Mar 07 21

StumbleUpon is great but ban it immediately

Posted by Munir Kotadia @ 15:53 20 comments

StumbleUpon is one of most interesting and addictive new tools on the Web but administrators should immediately ban its use at work.

A few weeks ago I was told by one of my non-technical friends about a great new way to waste time at work -- a browser add-on called StumbleUpon.

It is kind of like having iTunes shuffle the Internet but instead of picking random pages, it only directs you to places that other members of StumbleUpon have said they really like.

When it directs you to a page, you have the option to say whether you like or dislike it. The more StumbleUpon is used, the better idea it has of the types of Web pages you will like. Also, it is able to tell you which other members of the StumbleUpon community have the same taste and interests as you. It could be looked at as a grown up, sophisticated MySpace.

Within a week of signing up, it is now the first place I go for entertainment. Suddenly there is no need to look through hundreds of boring Web pages in order to find a gem. No longer do I have to know what I want and then search for it. Instead I can just hit the random StumbleUpon button and be whisked away to a place that has been pre-selected -- by people with the same interests and tastes as me -- as something that stands out from the norm.

I remember when I first used Google. At the time it was still being run from a garage in Silicon Valley. However, it was revolutionary because it was the first time that Internet search actually worked. Using StumbleUpon gives me the same feeling.

So I love StumbleUpon and think it will grow into something huge. But this is not a good thing for both administrators and management.

For a start, because StumbleUpon is so good at picking interesting and fun pages, it is a massive distraction and highly addictive. Losses in productivity could easily cost more than a huge virus infection.

Secondly, there doesn't seem to be any protection from pages that are infected with a Trojan. So each time you hit the StumbleUpon button is kind of like playing Russian roulette with your security.

Talkback 20 comments

Try NoScript Anonymous -- 21/03/07

I love stumbleupon.

"Secondly, there doesn't seem to be any protection from pages that are infected with a Trojan."

True, which is why in Firefox I use an extension called "NoScript." This extension turns off scripts by default, allowing the user to enable them on pages they trust (scripts can be permanently or temporarily enabled with a click or two) but still see pages they don't trust. You can also shut off flash animations, etc.

I don't know if this would protect against ALL malicious code embedded in webpages, but it's an extra line of defense. Of course, I use Linux, partly because it's less vulnerable to malware (and partly because Ubuntu is so pretty/user-friendly with that spiffy new Beryl window manager!).
1. Yep! sam noony -- 28/04/07
  
  And flash block is a must have tool. In fact I think mozilla should just add no script and flash block by default.
  - Reply to comment
  - Report offensive content
I stumbled onto this page!! Anonymous -- 21/03/07

Maybe in a couple of years people won't surf the web -- they�ll stuble on it.
Sumbleupon Article Anonymous -- 21/03/07

I kid you not. I used stumbleupon to find this article. I bet they think they are soooo clever. Ok it s a little clever.
Do research before writing article. Orun -- 21/03/07

I was with you until your last two paragraphs.

Virus infection? Russian roulette with your browser?
I'm sure you see why these are silly phrases to use as a technical person. Id your corporate environment is even decently protected, you don't have to worry about these things very much.

Just as Stumbleupon can take you to a dangerous site, so can Google, despite all its anti-phishing precautions. If you're paranoid about this, just install an extension that warns you of these things.

As for Stumbleupon existing purely for entertainment purposes- have you ever tried using SU Search?
Sure it can use a tweak or two in the usability department, but it helps me with my research- a lot.
Responses from the SU community Anonymous -- 22/03/07

Check out

http://www.stumbleupon.com/url/www.zdnet.com.au/
blogs/securifythis/soa/StumbleUpon_is_great_but_ban_it_immediately/
0,139033343,339274388,00.htm

for comments from stumblers.
Stumbleupon. Jimmy Carr. -- 22/03/07

Best site on the net.
But you have a point about security.
Suggest to use free McAfee site advisor as well.
KIMSS Rio -- 22/03/07

