Difference between revisions of "FAQ"
(→Facebook stopped using WOT) |
(→Malicious rumors) |
||
| Line 51: | Line 51: | ||
== Malicious rumors == | == Malicious rumors == | ||
| − | It's unfortunate, but the more popular WOT | + | It's unfortunate, but the more popular WOT becomes and the more successful it is at preventing people from falling for scams, the more people start attacking us. Often scammers whose business model WOT is hurting or other disgruntled website owners spread malicious rumors about the service in an attempt to discredit it and discourage people from benefiting from the reputations. This section addresses some of the most common rumors. |
| + | |||
| + | === WOT is a scam, it's illegal, or it's run by criminals === | ||
| + | |||
| + | People spreading this rumor, whether out of malice or ignorance, rarely even try to explain what kind of a scam WOT is purported to be. This is because WOT is perfectly legitimate, has been around for over half a decade, and has credible backers. The legality of the WOT service has been [http://www.mywot.com/press/safe-surfing-tool-web-of-trust-wins-in-court tested in court] and there's nothing illegal or criminal about the company or the service. | ||
| + | |||
| + | WOT is operated by [http://www.mywot.com/aboutus WOT Services Oy], a Finnish company based in Helsinki. The company was started in 2006 and it's owned by a group of public and private investors, which include the Finnish Industry Investment (an investment company owner by the Finnish government), Open Ocean Capital (the investment company of MySQL founder Monty Widenius), [http://www.mywot.com/press/web-of-trust-closes-investment-round-from-inventure Inventure, and Risto Siilasmaa] (the founder and chairman of F-Secure). In 2010, the president of Finland [http://www.mywot.com/press/innofinland-prize-awarded-to-web-of-trust-community-of-over-16-million-web-users awarded WOT the national InnoFinland prize]. | ||
=== The add-on is spyware or adware === | === The add-on is spyware or adware === | ||
| − | Due to its concept, the WOT add-on needs to request reputations for each website you visit. It also needs to keep track of your ratings, which it does by creating a random, anonymous identifier for you automatically. It's obvious that this information could be used to track which sites you browse, which is probably why spreading rumors about WOT being [[Spyware|spyware]] is a favorite | + | Due to its concept, the WOT add-on needs to request reputations for each website you visit. It also needs to keep track of your ratings, which it does by creating a random, anonymous identifier for you automatically. It's obvious that this information could be used to track which sites you browse, which is probably why spreading rumors about WOT being [[Spyware|spyware]] is a favorite among those trying to discredit the service. WOT is not spyware or [[Adware|adware]] and does its best to respect your privacy: |
* '''Open add-ons.''' <div style="margin-top: 5px; margin-bottom: 10px">All WOT add-ons are open source, which means anyone can download [[Source code|the source code]] and verify what the add-on does. There are no secrets in the add-on, it only does what it says. The Firefox add-on is also thoroughly reviewed by Mozilla editors every time it's submitted to the Add-ons website. So far, the add-on has been featured or recommended by Mozilla, Google, Apple, and Opera.</div> | * '''Open add-ons.''' <div style="margin-top: 5px; margin-bottom: 10px">All WOT add-ons are open source, which means anyone can download [[Source code|the source code]] and verify what the add-on does. There are no secrets in the add-on, it only does what it says. The Firefox add-on is also thoroughly reviewed by Mozilla editors every time it's submitted to the Add-ons website. So far, the add-on has been featured or recommended by Mozilla, Google, Apple, and Opera.</div> | ||
| Line 63: | Line 69: | ||
* '''Data retention.''' <div style="margin-top: 5px; margin-bottom: 10px">All requests the add-on makes are logged temporarily on WOT's servers. These logs aren't used to track users and the information isn't shared with anyone. The logs are kept temporarily only to create usage statistics and to analyze possible abuse incidents. All the information (except for your ratings, of course) in the logs are deleted after one month. You can read more from [http://www.mywot.com/privacy the privacy policy].</div> | * '''Data retention.''' <div style="margin-top: 5px; margin-bottom: 10px">All requests the add-on makes are logged temporarily on WOT's servers. These logs aren't used to track users and the information isn't shared with anyone. The logs are kept temporarily only to create usage statistics and to analyze possible abuse incidents. All the information (except for your ratings, of course) in the logs are deleted after one month. You can read more from [http://www.mywot.com/privacy the privacy policy].</div> | ||
| − | + | === WOT sells reputations or blackmails site owners === | |
