Whats wrong with SiteAdvisor?

What is wrong with SiteAdvisor?

For those of you that are not familiar with McAfee SiteAdvisor, they are an online service that classifies websites into green, yellow and red safety categories. The green classification indicates a site with "very low or no risk", yellow represents "minor risks" and the red flag warn users of "serious risks" associated with the site. The service can be accessed via their website (siteadvisor.com) and is widely distributed as toolbar version for Internet Explorer and Firefox, providing on-the-fly site classifications as you browse the web.

There has been widespread criticism for false positives/negatives and the limited, slow or non existing efforts of McAfee to address complaints from site owners.[read Wikipedia article]

We have been flagged "red" or "yellow" for several times in the past, but were able to get this rating corrected, although it took weeks or months to change our status back to "green".

As you may have noticed, we are back to "yellow" again and the time has come to publicly address this false and unfair classification, since it has the potential to cause some of our visitors to avoid snapfiles.com.

How does SiteAdvisor work?

As far as downloads are concerned (they also check for browser exploits, popups, spam etc.) McAfee claims to download all the files that it finds on a site and then tests them for malware. In their own words:

"We download and install each file we find – we even open zip files. We then scan our test computer to see what changes have been made. If a program is determined to be a virus, Trojan, or certain other types of malware, that program will earn a red rating."

Sounds great, in theory, and if these ratings were fair and consistent, the service could be quite useful. Unfortunately however, the McAfee SiteAdvisor ratings are far from being fair and even further from being consistent. In fact, one could argue that due to the large number of false and misleading results, the service has become a potential danger to those who rely on the results.

McAfee SiteAdvisor has (once again) decided to mark Snapfiles.com with a "yellow" flag, thereby warning users of minor risks associated with our site.
Let's take a look at the table below to see how McAfee SiteAdvisor ranks our competition:

Site Red Flags Yellow FlagsNumber of files tested% of files with warningsNegative user reviewsSiteAdvisor Rating
Download.com 13 13 396 6.57% 247 green
PCWorld 16 5 514 4.09% 26 green
Brothersoft 127 289 11593 3.59% 145 green
Softpedia 113 127 13164 1.82% 99 green
BetaNews 4 19 547 3.84% 8 green
Tucows.com 10 29 1398 2.79% 59 green
Snapfiles.com 1 3 229 1.75% 7 yellow
Results based on SiteAdvisor reports as of January 1, 2010

I guess we should thank SiteAdvisor for proving the fact that we are the safest choice among these sites! According to their results, Snapfiles.com has the lowest number of risk files, the lowest percentage of risk files and the lowest number of negative reviews.

But wait..., why are we marked as "yellow" then?

Hmm, makes no sense, does it? Even the most critical observer can see that there is something seriously wrong with the way that McAfee SiteAdvisor assigns their site ratings.

How can sites with dozens or even hundreds of red/yellow files be marked "green" and a site with only 4 of these files be marked "yellow"? It doesn't take a rocket scientist to see that the system is, at best, "seriously flawed".

What are those 4 files that were flagged on our site?

siteadvisor report

mailpv_setup.exe (Mail PassView)
This is a popular password recovery tool from nirsoft.net. The program can be used to recover forgotten passwords that are stored in your email program.
According to SiteAdvisor, the site of the developer that publishes this software is rated green green. We are linking to the same file and get a "yellow" rating?

passwordfox.zip (PasswordFox)
This is a another popular password recovery tool from nirsoft.net. The program can be used to recover forgotten passwords that are stored in the Firefox browser.
According to SiteAdvisor, the site of the developer that publishes this software is rated green green. Again, we are linking to the same file and get a "yellow" rating???

Setup.exe (Windows Essentials Codec Pack)
This is a popular Open Source collection of audio and video codecs. SiteAdvisor classifies it as PUP (Potentially Unwanted Program), the only explanation given is that it installs a shortcut to Windows Media Player Classic green on your desktop, which is a legitimate part of the installation package.
Windows Essentials Codec Pack does not install any promotional toolbars or the like.

freeyoutubeuploader.exe (Free YouTube Uploader)
This software is no longer listed with us. It was at some point, but we removed it due to the fact that it installed a toolbar, even though the user selected not to. SiteAdvisor could not have known this though, since they claim that the software installs the "Ask" toolbar, which it does not, it installs a "Conduit" toolbar. (The developer has since fixed the installer and it no longer installs the toolbar without authorization.)

Did somebody say "toolbar"?

McAfee SiteAdvisor appears to be sensitive to most toolbar installations. The Yahoo! toolbar seems to be the only exception, it also happens to be the toolbar that the McAfee SiteAdvisor software installs on your computer, in addition to changing your default search provider to Yahoo!.

Oddly enough, McAfee seems to have missed this fact when they scanned their own site, because the scan results for siteadvisor.com do not mention any toolbar installation at all!
siteadvisor
In fact, the only file that they have listed for their own site is an old version of SiteAdvisor from 2007 (v.2.4.0), which does not install any toolbar, but is also no longer offered from their site.

All recent versions of McAfee SiteAdvisor install a Yahoo! toolbar AND change your browser's search settings (as you can see here), but for some reason these files, bundled with the Yahoo! toolbar, are not included in their scan results.

The only file that McAfee SiteAdvisor has found on their very own siteadvisor.com website is almost 3 years old! McAfee distributes the actual files from sadownload.mcafee.com, but here too, you will only find the old 2.x toolbar-free versions in the scan results.

Does McAfee not possess the technology to properly scan their own sites? We doubt that. They seem to have no problems with finding toolbar bundles from other brands, such as Ask or Google for example, so why are they unable to find the toolbar bundles on their own servers?

Posted by Renegade Raven at 1/10/2010 11:34 PM
Categories: Thoughts
Tags: Mcafee SiteAdvisor
 

What did you think of this article?




Trackbacks
Trackback specific URL for this post
  • No trackbacks exist for this post.
Comments
Display comments as (Linear | Threaded)

Leave a comment

 Enter the above security code (required)

 Name

 Email (will not be published)

 Website

Your comment is 0 characters limited to 3000 characters.