In response to PC Mag...
Posted by Hannah Rosenbaum on August 18, 2006 04:30 PM
In response to PC Mag's recent review of McAfee Total Protection, we'd like to address some of Neil Rubenking's comments regarding McAfee SiteAdvisor. We respect Neil as a disciplined and thorough software reviewer and reporter. As such, we have been proud of his previous positive review of SiteAdvisor and his advocacy of SiteAdvisor as a PC Mag Staff pick. Neil continues to support SiteAdvisor; in an e-mail to us today he said: "I recommend SiteAdvisor - I run it on my own systems." But a few statements from today's review require some clarification as they primarily reflect differences in philosophy rather than potential program flaws.
Neil checked McAfee SiteAdvisor's rating for 28 sites he deems to be malicious: eight keyloggers, four rogue anti-spyware sites, and 16 spyware sites. Of the 28 sites, he notes that only 11 of them are rated red by SiteAdvisor: the four rogues and eight of the spyware sites (that's 12 by our count).
We'd like to address the other 17:
SiteAdvisor has chosen not to rate commercial keyloggers red. We believe users don't need to be warned about downloads that are clearly marked as keyloggers and are downloaded for that explicit purpose. For example, users do not need to be warned when they are actively looking for monitoring programs from sites like Spectorsoft.com. Spectorsoft.com is even a PC Magazine editor's choice, so it's rather ironic that PC Mag would criticize SiteAdvisor for giving a green rating to a site that they actively recommend to consumers.
Spyware scanners, on the other hand, should detect and flag keylogging programs in case users are unaware of their existence on their PCs. SiteAdvisor warns users about unwanted programs that "sneak" onto users' computers. Therefore, by our philosophy, Neil's eight keyloggers should not be red.
Of the sixteen spyware sites Neil tested, eight were marked red by SiteAdvisor, one was yellow, six were grey, and one was green. A yellow icon encourages users to exercise caution, but implies less severe security problems than a red icon - this is just a matter of degree. A grey icon simply means that a site has not yet been tested. There will always be some sites that are bots are yet to crawl, but rather than rate them green by default, SiteAdvisor clearly lets users know that these sites are still unrated. Neil makes a valid point in calling out the grey sites, although the existence of grey sites has generally not been a source of concern voiced by SiteAdvisor users. The green rated site here is perhaps the only misrated site. Since we were not provided with the specific list of sites Neil used in his tests, we can't adequately address this discrepancy. Even if we give him the benefit of the doubt, one misrated site is a far cry from the 17 that are implicated in Neil's article.
We realize that there will always be differences of opinion when judging Web site safety. This is why McAfee SiteAdvisor's ratings are backed by publicly available data on our site report pages which are further enhanced by user and Web site owner comments. We welcome the debate. We'll admit when we're wrong, but we also stand by our ratings and philosophy.
Comments
I can see how commercial keylogger websites can be rated green. It's all about full disclosure.
I do think, however, that SiteAdvisor reviewers comments should have a little bit more weight on a site's rating. For instance, tribalfusion.com I believe is rated yellow, despite there only being red reviews by the SA community.
Also, I believe that more ad networks should at least be rated yellow. It suprises me that so many of the major ad networs are rated green with SA, even though the ads they show on 3rd party pages are sometimes dangerous.
BMR777
Posted by: Brandon Rusnak | August 18, 2006 04:59 PM
I have recently seen several sites start as grey (untested), then turn green (ok) - and then turn back to grey. That doesn't look like a question of shifting opinions, but more like an error. Can anyone explain this..?
PS: My own site has also returned to grey, if you want an example...
Posted by: Mads Dam | August 18, 2006 09:59 PM
Ok. Finally a company with enough clout comes up with something that can help us safely navigate the crazy conglomeration of websites out there. Way to go McAfee.
Posted by: Shawn | August 20, 2006 09:14 AM
Can you please tell me if the siteadvisor program for IE has auotmatic updates like FireFox browser? If so, can this be achieved without unintsalling the current version to install the new one?
Posted by: B | August 21, 2006 01:35 PM
Error message pops up saying certificate is for dss2 and connection is to dss1, Cannot find any place to address problems, This was a typical problem with McAfee in the late 90's. No problems reported because no place to report problems!
Posted by: T | August 26, 2006 01:24 PM
I agree with Brandon, mostly. I also tend to side a bit more with Mr. Rubenking than does this response.
The "total disclosure" thing only goes so far.
The main reason I am here is to help make the net a better place for kids. I don't believe that it should be dragged to the lowest common denominator, but there needs to be some sort of awareness that not every surfer is an adult (who can even read some of the words).
Perhaps we should look for an entry screen, as is apparently the case for sexually explicit sites. A short, easy-to-read message which says something like "this site utilizes keylogging software, which if used incorrectly can make your computer vulnerable to attacks." Then perhaps a label above a big green button: "If you are at least 18 years old and understand these risks, enter our site here."
These keyloggers worry me a great deal. Identity theft is not a small thing anymore.
Posted by: Vagabundus | September 2, 2006 12:26 AM
SiteAdvisor looks useful, but will it function with AOL 9.0?
I believe AOL uses IE in some way.
Posted by: Dave Munroe | September 6, 2006 08:07 PM
I think SiteAdvisor's results leave much to be desired. They flag a site as red because it links to another site flagged as red. Then, if you do a google search to see who also links to that site, many of them are listed green. The details pages say "Most of this site's links are to sites which are safe or which have only minor safety/annoyance issues." Interesting that most of these green marks are for sites of large corporations or educational institutions. Seems that money talks.
Posted by: Dan Johnson | October 14, 2006 03:03 PM
Yes I agree with above review, Site Advisor is always useful for me.
Posted by: Amy | October 15, 2006 03:50 PM