I like StumbleUpon, I think the concept is great and the idea of guided, accidental discovery is a worthwhile journey each time. But I am considering uninstalling it. The reason is: the thing that makes it great I don’t like because of where I might end up. It makes me a nervous wreck!
While this great extension for Firefox and now Internet Explorer is fun and is actually useful. I don’t like the fact that you can end up anywhere and be potentially infected with spy-ware, viruses and other nasties. The only sites and content that are addressed as far as I can tell from both the StumbleUpon Homepage and the Unofficial StumbleUpon FAQ are those of spam and adult content. Although on the Privacy page there is this statement:
“The sites that StumbleUpon recommends are entirely out of our control. As such, StumbleUpon takes no responsibility for them, or their content. These other sites may send their own cookies to users, collect data, or solicit personal information.”
[added emphasis]
There is also this warning in the Terms and Conditions:
“…nor may you use StumbleUpon Toolbar and Website in any manner that could interfere with any other party’s use and enjoyment of StumbleUpon’s recommendation services.”
This is a rather ambiguous statement but might cover the malicious user that might recommend a tainted website, or an ignorant, unaware user that does so unknowingly.
Spam can be reported and I assume is addressed by the admins. Adult content can be filtered out by the users’ personal account settings. In my opinion this does not go far enough. In addition I am sure that the terms of use disclaim any responsibility by the publisher of the software. This is not a criticism rather what I would expect. I am not a lawyer and I am not going to attempt to interpret the user agreement or the terms of use.
What about security in general as well as adult content? I don’t want to be taken to a website that has viruses, worms, spy-ware, ad-ware, cross-scripting vulnerabilities, or any thing else that might cause a disaster on my system. People should know that you no longer need to actually download and run a program that is infected with a virus to get one. Visiting the wrong web-page can cause problems, big ones! That is to say nothing of spy-ware which in my opinion is no different to a virus. I found this out the hard way earlier this year when my home PC was infected with a zero-day virus and I lost everything. The damn thing even wrote itself to the boot sector, very nasty. There is no mention of just how StumbleUpon handles this type of threat, or if in fact users of the extension are at risk at all. I certainly hope that it is not out of ignorance or failing to disclose the threat. As I see it now, it is a very real one.
Perhaps my paranoia is seeded in my virus experience earlier in the year. However a greater reason for it is my use of the McAfee Site Advisor extension. I rely heavily on this extension to let me know if where I am and where I am going is safe and that the files and content on the site is safe. If it is not a green site I don’t go there, period. Sure, I also use a good dose of common sense as well but the safe site extension is excellent peace of mind and so far has not let me down at all. I see it as an essential part of “safe-surfing” for any user. I don’t go to sites that I think have high risk content (regardless of the site advisor status), such as warez sites. It is not a risk I am willing to take and it is a pain in the arse building the PC again!
So I had a thought, why not make it an integrated option in the StumbleUpon Extension? For those users of StumbleUpon that also use Site Advisor; have an option for StumbleUpon to only take you to identified green sites. Theoretically this would be possible and Firefox is a relatively easy platform to modify in this regard due to it’s open source nature. I am sure it is a bigger ask for Internet Explorer. But that said I think it is a good idea. It sure would make me feel a lot better about using the application. Plus if adult content can be filtered then so can sites that are not green in Site Advisor.
If that would not be possible I would like to know how StumbleUpon handle the security issue and what measures they have in place to protect users. Should they make a website that is a risk to users available as a “stumble” then potentially they could have a legal issue on their hands as they may be accused of delivering viruses or spy-ware to their user base. Albeit unintentionally, it would still be an interesting test of the terms of use. The screen-shot shown may also be regarded as miss-leading if this were or has happen. In all honesty though I am sure this refers to the extension and toolbar itself not where you are taken by it.
If the idea of the extension being incorporated into the Site Advisor extension it would make me a far more willing user and I would feel better using it knowing that I was safe to do so. As far as uninstalling it I am still undecided.
Rooster's Rail 