Just heard about this product- VERY Cool program...slows down browsing a tiny bit because it has to load the red/green alert icons but not very much. It's still in testing, but seems to work well.

Check it out! http://www.siteadvisor.com/preview/ . Its called SiteAdvisor, and it's a plugin for firefox, IE, and opera. It displays warnings of different sites that you see on search engines and that you go to; green is safe, yellow is "be cautious" and red is "dangerous". This can help protect everyone against spam, phising, and malware in all forms, its VERY cool, and Ben Endelman even wrote an article about it and joined the SiteAdvisor team, he is excited by it. I am interested in reporting bad sites and researching how spyware infects people, so this is very exciting to me as well. This is So cool! It uses bots to crawl the web looking for spam, phising, and malware sites and updates its database, which is free under the creative commons license which means the URLs listed there, once they get the database up, can be used for spyware research and put into blocklists and things....very very cool!! Try it out!!

thanx for the heads-up
looks pretty interesting :)

trying it now... It gives a Google search of things a Green Tick or a Red X in the results listings so you can avoid the sites.

Looks good sooo far. but I like trying new extensions in Fx.

TAS

PS Wilders gets a GREEN alert :dry: lol

and I have not noticed any delays in surfing yet, appears to be the same to me. :-\

Hi,
I did not like the fact you cannot download the xpi for firefox. You must install it. Plus Proxomitron warned of some javascript thingies on that site and removed them. 1 + 1 = 42. I want the xpi! This thing don't get installed by itself...
Mrk

-{ Quote: "

PS Wilders gets a GREEN alert :dry: lol
:-\" }-

Kind of misleading, since occasionally people post links to trojans and "rootkits" while pretending that they are security products. :)

pretty cool, i hope they pulls through to be sucessful.

thanx for tellin, this is what i was looking for a long!

~~removed~~ (save as)

Just wondering if anyone has used the siteadvisor extension plugin for firefox?.Ive just installed it and initial thoughts ,are that it seems ok.Anyone else used it or has any info about it?.Ive attached a pic to show what it does.
http://www.freewarefiles.com/program_9_206_17784.html

can someone post a picture of waht it looks like in internet explorer?

-{ Quote: "Hi,
I did not like the fact you cannot download the xpi for firefox. You must install it. Plus Proxomitron warned of some javascript thingies on that site and removed them. 1 + 1 = 42. I want the xpi! This thing don't get installed by itself...
Mrk" }-
when u get the prompt to install it just highlight and copy (ctrl + c) the entire url and paste it into internet explorer or a download manager to download but i do agree with ur initial point.

179396

-{ Quote: "can someone post a picture of waht it looks like in internet explorer?" }-

179397

-{ Quote: "Just heard about this product- VERY Cool program...slows down browsing a tiny bit because it has to load the red/green alert icons but not very much. It's still in testing, but seems to work well.

Check it out! http://www.siteadvisor.com/preview/ . Its called SiteAdvisor, and it's a plugin for firefox, IE, and opera. It displays warnings of different sites that you see on search engines and that you go to; green is safe, yellow is "be cautious" and red is "dangerous". This can help protect everyone against spam, phising, and malware in all forms, its VERY cool, and Ben Endelman even wrote an article about it and joined the SiteAdvisor team, he is excited by it. I am interested in reporting bad sites and researching how spyware infects people, so this is very exciting to me as well. This is So cool! It uses bots to crawl the web looking for spam, phising, and malware sites and updates its database, which is free under the creative commons license which means the URLs listed there, once they get the database up, can be used for spyware research and put into blocklists and things....very very cool!! Try it out!!" }-



-{ Quote: "it's a plugin for firefox, IE, and opera." }-

Hi,
This is a program I've been looking for ALL MY Internet-Life !! :D

Got it installed on IE.
Just...where on that site is a download button for Opera please ??

Thanx. :)

Ok . Hell has frozen over . Nat has stepped out of ten forward . WOW !

-{ Quote: "Hi,
This is a program I've been looking for ALL MY Internet-Life !!

Got it installed on IE.
Just...where on that site is a download button for Opera please ??

Thanx. " }-
currently theres only support for IE and firefox but im sure there working on opera support. if u wish u can ask them (http://www.siteadvisor.com/aboutpage/faq.html#15) politely to add support or ask how their progress is.
-{ Quote: "Ok . Hell has frozen over . Nat has stepped out of ten forward . WOW !" }-
http://img116.exs.cx/img116/1231/z7shysterical.gif http://img116.exs.cx/img116/1231/z7shysterical.gif http://img116.exs.cx/img116/1231/z7shysterical.gif

-{ Quote: "currently theres only support for IE and firefox but im sure there working on opera support. if u wish u can ask them (http://www.siteadvisor.com/aboutpage/faq.html#15) politely to add support or ask how their progress is.

lol" }-


Thank You, WSFuser, ;)

I really hope they will support Opera soon.
Meanwhile I'll politely ask them about it. ;) :)

-{ Quote: "Ok . Hell has frozen over . Nat has stepped out of ten forward . WOW !" }-

You are very funny, hollywoodpc. ;D

Why don't you just loosen up and have a play with me "downstairs" ~ in the basement, hm ? ;) ;D

;) ;) 8)
Thank you for the invite . I just might

-{ Quote: ";) ;) 8)
Thank you for the invite . I just might" }-


*waiting* ....

You know..we could use another 4-word game player or so! ;)

I just read about SiteAdvisor (http://www.siteadvisor.com) on Benjamin Edelman's site (http://www.benedelman.org/).