| − | + | After [http://www.mywot.com/trustseal the WOT trust seal] was introduced, every now and then rumors resurface claiming reputations can be bought, because WOT now sells something to site owners. That couldn't be further away from the truth. Only websites that have already earned a good reputation from user ratings are eligible for a trust seal, and should the website's reputation change to poor in future, they will lose the trust seal automatically. Sending WOT money does not affect a website's reputation, it's still determined from user ratings. | |
| − | + | Another more recent variation of this is a claim that WOT is sending website owners email saying they need to pay, usually thousands of dollars, to improve their reputation. If someone has received an email saying this, it was not from WOT. You cannot pay to improve your reputation. If you are a site owner and someone is blackmailing you, contact the police. You can also post the evidence to the WOT forum and we will help you catch those who are responsible. | |
=== People who rate a lot of websites are spammers === | === People who rate a lot of websites are spammers === | ||
| Line 82: | Line 88: | ||
However, it should be noted that Facebook does use a higher warning threshold than the WOT add-on, which means the warning is shown only for sites that have a very poor reputation with a sufficiently high confidence level. In other words, Facebook doesn't warn about all poorly rated sites. Also, while WOT was the first link checking service Facebook integrated to their website, they have added several others since then, including Websense and SURBL, for example. These services have not replaced WOT, and using multiple link checking services was in Facebook's original plans. | However, it should be noted that Facebook does use a higher warning threshold than the WOT add-on, which means the warning is shown only for sites that have a very poor reputation with a sufficiently high confidence level. In other words, Facebook doesn't warn about all poorly rated sites. Also, while WOT was the first link checking service Facebook integrated to their website, they have added several others since then, including Websense and SURBL, for example. These services have not replaced WOT, and using multiple link checking services was in Facebook's original plans. | ||
| + | |||
| + | Another variation of this rumor includes a claim that WOT was caught buying Facebook likes and includes a fake quote from Facebook. This is also misinformation. WOT has never bought Facebook likes and doesn't see any reason to do so. In fact, selling Facebook likes is commonly seen as highly unethical and websites doing so usually have a poor reputation at WOT. Most likely this malicious rumor was started by an owner of such a service. | ||
In November 2012, Facebook also [http://www.mywot.com/press/web-of-trust-becomes-first-crowd-sourced-security-solution-invited-into-facebook-s-av-marketplace added the WOT add-on to their AV Marketplace]. “We have been proud partners with Web of Trust for the past year and a half, and are excited to announce a new stage of that partnership to keep our users and their data safe. Not only will Facebook users continue to benefit from WOT's reputation warnings when clicking potentially malicious links but also will be able to download their browser add-on for protection no matter where they are on the web” said Joe Sullivan, Chief Security Officer of Facebook. | In November 2012, Facebook also [http://www.mywot.com/press/web-of-trust-becomes-first-crowd-sourced-security-solution-invited-into-facebook-s-av-marketplace added the WOT add-on to their AV Marketplace]. “We have been proud partners with Web of Trust for the past year and a half, and are excited to announce a new stage of that partnership to keep our users and their data safe. Not only will Facebook users continue to benefit from WOT's reputation warnings when clicking potentially malicious links but also will be able to download their browser add-on for protection no matter where they are on the web” said Joe Sullivan, Chief Security Officer of Facebook. | ||
Revision as of 11:42, 5 January 2013
This is a collection of answers not found in the official FAQ.
Common misconceptions
Users aren't qualified to rate sites
We realize the average web user isn't a security professional and we don't expect them to go out and investigate random websites for safety. We have an active group of experienced users who review sites for technical safety and help the average user avoid security threats. We only expect users to share their experiences with the websites they already know, because they are uniquely qualified to do that. Being able to learn from other people's experiences is the whole reason for this service.
Someone has to fall victim first before others can be warned
Someone obviously has to discover threats before they can warn others, but it doesn't mean this someone has to fall victim or even be a WOT user. We collect information from a number of blacklists and other sources to warn users of emerging threats before they have to experience them personally.
Reputations are easy to manipulate
When someone first hears about the concept behind WOT, their first objection is that someone could easily spam the system with tons of ratings and rate down their competitors or otherwise manipulate reputations, but that's not true. We designed the reputation system to be as fair as possible and very resistant to manipulation.
