Sandboxie Website & McAfee SiteAdvisor

Discussion in 'other anti-malware software' started by TheKid7, Nov 5, 2009.

Thread Status:
Not open for further replies.
  1. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
  2. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Reading that website it's pretty self explanatory.

    Most likely someone linked to that website on their forums about some issue or whatever. I don't think anyone really cares much for McAfee's "SiteAdvisor".
     
  3. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    408
    As BIG name corps often do, McAfee starved the project (allowed it to wither on the vine) after acquiring the brand. To them, the accuracy of the SiteAdvisor ratings clearly does NOT matter; they're only interested in being able to claim it as a "feature" bundled into their suite. Most of the top volunteer reporters have become understandably disgusted & I share their jaded view that SA has devolved into a sad joke.

    I'm not entirely opposed to the issuance of ratings which reflect a "judge a site by the company it keeps (links to)" consideration... but I adamantly believe that facts (scan results) + opinions (reported) + affiliations (inbound, outbound, reciprocal links) + pagerank should be factored into weighting, toward deciding the current "large print" red, yellow, or green icon. No, SA hasn't the staffing to maintain an even keel. I had expected they would empower select volunteers to serve as "moderators" but, at this point, most of the can-do reporters have left the flock.

    Reputation. With the advent of the "social" net, there's a growing trend toward focusing on reputation management. With a sense of perverse (?) curiousity, I've watched www.myWOT.com ...and can't shake the cynical observation that it amounts to the blind leading the herd. Not blind, but consider the motivations AND QUALIFICATIONS of the reporting participants, and it's a sad lot. On the cheap, work-at-home posters can be hired to place insincere, unwarranted gripes (or bits of glowing praise). The bulk of the mywot-reporting participants seem to be even MORE clueless than the SiteAdvisor commenters were. To see just how lame/unwarranted the mywot ratings & comments are, sample the ratings for few of your favorite security-related sites, and your favorite commerce sites. "When I visited this site my computer monitor blew up". (Yeah? Alrighty then. Whatever.)

    Same as I felt toward the SiteAdvisor founders prior to the sellout, I respect mywot's initiative, and the fact that they are sharing/partnering. (Also, mywot recently published the source code for their browser addons.)
     
  4. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    There are three external links from sandboxie.com to three Red Rated sites:

    01) - pcdistrict.com is linked to six Red Rated sites and exists two Red Downloads along with two Yellow Downloads
    02) - softsea.com suposadley makes unauthorized changes to the PC upon visiting the Site (those changes are not revealed by McAfee)
    03) - bestvistadownloads.com exists two Red Downloads

    Security measures suggest that one not visit sandboxie.com.....however.....I believe the culprit is sandboxie's external links casting the black shadow over sandboxie.

    See for yourself:
    http://www.sandboxie.com/index.php?ExternalLinks

    Sandboxie will most likely retain the Red Rating until the Red Rated Sites are removed as external links.....visitors to sandboxie.com could click on those external links and supposedly
    encounter unauthorized changes to their computer systems by just visiting one of the external links, or unknowingly self infect their systems by downloading infected files from the other two external links.
    Especially pcdistrict.com

    In conclusion: the Red Rating by McAfee Site Advisor for sandboxie.com is appropriate. Webmasters should choose external links carefully, with ultimate consideration and safety measures for their visitors.
    Here we have an security vender linking to known malware sites.

    EDIT:
    How McAfee SiteAdvisor Works:
    http://www.siteadvisor.com/howitworks/index.html



    HKEY1952
     
    Last edited: Nov 5, 2009
  5. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    408
    Thanks, HK, but I don't care what the "culprit" is.
    OP commented on the the "absurdity" of SiteAdvisor's rating & chimed it to underscore the point that it's not an isolated incident. SA's reliability is, and has beeen, in the toilet.

    Reviewer comments (reviews) posted to the SA ratings pages are displayed "below the fold"; that most casual visitors will never notice them. McAfee is now partnering with Yahoo search -- the red/yellow/green icons are displayed without easy access to the supporting (er, contrary) reviews/comments... and SA community members have repeatedly observed, and have bemoaned, inexplicable changes to a given site's icon (green-to-red, red-to-green)(FULL reversal) with obvious disregard to the content represented in the recent/cumulative reviews.

    All things considered, I suspect that McAfee has _=FINALLY=_ found a way to recoup ;) their "investment" in acquiring SA
     
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    No offense HKEY, but I purposely left the links out of my post for a reason, I would think you should have done the same.

    inka, you first post perfectly summarizes my feelings about these kind of ratings, thanks for such a refreshingly intellectual post.
     
  7. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    Please explain funkydude.....