Here is a blurb from the article (http://www.benedelman.org/news/121905-1.html):
-{ Quote: "I've been excited about SiteAdvisor -- about their product, their technology, and (most importantly) their ability to help users with a serious problem -- ever since I learned about the company. I'm so impressed that I agreed to join the company's advisory board. I'm not involved in day-to-day operations, so specific suggestions are best sent to SiteAdvisor staff, not to me. That said, my relationship with SiteAdvisor is likely to be longer and deeper than my typical consulting gigs, reflecting the seriousness of my commitment to SiteAdvisor." }-

Having Ben Edelman on their advisory board should mean that this product can be taken seriously.

Hi,

Just wondering if it's normal for Prevx to keep popping up demanding attention for this:
Is SiteAdvisor updating its program by any chance ?
I can't find any info on that.



http://img44.imageshack.us/img44/3900/siteadmwsnap0268uy.jpg


Also...should I allow or deny ?? ~ I just don't know, lol.

since the file its trying read contains teh word "setup" then i think it is an update.

-{ Quote: "since the file its trying read contains teh word "setup" then i think it is an update." }-

OK ~ good! Thanx WSF. :)

Funny that nobody else is noticing any update ??

Oh well...somebody has to be 'first', right ? :P

It seems to work : all SiteAdvisor websites had a green mark, which is logical,
although some of them had a yellow mark, which is confusing. ;D

-{ Quote: "It seems to work : all SiteAdvisor websites had a green mark, which is logical,
although some of them had a yellow mark, which is confusing. ;D" }-

Green = OK
Yellow = Proceed with caution lol, [not much is known about that site yet by Siteadvisor, hmmmm]
Red = well, you know :dry:

Oh, also I found in options to have searches highlighted also.... see pic..

One more thing, if you don't see the Siteadvisor Info pop-up when mousing over the green/red icons, like I wasn't for a while, it's almost certain you have Javascript turned off.

I have NoScript, and finally figured out I had to allow/or temporarily allow in my case JS.

I had kept looking at my pop-up blocker in Kerio Firewall and in Firefox turning them off made no difference until the load of bricks hit me in the head it was JS. Just a heads up. :shifty:

btw: If you want to see google results with some red ones for sure showing up, simply search for P2P or like I did just 'cracks'.. you will get a ton of them.

Cheers, TAS

here is the 'Yellow' advisory Erik. :)

TAS

finally, I found an 'Untested' site.... man they sure must have done their homework, did not see many in all the tries I had with google results for 'cracks' | 'p2p' | 'key generators'

TAS

lol, sorry, found something else.. decided to click on the 'submit for testing' and immediately got this...which means of course that information can be transmitted immediately back to Siteadvisor.

TAS

I googled with '"Homeland Security"' and those websites were all green.
So I guess the president and the US government have pretty safe websites.

Cracks, crackz were red, but also many green. Same for serials, serialz
I have mixed feelings about SiteAdvisor, nevertheless an interesting software with possibilities.

I wonder how it would react on IE-SPYAD and HOSTS websites.
A test for ShadowSurfer/ShadowUser-users ;D

yeah.. theirs billions of websites online.. millions die off every day/are created.. most of them aren't worth a darn.

-{ Quote: "............
I have mixed feelings about SiteAdvisor, nevertheless an interesting software with possibilities............." }-

Oh for sure it isn't the be-all end-all of browsing securely, but nontheless, it does give a very good indication of the possibility of threats, etc. and with the plethora of sites out there, not all are going to be 100% correct in Siteadvisor's analysis IMO, still, as you said Erik, it is interesting. :)

TAS

I just found something really cool . If you go to register by entering your email on a site , SiteAd will give you info on whether or not you can expect spam or other crap from the site . VERY NICE

It is good to see a lot of positive buzz. I will start testing this today as well. If I have anything to add, I will post it.

Hi All,

Wait a minute! Doesn't MVPs host file keep us away from the bad places marked in red? What about IESpyad, & Spyblaster and all the passive stuff? How do the authors of SiteAdvisor determine who gets a red, yellow or green mark?

rico

Interesting Site Advisor Blog.

Making the Web Safer One Site at a Time....January 23, 2006 (http://blog.siteadvisor.com/2006/01/making_the_web_safer_one_site.html)
-{ Quote: "We wanted to share (with permission) some feedback we recently received from Brian Tiemann, the owner and webmaster of lionking.org (SiteAdvisor Analysis: LionKing.org), an unofficial fan site not associated with Disney. This tale starts a little scary, but it has a happy ending." }-

Isn't a project like this really doomed to failure? How can they possibly keep up with all the many many many many many many many websites?!?!?!

Looks like they send bots, to visit sites, then depending on what they get back, determines the color you get. I guess you could add sites to IESpyad, or Spyblaster etc. in this manner. I guess thats why many sites have those partially hidden numbers & letters, you must type. BOT's have a tough time with the partially displayed characters.

rico

-{ Quote: "Hi All,

Wait a minute! Doesn't MVPs host file keep us away from the bad places marked in red? What about IESpyad, & Spyblaster and all the passive stuff? How do the authors of SiteAdvisor determine who gets a red, yellow or green mark?

rico" }-
using the mvps hosts, mikes hosts and block adverts combined, i was able to access a "red" site but most of them were usually blocked. siteadvisor rates sites based on teh amount of spam they send to ur email, downloads available on the site (if any have bundled adware), links from the page to other sites, and annoyances. i cant find detailed info but i hope u better understand it.

-{ Quote: "Isn't a project like this really doomed to failure? How can they possibly keep up with all the many many many many many many many websites?!?!?!" }-
The same way Archive.org (http://www.archive.org/) does. Invest in a lot of systems to gather the information.

