Gallery

Surf safety survey

Posted on 26 Jul 2006 at 16:28

Davey Winder examines web safety tools, witnesses the demise of a promising anti-spam firm and goes ego surfing

Being both consultant and journalist, I get to read more than my fair share of surveys, and believe me most times it isn't a highpoint of my day. There are, however, always exceptions, and one of them came when the McAfee-sponsored The safety of internet search engines arrived in my mailbox. Covering the period January-April 2006, this innovative project surveyed the five major search engines from the perspective of how safe the website links they deliver are. Quite apart from the headline findings - that MSN clearly returned the lowest percentage of dangerous sites (3.9%) and Ask equally clearly the highest (6.1%) - my interest was piqued by some of the specific figures.

This was because they confirm my suspicion that paid-placement, sponsored results are far more likely to lead to unsafe sites than normal "organic" results - in fact, according to this survey, nearly three times more likely (8.5% compared to 3.1%). This figure will surprise many people, but it just saddens me. After all, the organic results are usually collected and ranked by algorithms without any human involvement (or with very little), so you'd expect them to be riddled with dangerous links. What those figures say are that, despite the detailed editorial and advertorial policies posted by all search services that sell search placement, their results appear to go largely unchecked. For example, a Google advert is more than twice as likely to take you to an unsafe site as an organic Google link, while a sponsored Ask link is nearly four times as risky.

I'm glad this particular survey caught my attention, particularly because it made me more aware of SiteAdvisor (www.siteadvisor.com) itself. Founded in April 2005 by a group of MIT engineers to address the problem of websites that employ social engineering techniques to spread spyware, adware, ID theft, and send spam and unwanted emails, SiteAdvisor was acquired by McAfee exactly one year later. Freely available as an extension for Firefox or Internet Explorer, it puts other anti-phishing toolbars in the shade by the depth of information it provides and the unobtrusive way it presents it.

First, you see a safety button that changes colour like traffic lights to offer an at-a-glance appraisal of the site you're visiting: green means the site has tested without any significant problems; yellow/amber advises caution, as tests revealed some problems like attempting to change your browser defaults or sending lots of non-spam email; red, naturally, warns of a site that has some major issues like downloads that install adware, execution of browser exploits or the sending of lots of spammy email. Click on the safety button and you'll be shown an in-depth report of the test results for that site, with details on everything from the number and nature of emails sent (including subject matter and sender), dangerous downloads available from the site, online affiliations, annoyances like third-party cookies and pop-ups, and finally user-submitted reviews covering everything from malware to bad shopping experiences.

A second string to the Site Advisor bow reveals itself whenever you do a search, or at least when you do it via Google (both .co.uk and .com), Yahoo (.com only), and MSN (.co.uk and .com). Alongside each result appears a traffic light icon using a similar convention to the safety button - green tick, yellow exclamation mark or red cross. You quickly trust these indicators implicitly and no longer bother to follow any link with a warning, as there are always plenty of safe alternatives. If you do need to visit a site flagged as unsafe, hover over the indicator icon and a bubble pops up giving you more detail about the nature of the threat, with a link to a full report if you're still unsure.

Download a year of Davey Winder's Online Security columns by heading to our Free Downloads site