    HKEY1952
     
  8. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    408
    quick example group:
    brothersoft.com
    softpedia.com
    tucows.com
    jumbo.com
    download.com
    consider the disparity in how the colored icon is applied
    (contrary to reviewer comments, and seemingly uncorrelated withe the number of "suspicious" links or the "severity" of what the SA autoscan found)

    The *ONLY* quick example I can think of, for which SA has diligently reported based on reviewer comments is:
    cracks.am

    Yeah, long ago I read "how the SA ratings (are supposed to) work".
    IMO, in keeping with SA's stated guidelines, sandboxie.com merits a YELLOW icon.

    ps:
    Back before the turn of the century, tucows and DaveCentral were my preferred shareware DL sites, until they were both eventually "acquired". Tucows turned to packaging submitted apps into a "custom" installer that bundles so much crapware that I can't imagine they find many repeat visitors. Red red RED.
     
  9. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    Legitimate or not, I would not post links to websites that are being flagged red that I have not heard of before.
     
  10. arran

    arran Registered Member

    Joined:
    Feb 5, 2008
    Posts:
    1,139
    one of the best security apps in the world and McAfee SiteAdvisor flags the site as red. That's pure BS. McAfee SiteAdvisor has kicked themselves in the foot has become very unreliable.
     
  11. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    I see.....and understand.....so therefore I rest my case, McAfee SiteAdvisor did its job, it warned of potential danger! :cool:

    For clarification, the link that I Posted is to sandboxie.com's external link page, I DID NOT Post links directly to the external links that are marked as Red by McAfee SiteAdvisor.

    I can not believe that you never heard of sandboxie.com


    HKEY1952
     
  12. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,856
    .....

    I am referring to point 1, 2 & 3 in your first post, I cannot believe that was not obvious to you.
     
  13. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    There are NO ACTIVE LINKS there funkydude.....it is just an text description, the same text description is found on the McAfee SiteAdvisor Web Site.....

    If one visited the McAfee SiteAdvisor Web Site, they would see the same text description, the only difference being, clicking on that text description on the McAfee SiteAdvisor Web Site navigates one
    to the analytic diagnostics for that Web Site. There are NO ACTIVE LINKS to the Red Rated Suspect Web Sites on the McAfee SiteAdvisor Web Site or in ANY of my Postings in this Thread.

    My Postings of the Red Rated Web Sites are no different than McAfee's Publications on the McAfee SiteAdvisor Web Site other than McAfee provides links to further statistics for that particular Web Site.

    Perhaps you should Phone or Email McAfee immediately and inform them that they are Publishing text descriptions of Web Sites that are Red Rated.....


    HKEY1952
     
  14. inka

    inka Registered Member

    Joined:
    Oct 21, 2009
    Posts:
    408
    So, it's not an isolated incident & SA credibility has continued to deteriorate over the past 2 years.

    Google, Yahoo, and the other crawlers... they likely "know all" yet they tell little, in terms of warning of potentially malicious pages. Yep, I've often read that badware sites serve cloaking pages upon recognizing a crawler's user-agent HTTP request header, and/or only serve malicious content when requests come in from target IP ranges (let's pick on Rhode Island this week?) but if Google or whomever were motivated, they could proxy/disguise their requests.

    Currently, it's not a search provider's job (role, obligation) to issue warnings... but at the rate things are going, the masses likely will be flocking back to "walled garden" surfing, ala AOL in the foreseeable future. I suspect they'll be HAPPY to shell out $4.95 per month (or part of a larger package) to avoid the BS of drive-by downloads etc. Google may not collect the fees directly; instead, they may regionally partner with one (or the other) large ISPs.

    [don't worry, basic search results are still free. SAFE search results are gonna cost ya, though.]

    Alternatively, web browser vendors COULD introduce a tattletale feature. The browser of a user who has been "bitten" would tattle to the cloud in real-time. That would make redundant the "benefit" security product vendors are increasingly selling (hoping to sell).

    I haven't tried Google Chrome, but I've read that its design would attempt to achieve sandboxing. How's that playing out?

    Understandably, any of these what-ifs would undermine the perceived value of, need for, a service like SiteAdvisor. With these multiple possibilities looming on the horizon, shouldn't be surprising to note the unwillingness of McAfee to continue plowing money/staffing into the SA project.
     
  15. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    I lost any respect for SA when the privacy issues came to light some time ago.It used to serve a purpose back before better alternatives came along,but I,like others here don't like this idea of relying upon 'community rating' alone since any such rating is only as honest and reliable as the community that's doing the rating.
     
  16. HKEY1952

    HKEY1952 Registered Member

    Joined:
    Jul 22, 2009
    Posts:
    648
    Location:
    HKEY/SECURITY/ (value not set)
    The communities Web Site rating input at the Browser, that is sent to McAfee SiteAdvisor, is only suggestive analysis.
    The communities suggestive analysis is then compared, and/or integrated, into the factual analysis gathered by the McAfee SiteAdvisor Bots to further analyze and rate the Web Sites.
    In other words, computers perform the analysis and rate the Web Sites, NOT Humans.

    If there exists "better alternative" Online Web Site Rating Tools, please Post links to them.....


    HKEY1952
     
Loading...
Similar Threads
  1. ronjor
    Replies:
    1
    Views:
    260
Thread Status:
Not open for further replies.