Hi All,

WSFuser- as you stated they judge by spam (spamassassin) but you have to give the site the your email address to receive the spam. I rarely give a site, my email address. So if hosts & iespyad etc allow you through - then still use caution in giving out email. IMHO site advisor is not necessary.

rico

PS - Hope I don't have come back here, with egg on my face

I just spent a good amount of my day researching this program.

Here a couple of the things that I would like to see them add:

1. Cookie content statistics: I would love to see if a web site stores personal information in their cookies.

2. Add SiteAdvisor to the context menu so that when you right-click on a link, it will take you to the SiteAdvisors statistics page for that site instead of to the site itself.

So far I like the program a lot.

i like your idea number 2 as using the icon in teh status bar is too inconvenient. have u already emailed them ur suggestions? see this link (http://www.siteadvisor.com/aboutpage/faq.html#15) for their email

-{ Quote: "i like your idea number 2 as using the icon in teh status bar is too inconvenient. have u already emailed them ur suggestions? see this link (http://www.siteadvisor.com/aboutpage/faq.html#15) for their email" }-
Thanks! I just sent them an e-mail.

great program!

One good way to see SiteAdvisor in action is to try searching for certain "dangerous" search terms on Google or Yahoo!.

Here are some examples:
Screensavers
Free ipods
p2p
Free downloads
Wallpapers
crack sites

I use Grypen's filters in Proxo, including the Google filters. I just installed the SiteAdvisor extension in Firefox, and noted that on the first Google search results page, the icons and the url are not in sync...hehe..

That is, if an icon is red for a url site, it is actually the url site above that is being rated red. If I mouse-over the icon, it gives me the info for the site above. For the very first site it gives the url and info for a site that I do not even see on the page....

It has something to do with the way the Proxo filters handle the 'sponsored sites' on Google.

Strangely, the icons and the url get back in sync on the second page of Google results....hehe..

dmc

Recent update - It appears that the 'out-of-sync' only happens when one or more of the sponsored links are red or yellow rated...I did a search where it turned out that all of the sponsored links (which are suppressed in the Grypen Google filters) are green, then the icons from SiteAdvisor and the url of the results jive....hehe...

i'll wait till the full version betas scare me

it's actually pretty sturdy, and has alot already.. okay, gmail is in beta, uh theres www.betanews.com, firefox was in beta and it was sturdy, what you should avoid is pre-alpha ;)

-{ Quote: "I use Grypen's filters in Proxo, including the Google filters. I just installed the SiteAdvisor extension in Firefox, and noted that on the first Google search results page, the icons and the url are not in sync...hehe..

That is, if an icon is red for a url site, it is actually the url site above that is being rated red. If I mouse-over the icon, it gives me the info for the site above. For the very first site it gives the url and info for a site that I do not even see on the page....

It has something to do with the way the Proxo filters handle the 'sponsored sites' on Google.

Strangely, the icons and the url get back in sync on the second page of Google results....hehe..

dmc

Recent update - It appears that the 'out-of-sync' only happens when one or more of the sponsored links are red or yellow rated...I did a search where it turned out that all of the sponsored links (which are suppressed in the Grypen Google filters) are green, then the icons from SiteAdvisor and the url of the results jive....hehe..." }-
i too use Grypens filters however for me, the icons give me info for teh site seven spots above.

hmmm interesting program indeed!! however, i might try it out sometime once its out of beta and more familiar with people :P ..seems very promising though :thumb:

where can i get this for firefox?

-{ Quote: "where can i get this for firefox?" }-By going to the link that is contained in the first post of this thread :blink:

I Installed in Firefox 1.0.7 - seemed to work fine 'til I shut down, now nothing.

The extension is installed but doesn't appear to be functioning. Anyone else having luck with firefox?

cheers

I have 1.5.0.1, works fine with this version of FF

downloaded it and i think it has a lot of FP i typed in porn on google and every site came up green haha

-{ Quote: "downloaded it and i think it has a lot of FP i typed in porn on google and every site came up green haha" }-
What is FP?

Up yeah, I would try it but it won't install for me in FF.

-{ Quote: "What is FP?" }-
FP = False Positive, something GOOD that is wrongly considered as bad by a software.

-{ Quote: "FP = False Positive, something GOOD that is wrongly considered as bad by a software." }-
Thank you. You are now the official translator of lazy thread posters. I wonder how he confirmed that they are false positives?

I have been doing some testing of my own for over a week now. My biggest complaints so far is are frequency at which they update their information, and the amount of time that it takes for them to test a submitted site.

I submitted a personal web site last week for testing. It is still queued up for testing. It concerns me that it takes so long. This is a fatal flaw that they need to fix.

-{ Quote: "downloaded it and i think it has a lot of FP i typed in porn on google and every site came up green haha" }-

Why necessarily FPs? Porn sites are not "automatically" infected with anything per se, it's usually the links within links within links, etc that gets people into trouble.

A 'Green' rating would more than likely be correct with these sites, as there may be no ActiveX/email spam/drive-by downloads/pop-ups, etc on the original site itself, so yes, it's more than likely very accurate in that regard.

Just like if you googled for 'crack'/warez/etc... lots of green sites originally, but some red ones which do give unauthorised spam/downloads, etc.

Still, giving those sites a Green does not mean you can go there happily clicking on everything thinking you are in the 'Green Zone' and safe. The same applies to some legitimate sites which become infected by various means, unbeknown to the owners until too late.

Surfing safely no matter the site is still the order of the day. :thumb:

TAS

-{ Quote: "



I submitted a personal web site last week for testing. It is still queued up for testing. It concerns me that it takes so long. This is a fatal flaw that they need to fix." }-

Fatal ? It is free , as far as I know and , like anything else , take it with a grain of salt . Even inexperienced users do not really NEED this program . Kind of cool to play with but , as Tassie said , just because it shows green does not mean it is safe . They use their personal experience to say what is safe and what is not . I just think " fatal " is pretty harsh for a flaw in a program that is more of a novelty than a safety mechanism .
And the time it takes should be awhile . They cannot use their personal experience by checking out a site and giving their suggestion in a day or two . They need to wait to see if , and how much , spam may come in . I think a week may be a bit long but , I am sure they are checking many . Not just one or two .