Ratings aren't equally reliable
Usually in reputation systems each rating is weighted equally and reputations are computed as the average of all ratings, which makes them extremely vulnerable to automated attacks. Therefore, we decided early on to value ratings by their merit and use some of the principles of Bayesian inference for combining the ratings into reputations. Without going into details, the system analyzes each user's rating behavior from several aspects in order to determine their reliability. When you start using WOT, your ratings have little weight, but if you keep rating sites consistently, your ratings will be considered more reliable over time. The meritocratic nature of the system makes it far more difficult for spammers to abuse, because bots will have a hard time simulating human behavior over a long period of time.
Note: User reliability is determined using statistical modeling and doesn't depend on the number of ratings or whether you agree with other users. Specifically, it's not related to your activity score or user level, which simply tell you how active you've been.
Unusual behavior is automatically detected
In addition to weighting ratings differently based on statistical analysis of user's rating behavior, we also monitor for unusual rating activity. The system is capable of ignoring spammers without human intervention and almost every type of unusual rating behavior can be detected. We investigate all suspicious activity and ratings from someone abusing the service will be silently ignored.
But I don't agree with a reputation!
The site's reputation tells you how much other users trust the website. If you disagree with a reputation, it's most likely not because the reputation is being manipulated or there's a conspiracy against the site, but because other people simply don't agree with you. Their experiences may be different from yours, it happens sometimes. You may want to start a new topic on the forum to discuss the site's reputation or if you suspect unusual activity, report it.
Ratings vs. comments
Ratings are often confused with comments, probably because comments are so prominently visible on the scorecard. Users can rate websites on the add-on or on each website's scorecard in four rating components. Ratings are private, which means they are not shown to other users. Reputations are computed only from ratings.
If users want to share additional details about their experiences, they can also write comments to scorecards. Comments are purely informational and have no effect on the reputation. Comments can be voted up or down depending on whether others agree with them. Comment votes only determine the default order of comments on the scorecard, they won't affect the site's reputation. If a site's reputation rating is determined to be controversial, comment voting is disabled to prevent one side from suppressing opposing views by voting them down.
Why can't I see how others have rated a site?
It's always been WOT's policy to keep user ratings private and have a secret ballot. If users want to reveal their opinion of a website to others, they have an option to post a comment. If all ratings were public, users might be reluctant to rate certain sites, because it would reveal to everyone they have actually visited them. Not to mention that users with an opposite agenda might start intimidating others to change their ratings. This all would lead to less ratings, which leads to less reliable reputations; something nobody wants.
Why don't you show the number of ratings?
Unlike it might first seem, the number of ratings won't tell you the reliability of a reputation, and showing it could in fact be misleading to users. It would be trivial for a spammer to rate a site multiple times and thereby make the reputation appear to be reliable, for example. This is why WOT shows you the confidence indicator instead (the small human figures next to each rating symbol). The confidence value tells you how reliable the rating system considers the reputation and it's based not only on the quantity of ratings, but also the estimated reliability of the users who rated the site.
Why don't comments always match the reputation?
A site's reputation is computed from ratings, not comments. Leaving a comment is completely optional and since users who disagree with the reputation or otherwise feel strongly about the site are more likely to also write a comment, it's not uncommon for comments to appear to contradict with the reputation.
Malicious rumors
It's unfortunate, but the more popular WOT becomes and the more successful it is at preventing people from falling for scams, the more people start attacking us. Often scammers whose business model WOT is hurting or other disgruntled website owners spread malicious rumors about the service in an attempt to discredit it and discourage people from benefiting from the reputations. This section addresses some of the most common rumors.
WOT is a scam, it's illegal, or it's run by criminals
People spreading this rumor, whether out of malice or ignorance, rarely even try to explain what kind of a scam WOT is purported to be. This is because WOT is perfectly legitimate, has been around for over half a decade, and has credible backers. The legality of the WOT service has been tested in court and there's nothing illegal or criminal about the company or the service.
WOT is operated by WOT Services Oy, a Finnish company based in Helsinki. The company was started in 2006 and it's owned by a group of public and private investors, which include the Finnish Industry Investment (an investment company owner by the Finnish government), Open Ocean Capital (the investment company of MySQL founder Monty Widenius), Inventure, and Risto Siilasmaa (the founder and chairman of F-Secure). In 2010, the president of Finland awarded WOT the national InnoFinland prize.
The add-on is spyware or adware
Due to its concept, the WOT add-on needs to request reputations for each website you visit. It also needs to keep track of your ratings, which it does by creating a random, anonymous identifier for you automatically. It's obvious that this information could be used to track which sites you browse, which is probably why spreading rumors about WOT being spyware is a favorite among those trying to discredit the service. WOT is not spyware or adware and does its best to respect your privacy:
- Open add-ons. All WOT add-ons are open source, which means anyone can download the source code and verify what the add-on does. There are no secrets in the add-on, it only does what it says. The Firefox add-on is also thoroughly reviewed by Mozilla editors every time it's submitted to the Add-ons website. So far, the add-on has been featured or recommended by Mozilla, Google, Apple, and Opera.
