both discredited WOT. I have also invested in SiteLock for those who believe that WOT is end all be all.
Yeah, sorry, you’re never going to get a good rating for any sort of MLM on WoT. The vast majority of MLMs are money-losers for all but the original founders. You won’t get much sympathy on this site about that either, skeptics are quite aware of the issues with MLMs.
Im sorry to hear you feel that way too. We have done quite well with it and so have many others not just the founders. Either way it just shows that WOT cant be trusted and how flawed they really are due to the biases that they hold. The rating should be based on perceived notions but on the site itself and the company behind that site. Besides the company itself regardless of the biases you hold of MLM’s is an A+ rating on the BBB, is rated in Forbes top companies to watch this year and has many awards for their business practices. http://www.bbb.org/boise/business-reviews/multi-level-selling-companies/scentsy-inc-in-meridian-id-5006323
MLM are just flat out scams by design.
I find it very amusing that someone outed their own MLM site to the MyWot community and is now upset by the response. :)
You need to go back and read the course notes for MLM BS 101. You mention BBB rating and ratings in Forbes but you forgot to say that General Motors is a pyramid, that MLM is taught in universities and that people like Bill Gates would go into MLM if they had their time over again.
All multi-level marketing schemes are scams Every one, with no exceptions.
And thanks for the heads-up. Scentsy will be added to the list of MLM scams in the next update to The Millenium Project.
Could you offer more details on “Google and Facebook have both discredited WOT”? Do you have links to support that statement?