-{ Quote: "downloaded it and i think it has a lot of FP i typed in porn on google and every site came up green haha" }-


And who says p0rn is bad for you? ;) ;D :D :o 8)

-{ Quote: "Fatal ? It is free , as far as I know and , like anything else , take it with a grain of salt . Even inexperienced users do not really NEED this program . Kind of cool to play with but , as Tassie said , just because it shows green does not mean it is safe . They use their personal experience to say what is safe and what is not . I just think " fatal " is pretty harsh for a flaw in a program that is more of a novelty than a safety mechanism .
And the time it takes should be awhile . They cannot use their personal experience by checking out a site and giving their suggestion in a day or two . They need to wait to see if , and how much , spam may come in . I think a week may be a bit long but , I am sure they are checking many . Not just one or two ." }-People are assuming that it is timely and accurate information. It is in fact information that is weeks old. Therefore it is a fatal flaw in the system that can be exploited quite easily.

Here is the scenario: A malicious web site maker creates a benign site and submits it for testing. He then waits for his site to appear as tested and safe. He then modifies the site to deploy his dagerous payload. Now the site operates for weeks before it appears as red. Countless people who relied on Siteadvisor are now infected.

This current version does not meet security requirements to be relied upon enterprise wide. Every site needs to be tested at the very minimum on a weekly basis, preferably daily in order for Siteadvisor to be useful.

Would you call virus signatures reliable if they are a month old? Would you buy a news paper that was a month old? Information is useless if it is not timely and accurate.

I am sorry but , you miss the most important part here . Site Advisor is NOTHING like an AV . Even though you should back up your AV program because nothing is one hundred percent all the time , Site Advisor is not something that the masses should use as a protective application . As stated before , it is more of a novelty than anything else . Anyone who would use that program to protect them from so-called " bad sites " should NOT even be using the internet ! Call it what you wish but , this program is interesting at best and a joke at worst . Not putting them down because the program is fine . You are just putting WAYYYY too much emphasis into something that will never come close to protecting you . We are protected from bad sites with AV , AS , firewall , popup blocking , referrer blocking , cookie controling applications and so on .
You might want to ease up on Site Advisor as being such a serious protector and look at something more important and helpful .
Without the timely info , you claim it is useless . Again , it is a novelty . Use some common sense and GOOD protection and Site Advisor should be seen as a very unimportant application .

-{ Quote: "I am sorry but , you miss the most important part here . Site Advisor is NOTHING like an AV . Even though you should back up your AV program because nothing is one hundred percent all the time , Site Advisor is not something that the masses should use as a protective application . As stated before , it is more of a novelty than anything else . Anyone who would use that program to protect them from so-called " bad sites " should NOT even be using the internet ! Call it what you wish but , this program is interesting at best and a joke at worst . Not putting them down because the program is fine . You are just putting WAYYYY too much emphasis into something that will never come close to protecting you . We are protected from bad sites but AV , AS , firewall , popup blocking , referrer blocking , cookie controling applications and so on .
You might want to ease up on Site Advisor as being such a serious protector and look at something more important and helpful .
Without the timely info , you claim it is useless . Again , it is a novelty . Use some common sense and GOOD protection and Site Advisor should be seen as a very unimportant application ." }-
I concur. I consider SiteAdvisor as an indication with a bag of salt, although I like the traffic light colors (green, yellow, red) very much. :)

You both miss the point completely. This is a product. It is not a novelty. This cannot be a viable product if the information is not timely. From an enterprise point of view, this product would be fantastic if the information was timely. As it stands now, it is just a novelty.

This company will not be around for another year if they do not resolve this issue. It will wither if the information provided is proven to be unreliable. After all, the information is the product, and unreliable information is useless.

My criticisms of this product are not born from my dislike of the product. They are born from my belief in its potential. This is a tool that educates a user like no other. It gives users a way to learn about a dangerous site before they visit it. If you put a product like that out on the enterprise, then it can help reduce the amount of spyware and spam that corporate systems receive.

Sadly , it is people like you that keep these types of programs afloat . No program of this genre' will EVER be what you wish it to be . Again , nice idea but , it will never be . Well , never say never but , based on your own words , this type of program can ALWAYS be fooled . These programs are not based on anything other than the personal view of the developer . It is NOT a program to use to protect yourself . PERIOD ! It never will be because they are easily fooled AND it is based on personal views . If you and I go to the exact same site at the exact same time and stay the exact amount of time as the other , would it surprise you that I get an ad or two and you do not ? Personal opinion is what the program is . That is all . And you talk about the possibilities ? Good luck because what you want out of this type of product is nowhere in the near future .
Now , that IS my point .
And thanks Erik . Glad someone sees this for what it is and does not look so deep into as to think it is security for your computer .

-{ Quote: "this program is interesting at best and a joke at worst" }-While I will agree it's still in it's early stages of development....we'll definitely have to agree to dis-agree when it comes to calling it a joke :wacko:

I doubt very seriously if folks like Ben Edelman (http://www.benedelman.org/) or the SiteAdvisor Team (http://www.siteadvisor.com/aboutpage/about.html) consider their work on this program a joke :blink:

different strokes for different folks

warez had LOADS of reds

I agree they do not . Good for them . It is a joke unless you use it properly . Properly meaning , if it is green , enter at your own risk . lol . Sheesh . For people who know nothing of security , this will do more harm than good . It is , sorry . I cannot explain it anymore . You guys are humorous . I think it is great you like it . Hope you enjoy it . Sure you will .
I will continue to have fun with it as that is all it is good for . A novelty program .

