| Finding Trustworthy Sites with SiteAdvisor |
|
| Tuesday, 10 January 2006 | |
|
It seems that whenever a new security advisory is posted, we're told an attacker would have to persuade us to visit a web site to be exposed to malware or some other danger. That's a true statement, but there are a lot of other ways we can get duped into visiting malicious sites. One tool that can help in your decision making is McAfee's SiteAdvisor. It's a free browser add-on that does a lot of the safety analysis for you so you can avoid these unsafe web sites.
I'll be the first to admit that not everyone employs safe surfing habits. However, the folks who devise scams do a good job of using social engineering and other tactics to steer people to sites. I recall a year ago I was listening to music with Yahoo! Messenger. A particular song came on and I used the feature to look up the lyrics. I clicked the wrong lyrics site. Even with a firewall and spyware scanner, I still had to clean crud out of my Windows registry. I don't recall which lyrics site I visited, but today there is a tool that can help me make a better decision and steer me away from problem websites. The tool is called SiteAdvisor and is a plug-in for either Microsoft Internet Explorer or Mozilla Firefox. I first read about the tool in an article Ben Edelman wrote called, Deciding Who To Trust. SiteAdvisor Color Codes your Search Results
The reason I like the tool is because it helps me evaluate sites I don't know. Am I about to visit a safe web site? This is often the case when you're doing research and jumping from one site to another from a search engine results page. For example, if I were to use Google to search for similar song lyrics as I did a year ago, SiteAdvisor would supplement my search engine results with icons.  Each of the search results displays an icon to the right of the title indicating how SiteAdvisor evaluated the site. A site can either be untested or fall into one of three color coded classifications:
If I place my cursor over the icon, I get an information bubble that offers some quick stats. SiteAdvisor has gathered these stats using an army of web crawlers, virtual machines and one-time email addresses. They analyze and quantify many items ranging from the outbound links in the site to the frequency and types of email received. The data is not real-time, but you can get a sense of when they checked the site based on some of the emails. I think showing the date they last scanned the site would be useful.  Getting More Site Details from the SiteAdvisor WebsiteIn most cases, I like to see additional information. Each site has a summary page that can include comments from users as well as the site owner. If you click the more link, you'll get a full page of information. One section I found interesting was the associations between sites. In the example of this lyric site, they had outbound links to sites that were also classified as red. The same color-coding applies in the link analysis.  I can't be certain if any of these sites were the one that caused me havoc last year. I can say there were enough search engine results with green check marks that I could use first. The toolbar can also assist when you're just browsing a web page. Keep in mind the best time to use the tool is before you visit a site. If there is an exploit that is triggered just by viewing a page without clicking a link, you're too late. SiteAdvisor may properly identify the site once you're there, but it can't prevent the exploit. The best choice would be to click the View Site details option on the toolbar menu and enter in the URL of the site you plan to visit.  The tool works in the same fashion on each browser. The SiteAdvisor button changes color based on the site you're viewing. The main difference is Internet Explorer displays SiteAdvisor at the top whereas it's on the bottom in Firefox. In the screen snap below, I went to www.google.com and opted to see the site summary. This summary provides a good example of email you might receive from Google and the types of files available for download. They also listed a customer service number for Google.  I've been pleased with the results I've seen. Initially, I was concerned the tool would slow down my browser, as it needs to send the URLs back to the SiteAdvisor database to get the data. I've not noticed any slowness with Firefox or Internet Explorer. I did notice on certain forms in Internet Explorer there would be an outline around the fields, bit it was a cosmetic issue. I think there is a definite need for a safety screening tool like SiteAdvisor. The program won't prevent exploits, but can provide essential information on a site to assist you. It's still up to you to decide whether you want to go to the site. I don't think the search engines can evaluate sites in the same manner. Editor's note: This content originally appeared in a story on the Windows WMF exploit on December 30th, 2005. We archived that article on January 11th,2006 after Microsoft released a patch. However, we felt that this information was still valuable to our readers and created a separate article. McAfee purchased the company in April 2006. URL: www.siteadvisor.com
|
|
| Last Updated ( Sunday, 06 May 2007 ) |
