Feeds

Review site furious over McAfee SiteAdvisor 'false alert'

From red alert to red faces

Using blade systems to cut costs and sharpen efficiencies

A UK business had to fight for two weeks to clear its name after falsely being accused of harbouring malware by McAfee's SiteAdvisor service.

SiteAdvisor issued a red alert against software review site tech-pro.net at the start of July. It wrongly claimed the site contained a dangerous download. SiteAdvisor uses a mixture of automated website tests and user feedback to develop its ratings.

McAfee acknowledged that tech-pro.net was clean last Friday and changed its classification. Third party services, such as Yahoo!, incorporate SiteAdvisor warnings in search results. Since Yahoo! SearchScan doesn't always use the latest SiteAdvisor database, it continued to erroneously warm of false positives on tech-pro.net until Wednesday. A McAfee spokeswoman explained this was due to the "time it takes to sync data" between the two services.

It's still unclear why tech-pro.net was issued with a red alert in the first place. A statement from McAfee gives the impression, firmly denied by tech-pro.net, that the initial malign classification was correct.

When Tech Pro highlighted its concerns about the McAfee SiteAdvisor rating, SiteAdvisor ran further tests and it was found that the sites and downloads affiliated with Tech Pro were no longer presenting an issue.

It can now be confirmed that Tech-Pro.net has been given a green rating from SiteAdvisor, indicating that it is a secure site. This can be viewed at http://www.siteadvisor.com/sites/tech-pro.net

SiteAdvisor retests sites on a regular basis, so its automated testers can tell if a site changed its behaviour for better or worse. Anyone disagreeing with the rating of a particular site is invited to notify McAfee of this at www.siteadvisor.com/feedback.html.

If a site can be retested and any previously identified issues can be seen to be resolved, the McAfee SiteAdvisor team will amend the rating to reflect this.

But independent third parties contacted by tech-pro.net straight after the malign classification reported no problems with the site. McAfee's statement finally arrived ten days after El Reg began chasing it for an explanation and bears all the hallmarks of having been written by lawyers, conscious of the need to avoid admitting any problems in case of lawsuits, rather than technicians keen to make safe surfing tools as accurate as possible.

False positives have been a problem for security tools in general for years. SiteAdvisor has been accused of false positives in the case of anti-malware forums in August 2006. To its credit, in that instance, it held its hands up to accidental errors hours after the potential problem emerged.

Julian Moss, managing director of Tech-Pro, has been left bemused and angered by his run-in with SiteAdvisor. He said SiteAdvisor's false positive rating represented a "serious defamation" of Tech-Pro's reputation while giving users a false sense of security. Moss claimed McAfee only dealt with the false classification after he hinted at legal action.

"The big unanswered question is why McAfee are giving websites red danger warnings as a result of false positives, which would be very easy to check for," Moss told El Reg.

"Quite apart from wrongly accusing safe websites like mine as being harmful, they encourage users to believe that sites marked as safe are safe."

Yahoo! SearchScan launched in beta back in May with the claim that "No other search engine today offers you this level of warning before visiting sites". On the evidence of Tech-Pro's experience, these warnings are a bit less than totally reliable. ®

The smart choice: opportunity from uncertainty

More from The Register

next story
NEW, SINISTER web tracking tech fingerprints your computer by making it draw
Have you been on YouPorn lately, perhaps? White House website?
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Black Hat anti-Tor talk smashed by lawyers' wrecking ball
Unmasking hidden users is too hot for Carnegie-Mellon
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.