-{ Quote: "i like your idea number 2 as using the icon in teh status bar is too inconvenient. have u already emailed them ur suggestions? see this link (http://www.siteadvisor.com/aboutpage/faq.html#15) for their email" }-
I got an e-mail reply from them on this and they said that both ideas are on their to-do list.

I just sent them some more ideas. I suggested that they put time stamps on the reports and that they increase the frequency at which they test sites. I also asked them how they handle robot.txt and the ROBOTS meta tag. I am curious if they ignore them, or honor them. Lastly, I asked them about their business model and how they plan on making money from Siteadvisor. I will post their response as soon as I get it.

Well if a website has a RED mark, I hope it's TRUE, otherwise the website (supposed to be green) will have less visitors and that would be unfair.
Of course the webmaster can complain, but how fast will it be rectified ?

It happened already with the Bluetack Hosts file, where a website was wrongly blacklisted.
A software like SiteAdvisor affects the whole internet, because all websites are marked and as long it's true, no problem, but what if not ?

-{ Quote: "Well if a website has a RED mark, I hope it's TRUE, otherwise the website (supposed to be green) will have less visitors and that would be unfair.
Of course the webmaster can complain, but how fast will it be rectified ?

It happened already with the Bluetack Hosts file, where a website was wrongly blacklisted.
A software like SiteAdvisor affects the whole internet, because all websites are marked and as long it's true, no problem, but what if not ?" }-Here is a posting from their blog site:

http://blog.siteadvisor.com/2006/01/making_the_web_safer_one_site.html

It addresses this very issue and how they handle it.

-{ Quote: "FP = False Positive, something GOOD that is wrongly considered as bad by a software." }-

Yes. Cheater87 seems to be using the term wrongly. He's talking about something BAD that is considered good.

Howdy, folks. Ben Edelman here. Sorry to join this discussion a bit late. But I figured I'd at least try to chime in with what I know, to the extent it seems relevant and useful.

Notageek, I'm sorry to hear you had trouble with the SA installation sequence. You might consider writing to SiteAdvisor feedback (http://www.siteadvisor.com/feedback.html) to describe the problem more. They might be able to help you, or they might be able to fix the problem so it doesn't affect others in the future.

Close_Hauled, Your concerns are well-taken. I take your basic worry to be the completeness of SiteAdvisor's data. The web is awfully big, and crawling it all, often, may be unrealistic. I share this worry, in principle. But SiteAdvisor has been enlarging its server farm, increasing capacity significantly. Now, with that capacity SiteAdvisor has some choices: It can recrawl already-tested sites more frequently; it can test more sites that seem to be high priorities objectively (e.g. based on many links from other sites); or it can test sites that users specifically request. Frankly, I think #2 and #3 are generally more urgent than #1. I do like recrawling from time to time, but for many sites that's not super-urgent. Kazaa.com is still going to get a red next month, just like this month. All that said: With the greater server capacity on hand, I hope you'll see that data gets better and better. Data completeness is one big reason why SiteAdvisor still describes itself as in "preview" mode, rather than officially and fully launched.

Your worry about seemingly-good sites turning bad is very sensible too. As you say, it's not easy to know how to address this. Certainly no one claims that SiteAdvisor is a replacement for existing anti-spyware and anti-virus tools, and these other prorams may offer some useful additional protection in this case. Also, though, do consider SiteAdvisor's user feedback system. All submitted comments are promptly reviewed by SiteAdvisor staff, and sites' ratings can and do change after SiteAdvisor receives persuassive feedback. That doesn't mean SiteAdvisor will get the answers right in the first hour, but it might not be far behind.

In thinking through SiteAdvisor's prospects, I guess I focus on the big picture of areas where SA can most readily assist. We all know that search engines link to lots of bad sites (http://www.benedelman.org/news/012606-1.html). SiteAdvisor can definitely help users stay away from some of the bad sites. Will others slip through? Maybe sometimes. But the more users SA gets, and the more folks who help submit observed bad actors (like those folks who intentionally start off good, then flip to bad shortly thereafter), the more likely that SA will catch even those bad guys that otherwise slip through the automated tests. Meanwhile, in my own testing, I've been very impressed with SA's existing completeness. Just when I think I've found a "new" never-before-seen distributor of some notorious adware, I check SA's ratings and see that SA already knew about it. So color me impressed.


Full disclosure: SA provides me with data for use in spyware research and academic writing. Also I'm on their advisory board. So take all the above for what it's worth.

Been using it for 2 days now... love it!!!

Spiff5000

-{ Quote: "Yes. Cheater87 seems to be using the term wrongly. He's talking about something BAD that is considered good." }-
I noticed. Does it really matter ? FP was the question.

Well...it sure doesn't seem very "stable".
Had it for about a week, and after I undone some system changes,
*PUFF* ~ it was gone !

;D ;D

Bedelman,
I'm a newbie in anything. So be patient with me.
I assume that SiteAdvisor evaluates a website with automated tests and internet is indeed ENORMOUS.
I have no idea how long it takes to run all these tests for ONE website.

Isn't it possible to run these automated tests, when you right click on the website (or anything else) and give a report and rating in a popup window after running SA on one website.
In that case you can run SA on every website, if the user wants it to run.

If I know the website is safe, I wouldn't run SA and I know alot of safe websites.
If I don't know the website is safe, I would run SA and read the report of SA, to know what SA thinks about this website.