- No tracking. The add-on sends as little information to WOT servers as possible. When you visit a website, the add-on sends the hostname (not the URL) of the site to WOT servers to load the reputation and your ratings. The hostname is encrypted in transit and on our servers logs to prevent eavesdropping. No further requests are made if you revisit the site during the next 30 minutes while the add-on keeps the reputations in its internal cache.When you search the web, the add-on doesn't send your search queries to WOT's servers, it only requests reputations for the sites that appear in the search results, provided that their reputations aren't already cached.
- Data retention. All requests the add-on makes are logged temporarily on WOT's servers. These logs aren't used to track users and the information isn't shared with anyone. The logs are kept temporarily only to create usage statistics and to analyze possible abuse incidents. All the information (except for your ratings, of course) in the logs are deleted after one month. You can read more from the privacy policy.
WOT sells reputations or blackmails site owners
After the WOT trust seal was introduced, every now and then rumors resurface claiming reputations can be bought, because WOT now sells something to site owners. That couldn't be further away from the truth. Only websites that have already earned a good reputation from user ratings are eligible for a trust seal, and should the website's reputation change to poor in future, they will lose the trust seal automatically. Sending WOT money does not affect a website's reputation, it's still determined from user ratings.
Another more recent variation of this is a claim that WOT is sending website owners email saying they need to pay, usually thousands of dollars, to improve their reputation. If someone has received an email saying this, it was not from WOT. You cannot pay to improve your reputation. If you are a site owner and someone is blackmailing you, contact the police. You can also post the evidence to the WOT forum and we will help you catch those who are responsible.
People who rate a lot of websites are spammers
Some of our most active users volunteer their time researching scams or security issues on the web. As a result, they may end up rating even hundreds of sites per day. Occasionally, we hear complaints that these people are spammers, bots, or even paid to rate websites for whatever nefarious purpose. Sometimes the argument goes that it's simply not possible for a person to rate that many sites, which means they must be doing something evil. Of course, none of that is true.
Probably thousands of websites are created every day for various scams, but luckily there are also people who spend their time warning others. They are able to do this, because we provide them access to tools that allow them to rate and leave comments for more than one website at a time. This way, when they uncover a hundred new websites recently set up for scamming people, they are able to rate all of them.
Note that unlike normal ratings, which are private, ratings left using the mass rating tool are more transparent, because the user is always forced to leave a comment explaining the rating. The comment also has a special icon on the top right corner that helps you distinguish it from normal comments. Despite these differences, it's also important to note that ratings left using the mass rating tool are not considered any more reliable than normal ratings and have no special meaning when the reputation is computed.
Facebook stopped using WOT
In May 2011, Facebook and WOT announced that Facebook will start checking the WOT reputation of links posted to their service and will show an intermediate warning page when a user tries to follow a link to a poorly rated site. Recently, certain groups have started spreading rumors that Facebook has stopped using WOT in an attempt to discredit our service. This isn't true, and there have been no changes in our partnership with Facebook since the initial announcement regarding URL checking.
However, it should be noted that Facebook does use a higher warning threshold than the WOT add-on, which means the warning is shown only for sites that have a very poor reputation with a sufficiently high confidence level. In other words, Facebook doesn't warn about all poorly rated sites. Also, while WOT was the first link checking service Facebook integrated to their website, they have added several others since then, including Websense and SURBL, for example. These services have not replaced WOT, and using multiple link checking services was in Facebook's original plans.
Another variation of this rumor includes a claim that WOT was caught buying Facebook likes and includes a fake quote from Facebook. This is also misinformation. WOT has never bought Facebook likes and doesn't see any reason to do so. In fact, selling Facebook likes is commonly seen as highly unethical and websites doing so usually have a poor reputation at WOT. Most likely this malicious rumor was started by an owner of such a service.
In November 2012, Facebook also added the WOT add-on to their AV Marketplace. “We have been proud partners with Web of Trust for the past year and a half, and are excited to announce a new stage of that partnership to keep our users and their data safe. Not only will Facebook users continue to benefit from WOT's reputation warnings when clicking potentially malicious links but also will be able to download their browser add-on for protection no matter where they are on the web” said Joe Sullivan, Chief Security Officer of Facebook.