Keep Your Mouth Shut Stupid!!!!!!!!!!!!!!!!!!!!!!1
In russian roulett, if you load every chamber, everybody wins! Anonymous -- 22/03/07

In russian roulett, if you load every chamber, everybody wins!
StumbleUpon is great but ban it immediately Wolf -- 22/03/07

A great way of securifying StumbleUpon is by installing

<a href="https://addons.mozilla.org/firefox/722/">NoScript</a>

and

<a href="https://addons.mozilla.org/firefox/3456/">WOT</a>

I've been stumbling for 2 years now and I ain't seen a bug on my old PC yet.
i love to stumble too Anonymous -- 22/03/07

its ggrreaatt
Stumbleupon Jordan -- 23/03/07

Ok looks whose writing the article talk about a space cadet. Secondly, look at the article. It is all of a paragraph and a half of no content and gives no proof to back up the statement. If this guy is a senior writer, then zdnet needs to reevaluate who it hires.
Why worry? Anonymous -- 27/03/07

If you use Sandboxie to run your browser through, you can stumble anywhere and even deliberately download the worst malware with impunity.

http://www.sandboxie.com/

Bufferzone,Geswall,Greenborder,Defensewall,PowerShadow are some other apps that can take the worry out of surfing.
Stumbleupon great idea but dangerous Anonymous -- 30/03/07

As soon as I noticed that Stumbleupon added the entry *.stumbleupon.com to my Trusted Sites list, I un-installed it immediately. I will check out the suggestions by other users on how to protect yourself while using Stumbleupon, but I think that if SU was responsible it would have already developed a safeguard.
More FUD? Cybergrunt -- 02/04/07

I'm a sysad and I honestly think the the two reasons you give in this article are pretty weak. I mean, honestly, any search engine can take you to an unsecured site and, as for loss in productivity, I've seen people waste time staring at their blank screen rather than work so I hardly think this is going to bring down the global economy. Saying something is going to do something doesn't make it so and I think this is going to be labeled as more Fear Uncertainty and Doubt.
I stumbled onto this page. It can be a good thing. Chris Miller -- 03/04/07

You are able to select which categories you stumble into and among the fun, distracting sites, I often find a good deal of sites pertaining to various web techniques (my industry) which in turn help my business.

I am from the UK, without StumbleUpon there would be no reason for me to even look at an Australian site. I am not advocating StumbleUpon but be careful with blindly using a blanket ban approach before you have weighed up the adv/disadv.
lol Anonymous -- 11/04/07

i stumbled upon this article while killing time at work. feel like someone is watching me.
Might as well ban search engines as well then ! Naruwan -- 14/04/07

You're no more likely to get a Trojan using SU than using a search engine and clicking on a link. It doesn't sound like the writer really
thought this through very well.
sites mess with browser sometimes Anonymous -- 24/08/07

I like stumble upon. A few times I have hit a site that did weird things to Firefox. Like a pair of men in the window pushing out on the walls of my collapsing Firefox. This is funny and definitely extremely high level programming. Also obviously messing with my computer.

I miss it on my clean install of Ubuntu Feisty. Guess I'll think about it a while longer. Hmmmmm
THUMB HIM DOWN Victor Thumbs You Down -- 18/01/08

I just gave you a thumbs down, Sir!

Munir Kotadia

Producer

Securify This! by Munir Kotadia

StumbleUpon is great but ban it immediately

Talkback 20 comments

Try NoScript Anonymous -- 21/03/07

Yep! sam noony -- 28/04/07

I stumbled onto this page!! Anonymous -- 21/03/07

Sumbleupon Article Anonymous -- 21/03/07

Do research before writing article. Orun -- 21/03/07

Responses from the SU community Anonymous -- 22/03/07

Stumbleupon. Jimmy Carr. -- 22/03/07

KIMSS Rio -- 22/03/07

In russian roulett, if you load every chamber, everybody wins! Anonymous -- 22/03/07