So I'm talking about a software, installed on my computer, that runs several tests on a specific indicated website by me and gives a report and rating when the tests are done.
Even when the tests take some time, it's more important for me to know what SA thinks about an unknown website
and I'm prepared to wait for this if the time is reasonable.
In that case, you can run SA on each existing website on the internet.
I hope you understand what I'm talking about, because I'm not that good in English. ;D

Nat, if you "undid some system changes" (e.g. using a system restore tool?), you probably removed the registry entries that cause SiteAdvisor's plug-in to tie into your web browser. I don't think you can fairly blame this on SiteAdvisor. This is normal and *correct* behavior. Do a rollback, and your configuration actually does and should roll back to your prior settings.

Erik, You're right that some of the tests at issue can be done very quickly. But others really can't. A great example is SiteAdvisor's email testing. To test whether or not a site sends large amounts of email, the SiteAdvisor robots register with the site, providing a single-use email address (not provided to any other site), then wait weeks or even months to see how much mail arrives. You can't accelerate that process to mere seconds; even the worst spammers won't send a new signup that many messages in that little time.

By focusing on the most popular sites, SiteAdvisor already has data about most of the sites most users visit most often. I know that's little comfort if they don't have some sites specific users care about. But this should only improve over time. I'm hopeful that data completeness won't be a big problem. Let's give SiteAdvisor another month or two -- at least through their official public launch -- to see how this turns out.

-{ Quote: "Nat, if you "undid some system changes" (e.g. using a system restore tool?), you probably removed the registry entries that cause SiteAdvisor's plug-in to tie into your web browser. I don't think you can fairly blame this on SiteAdvisor. This is normal and *correct* behavior. Do a rollback, and your configuration actually does and should roll back to your prior settings.



By focusing on the most popular sites, SiteAdvisor already has data about most of the sites most users visit most often. I know that's little comfort if they don't have some sites specific users care about. But this should only improve over time. I'm hopeful that data completeness won't be a big problem. Let's give SiteAdvisor another month or two -- at least through their official public launch -- to see how this turns out." }-

Hi bedelman, :)

Excuse the little misunderstanding...but I was posting my message mostly
in a jokingly way.
That's why the " " around the word 'stable'. :)

I restored settings from a couple of system tightening programs, because I wasn't able to download anything from microsoft. ( UPDATES people, UPDATES ! ;D )
Well...after that, SA just disappeared from my browser, lol.;D

And you are right ! This is 'normal' !!

Now..one question. I see SA is in my Add/Remove Programs folder.
Do I have to uninstall it from there and THEN Re-install ?? I think it would be easier - for me that is.

I am not too sure how "rollback" works. :-[
Amateur with technically thingies. :-[ :-[

~~~~~

Also. I really like this program, and I think it will in time be a good helper when surfin the net.
Though, I don't and would not trust it blindly. Too young still. But I definitely see great potentials. I hope you understand what I'm trying to say.
My english is worse than that of ErikAlberts. :P :D

I sure will give it another month or two. Improvements need time.

P.S. I surfed a couple of sites that in my knowledge would have needed the red light..the least, a yellow one.
This site was marked as green. :-\



Keep up the good job though...this is a program I've been waiting for in ages :o :o !!!!! :thumb:




Sincerly,

Nat,

I don't use rollback much either. In any case, I think you should be able to reinstall directly from SiteAdvisor's download page (http://www.siteadvisor.com/preieinstall.html). I've done plenty of in-place reinstalls, overwriting prior versions. Always works just fine. And this is similar to what you'd be doing (overwriting a partially-removed prior version).

If you find false negatives, it is always very helpful to submit them as comments. Just click the browser plug-in's button, view the site dossier page (e.g. a URL of the form http://www.siteadvisor.com/sites/benedelman.org ), then scroll down to User Comments and type your comment. One to two sentences is fine. Then someone from SiteAdvisor will investigate, confirm, and if warranted update the site's rating appropriately. I realize this is a bit of a pain, but if each initial expert user sees and submits just a handful of false negatives per week, it actually may not take long to get these resolved. Also, identifying errors is very helpful in improving the automated analysis -- tells us where the crawlers are getting things wrong, which helps us redesign them so the next crawl is that much more accurate.

If you do take the time to submit comments, I recommend creating a SiteAdvisor account (1-2 clicks extra) so SiteAdvisor staff can get back to you with questions, comments, thanks, praise, T-shirts, what have you. Seriously, they're greatful to those who take the time to write, so experts might as well put their names on your submissions so they can get credit where credit is due.

Or for anyone who doesn't care to submit comments through the SiteAdvisor feedback system, I'm happy to receive them by email (http://www.benedelman.org/mail).


Ben

Thanks Ben !

Will use your recommendations... !

-{ Quote: "
Erik, You're right that some of the tests at issue can be done very quickly. But others really can't. A great example is SiteAdvisor's email testing. To test whether or not a site sends large amounts of email, the SiteAdvisor robots register with the site, providing a single-use email address (not provided to any other site), then wait weeks or even months to see how much mail arrives. You can't accelerate that process to mere seconds; even the worst spammers won't send a new signup that many messages in that little time.

By focusing on the most popular sites, SiteAdvisor already has data about most of the sites most users visit most often. I know that's little comfort if they don't have some sites specific users care about. But this should only improve over time. I'm hopeful that data completeness won't be a big problem. Let's give SiteAdvisor another month or two -- at least through their official public launch -- to see how this turns out." }-
Thanks Bedelman and I fully understand that some tests like emails can't be done with my proposal, because they have to be spread over a longer period. You can't blame me for trying. ;D

Of course you could separate the short tests from the long tests in two different softwares.
The short tests would give up-to-date information, because they are done immediately,
while the long tests would be kept by the SA-team, which also means that the SA-team doesn't have to keep all the information of each website, only the data of the long tests.
It depends on what kind of info the short tests give, that are important enough for the user to be up-to-date.

i dont know why some game hack sites are rated green

Metallicakid, if you think you've found an error, here are a few ways you can proceed:

1) Visit the site's dossier page, e.g. http://www.siteadvisor.com/sites/crackz.ws . Scroll down to the User Comments section, and enter your comment. If possible, create an account (very quick & easy) so SiteAdvisor staff can get back to you with questions, or just to say thanks.

2) Send SiteAdvisor feedback (http://www.siteadvisor.com/feedback.html).

3) Email me (http://www.benedelman.org/mail).

SiteAdvisor really does value users' comments and feedback. Submit a comment via the #1 method above, and your submission will immediately be visible for the world to see. Furthermore, a SiteAdvisor staff person will look over your submission promptly, verify your claims, and adjust the site's rating if appropriate. So these comments don't just go into a "blackhole"; to the contrary, you should see that your well-founded comments produce significant changes.

-{ Quote: "Close_Hauled, Your concerns are well-taken." }-Ben,

Thank you for taking the time to respond. I would imagine that you are quite busy, so taking time to post here is most appreciated.

I see Siteadvisor as being a first step tool in the user being more proactive about protecting their systems. Not as a blocking tool, like anti-virus or anti-spyware tools, but as a “look before you leap” tool. “Fore warned is fore armed” as the cliché goes. This is one of the first tools of its type, and I am very excited about its prospects.

I have never liked our current approach. I have always believed that an educated user will always do better at protecting his system than any software and hardware alone.

I’ll give you an example: I work for a very large corporation as a network systems engineer. Our network is protected very well and we do a better job than most. One day I received an e-mail from a known source, but it had a strange attachment, so I did not open it. I immediately sent out an e-mail to all of the people I support and told them not to open any e-mails with attachments because a virus may have entered through the Exchange server. I then contacted our security office and notified them about the e-mail. They already knew about it, it was the “I Love You” virus, and it was spreading fast. I hung up the phone and it immediately rang. It was a user who had received my e-mail too late; he had already opened the infected file. I told him to unplug the computer from the network and shut it off until I have the tools to clean it.

Education will go a long way in helping to slow down the spread of viruses. When I think about Siteadvisor on an enterprise level, I imagine all those users avoiding (hopefully) all those sites with red Xs. If they do avoid those red X sites, a lot of company resources will saved for more productive tasks.

In the meantime, I will continue to look at Siteadvisor and see what it can do. I will continue to send in my comments and recommendations as well. So far, the responses from the Siteadvisor staff have been very receptive. Although on my last query, they did not answer my question about robots.txt and ROBOTS meta tag. My understanding is that these are used by site owners to respectfully ask bots not to scan their sites. I will send them another e-mail.

Which reminds me: I recently submitted my own site to Siteadvisor. It has the robots.txt file in it. My site does not show up in Google or Yahoo!, but it does on Siteadvisor; with the links followed to another site that I would like to keep private. Not that I am upset mind you, I used robots.txt to keep my site private as I could, and this was an opportunity to test Siteadvisor. I only want to share the site with a few friends.

This to me seems to be another possible sticky point. In my opinion, it is common law practice to respect the requests within robots.txt file. That companies like Google and Yahoo! have set a precedent by respecting the site owner’s wishes. By ignoring this file, bot owners open themselves up to litigation.

Personally, I believe that if the site is green and the robots.txt says to disallow, then Siteadvisor should not publish its findings on the site. If it is red however, then post it in neon, flashing lights and horns blaring.

-{ Quote: "Personally, I believe that if the site is green and the robots.txt says to disallow, then Siteadvisor should not publish its findings on the site. If it is red however, then post it in neon, flashing lights and horns blaring." }-
