Feeds

Review site furious over McAfee SiteAdvisor 'false alert'

From red alert to red faces

The Power of One eBook: Top reasons to choose HP BladeSystem

A UK business had to fight for two weeks to clear its name after falsely being accused of harbouring malware by McAfee's SiteAdvisor service.

SiteAdvisor issued a red alert against software review site tech-pro.net at the start of July. It wrongly claimed the site contained a dangerous download. SiteAdvisor uses a mixture of automated website tests and user feedback to develop its ratings.

McAfee acknowledged that tech-pro.net was clean last Friday and changed its classification. Third party services, such as Yahoo!, incorporate SiteAdvisor warnings in search results. Since Yahoo! SearchScan doesn't always use the latest SiteAdvisor database, it continued to erroneously warm of false positives on tech-pro.net until Wednesday. A McAfee spokeswoman explained this was due to the "time it takes to sync data" between the two services.

It's still unclear why tech-pro.net was issued with a red alert in the first place. A statement from McAfee gives the impression, firmly denied by tech-pro.net, that the initial malign classification was correct.

When Tech Pro highlighted its concerns about the McAfee SiteAdvisor rating, SiteAdvisor ran further tests and it was found that the sites and downloads affiliated with Tech Pro were no longer presenting an issue.

It can now be confirmed that Tech-Pro.net has been given a green rating from SiteAdvisor, indicating that it is a secure site. This can be viewed at http://www.siteadvisor.com/sites/tech-pro.net

SiteAdvisor retests sites on a regular basis, so its automated testers can tell if a site changed its behaviour for better or worse. Anyone disagreeing with the rating of a particular site is invited to notify McAfee of this at www.siteadvisor.com/feedback.html.

If a site can be retested and any previously identified issues can be seen to be resolved, the McAfee SiteAdvisor team will amend the rating to reflect this.

But independent third parties contacted by tech-pro.net straight after the malign classification reported no problems with the site. McAfee's statement finally arrived ten days after El Reg began chasing it for an explanation and bears all the hallmarks of having been written by lawyers, conscious of the need to avoid admitting any problems in case of lawsuits, rather than technicians keen to make safe surfing tools as accurate as possible.

False positives have been a problem for security tools in general for years. SiteAdvisor has been accused of false positives in the case of anti-malware forums in August 2006. To its credit, in that instance, it held its hands up to accidental errors hours after the potential problem emerged.

Julian Moss, managing director of Tech-Pro, has been left bemused and angered by his run-in with SiteAdvisor. He said SiteAdvisor's false positive rating represented a "serious defamation" of Tech-Pro's reputation while giving users a false sense of security. Moss claimed McAfee only dealt with the false classification after he hinted at legal action.

"The big unanswered question is why McAfee are giving websites red danger warnings as a result of false positives, which would be very easy to check for," Moss told El Reg.

"Quite apart from wrongly accusing safe websites like mine as being harmful, they encourage users to believe that sites marked as safe are safe."

Yahoo! SearchScan launched in beta back in May with the claim that "No other search engine today offers you this level of warning before visiting sites". On the evidence of Tech-Pro's experience, these warnings are a bit less than totally reliable. ®

Designing a Defense for Mobile Applications

More from The Register

next story
DARPA-derived secure microkernel goes open source tomorrow
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Don't look, Snowden: Security biz chases Tails with zero-day flaws alert
Exodus vows not to sell secrets of whistleblower's favorite OS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
prev story

Whitepapers

Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.