- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
Hong Kong's ".hk" is now the world's most dangerous domain for surfing and searching, according to a report released Wednesday by security company McAfee, but the survey's methodology may mean it is not as risky as its seems.
The Hong Kong Special Administrative Region (SAR) moved from number 28 in 2007 to the top of the company's "Mapping the Mal Web" survey, edging out its northern neighbor China's ".cn," which placed second. Finland's ".fi" was the safest, followed by Japan's ".jp."
Just over 19 percent of ".hk" contain malware, viruses, have a high rate of spam or feature aggressive pop-up ads, McAfee said, as determined by a survey of 74 top-level domains using its SiteAdvisor software. Over 11 percent of ".cn" sites for China were similarly found to be dangerous. Comparatively, only 0.05 percent ".fi" sites were found to be hazardous.
However, one Hong Kong-based security analyst said the survey did not demonstrate any real risk as emanating from the SAR. "McAfee are only looking at the top-level domain bit, they are not looking at the location of the server," said Richard Stagg, director and managing consultant at Handshake Networking, a vendor-independent security consultancy. "They're not paying attention to where sites are actually hosted."
The report is also not specific on the degree of "badness" of the sites using the ".hk" domain, Stagg said, as McAfee puts risks such as malware and annoyances like pop-up ads together.
Malware purveyors and spammers choose their top-level domain registrations based in part on where it is difficult to get a domain name shut down, Stagg said. There are "huge, huge numbers of organized crime Web sites and porn Web sites are registered with .cn domains, but most of them are not hosted in China," he said.
Purveyors of malware and spam choose top-level domains in part based on how difficult it is to shut those domains down. For example, the U.S. Federal Bureau of Investigation can ask Network Solutions to close a .com domain, hosted in the U.S., within days, Stagg said, whereas it would have no jurisdiction with foreign domain registrars.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment