Feeds

Review site furious over McAfee SiteAdvisor 'false alert'

From red alert to red faces

Intelligent flash storage arrays

A UK business had to fight for two weeks to clear its name after falsely being accused of harbouring malware by McAfee's SiteAdvisor service.

SiteAdvisor issued a red alert against software review site tech-pro.net at the start of July. It wrongly claimed the site contained a dangerous download. SiteAdvisor uses a mixture of automated website tests and user feedback to develop its ratings.

McAfee acknowledged that tech-pro.net was clean last Friday and changed its classification. Third party services, such as Yahoo!, incorporate SiteAdvisor warnings in search results. Since Yahoo! SearchScan doesn't always use the latest SiteAdvisor database, it continued to erroneously warm of false positives on tech-pro.net until Wednesday. A McAfee spokeswoman explained this was due to the "time it takes to sync data" between the two services.

It's still unclear why tech-pro.net was issued with a red alert in the first place. A statement from McAfee gives the impression, firmly denied by tech-pro.net, that the initial malign classification was correct.

When Tech Pro highlighted its concerns about the McAfee SiteAdvisor rating, SiteAdvisor ran further tests and it was found that the sites and downloads affiliated with Tech Pro were no longer presenting an issue.

It can now be confirmed that Tech-Pro.net has been given a green rating from SiteAdvisor, indicating that it is a secure site. This can be viewed at http://www.siteadvisor.com/sites/tech-pro.net

SiteAdvisor retests sites on a regular basis, so its automated testers can tell if a site changed its behaviour for better or worse. Anyone disagreeing with the rating of a particular site is invited to notify McAfee of this at www.siteadvisor.com/feedback.html.

If a site can be retested and any previously identified issues can be seen to be resolved, the McAfee SiteAdvisor team will amend the rating to reflect this.

But independent third parties contacted by tech-pro.net straight after the malign classification reported no problems with the site. McAfee's statement finally arrived ten days after El Reg began chasing it for an explanation and bears all the hallmarks of having been written by lawyers, conscious of the need to avoid admitting any problems in case of lawsuits, rather than technicians keen to make safe surfing tools as accurate as possible.

False positives have been a problem for security tools in general for years. SiteAdvisor has been accused of false positives in the case of anti-malware forums in August 2006. To its credit, in that instance, it held its hands up to accidental errors hours after the potential problem emerged.

Julian Moss, managing director of Tech-Pro, has been left bemused and angered by his run-in with SiteAdvisor. He said SiteAdvisor's false positive rating represented a "serious defamation" of Tech-Pro's reputation while giving users a false sense of security. Moss claimed McAfee only dealt with the false classification after he hinted at legal action.

"The big unanswered question is why McAfee are giving websites red danger warnings as a result of false positives, which would be very easy to check for," Moss told El Reg.

"Quite apart from wrongly accusing safe websites like mine as being harmful, they encourage users to believe that sites marked as safe are safe."

Yahoo! SearchScan launched in beta back in May with the claim that "No other search engine today offers you this level of warning before visiting sites". On the evidence of Tech-Pro's experience, these warnings are a bit less than totally reliable. ®

Intelligent flash storage arrays

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Attack reveals 81 percent of Tor users but admins call for calm
Cisco Netflow a handy tool for cheapskate attackers
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.