After my last post, I had second thoughts about this last paragraph. I changed my position because I am a site owner who would like to have his wishes respected by bot owners. I use the robots.txt (http://en.wikipedia.org/wiki/Robots.txt) file on my personal site and I would like bots to use only the permissions that I have assigned. My interpretation of the protocol is that a bot is supposed to read the robots.txt file first to find out what it is allowed to do. If it is allowed to proceed, then it should proceed only as directed. If it is allowed no access whatsoever, then it should just proceed to the next site. I also believe that every responsible site owner who uses the robots.txt file has the same interpretation.

In my opinion, it is common law (http://en.wikipedia.org/wiki/Common_Law) practice to respect the requests within robots.txt file. Companies like Google and Yahoo! have set a precedent by respecting the site owner’s wishes. By ignoring this file, bot owners open themselves up to litigation.

I submitted my own personal site to Siteadvisor and it has already been analyzed. The information has been published on the Siteadvisor site. My site came up all green according to Siteadvisor. The published page shows the address of links on my site which it is in the process of analyzing. So in my case, my robots.txt was ignored, as well as my wishes. I simply do not want bots scanning my site and I would like that respected.

I sent an e-mail to Siteadvisor and they recognize this issue. This paragraph from their response summarizes their policy on this issue:

-{ Quote: "Currently, our policy is to test all of the public web and to do it in a way that does not inconvenience the good guys while catching the bad guys. We're assuming that anyone with information they do not wish to make public will not put that information on public (non password protected etc) web pages." }-I believe that Siteadvisor needs to revise this policy. At the very minimum, they should not publish pages about green sites that use the robots.txt file to stop bots from scanning their site. They should also not publish information about those parts that are restricted from bots. This to me would be a compromise solution that legitimate site owners could accept.

Illegitimate site owners will cry foul however, and that is when Siteadvisor may have to change its policy to the letter of the intent of the robots.txt protocol. Siteadvisor personel may have to go to bot blocked sites and manually test them. This would cripple them if they had to resort to it. Only time will tell.

For those of you wondering what a robots.txt file looks like, here is one:

http://www.whitehouse.gov/robots.txt

These robots.txt questions are fascintaing. Frankly, it's not always obvious how to proceed. On one view, the spirit of robots.txt is to ban all non-human processes. On the other hand, that creates an easy opportunity for bad guys to escape SiteAdvisor evaluation (and inevitable criticism) merely by adding a simple robots.txt file. I think this is a more serious worry than your message indicates.

On a related note, I'm not sure robots.txt has as strong and far-reaching an effect as you suggest. I certainly don't agree that robots.txt has common law significance. But even taking the robots.txt standard for what it is, recall that it's really a standard for search engine type high-volume crawlers (which potentially read thousands of pages on a site), not for Windows-based automated users (that better simulate ordinary users' accesses to a site, and crawl only a handful of pages).

In any event, I think SiteAdvisor's stated response gives a good statement of what SiteAdvisor currently does and why.

-{ Quote: "Currently, our policy is to test all of the public web and to do it in a way that does not inconvenience the good guys while catching the bad guys. We're assuming that anyone with information they do not wish to make public will not put that information on public (non password protected etc) web pages." }-

I don't have much to add to this. I think it's a sensible policy; I think testing less would ultimately do users and the web a disservice. Testing less might provide some very small benefit to some web sites that prefer to avoid being evaluated, but I'm not sure that's an important benefit, frankly. Consumer Reports doesn't ask manufacturers whether they want their products evaluated, for good reason (becuase only the bad guys would opt out), and the same idea applies to SiteAdvisor too.

MS Antispyware gave me alert that site advisor is
trying to add 101egreetings.com in my TRUSTED SITES LIST. I wonder why
this message is coming? Here is the reply from Support.


---" thanks for writing and for your interest in SiteAdvisor. In our
Internet Explorer version, our client software adds a list of sites that
we've detected as having ActiveX adware to your Restricted Zone to give
you extra protection. We disclose this on the Internet Explorer
pre-installation page, here:
http://www.siteadvisor.com/preieinstall.html
Note that SiteAdvisor is trying to INCREASE security on these sites
by adding them to the Restricted Zone, which will prevent ActiveX
controls on these sites from installing/running.

We are considering removing this feature in the next version because
we've noticed that when some anti-virus software detects our additions
to the Restricted Zone, users are prompted with an alert that makes it
sound like we decreasing security (when we are actually increasing it).


Another repy,

----" Thank you for following-up with this. This is why we are removing the
Restricted zone addition in our next public release. MS Antispyware
reports any addition to security zones as an addition to the Trusted zone
-- which is really a bug in the Microsoft product -- if you were to
allow SiteAdvisor to make the change, you would see that the sites are
really added to the Restricted zone.
Still, we know many users will see this message from Microsoft and
rightly be very concerned by it. In our next public release it will no
longer be an issue and you will not see this message again."


Cyberhawk gave me alert also but it was a log, so I was not able to understand that site is added to trusted sites or restricted ones according to CH. I checked fromm IE, SiteAdvisor is right, they add it to restricted ones but reporting by MSAS is wrong. Interestingly, NIS and WinPatrol did not gave any warning.

-{ Quote: "Security company McAfee has acquired SiteAdvisor in a move to fortify defenses for people before they browse potentially malicious Web sites." }-
Story (http://news.zdnet.com/2100-1009_22-6057923.html)

well there goes the free version :(

-{ Quote: "well there goes the free version :(" }-

From where do you get that? As the main page of siteadvisor links to msg from CEO, which states that " But a few things won’t be changing: * The free features in the current SiteAdvisor software. They will remain free to our current users and will continue to be available for free on our Web site for new users."

I think free version will go in any way. I don,t think they will be working for free forever.

But it is strange that it is taken by McAfee while still in infancy!!

Hello guys! This is not 1995 when people did everything for free on the internet. Do you really think that some guys thought; "Hey, let's just help out the internet communiy for free". Maybe there are some people like the make of S&D who needs to do a reality check, the thing however is that there is lots of money to make out there. Site advisor is just another attempt to see what you guys are doing. Heck even if you uninstall it needs to ping back home.

-{ Quote: " Heck even if you uninstall it needs to ping back home." }-

This practice is really bad. I have experienced it with SiteAdvisor, SpySweeper trial, Google Desk Top and many others. It,s really so annoying. Shame on them. They must give the user an option for this.

-{ Quote: "Story (http://news.zdnet.com/2100-1009_22-6057923.html)" }-
I always knew that they were gonna sell to someone. I would have prefered that Google was the buyer.

Smart move by Mcafee.

Buys ready made "site Rating' software with big db in place.

At a web page coming to yuo soon :
McAfee certified safe; LOL

How much revenue do you think it will generate when mcafee starts selling its approval rating.

How high will the mcafee approved sites move up the google listings.

How low could you go if macafee gave you a red rating!!??

?Reverse Blackmail by proxy

All speculation of course ;)

Dont forget the massive numbers involved.Could be a very good deal for macafee.

Regards.

-{ Quote: "Hello guys! This is not 1995 when people did everything for free on the internet. Do you really think that some guys thought; "Hey, let's just help out the internet communiy for free". Maybe there are some people like the make of S&D who needs to do a reality check, the thing however is that there is lots of money to make out there. Site advisor is just another attempt to see what you guys are doing. Heck even if you uninstall it needs to ping back home." }-
so how do you explain Firefox ::)

-{ Quote: "so how do you explain Firefox ::)" }-

Hatred against Microsoft? ;D