Electronics & Computers Deals here!
-
CNET editors' rating:
3.0 stars
Good
Detailed editors' rating - Average user rating: 3.0 stars out of 21 reviews
- See all user reviews
Product summary
The good: SiteAdvisor is free; works with Internet Explorer and Firefox.
The bad: SiteAdvisor delivered inconsistent testing results; doesn't work with Opera; doesn't work if paid version is running on IE; constantly reminds us that there's a paid version; isn't very configurable; relies entirely on white lists.
The bottom line: SiteAdvisor is one of the first secure browsing tools to go mainstream, however, since its acquisition by McAfee, the product delivers uneven test results and therefore can't be recommended over the free Netcraft toolbar.
Specifications: License qty: 1 user; License type: License; Min Operating system: Microsoft Windows Millennium Edition, Microsoft Windows XP, Microsoft Windows 2000, Microsoft Windows 98; ; See full specs
CNET editors' review
- Reviewed on: 02/16/2007
SiteAdvisor began as a standalone company, and was purchased in early 2006 by veteran security vendor McAfee. Bundled within McAfee Internet Security Suite 2007, SiteAdvisor is also available as a free download for Firefox and Internet Explorer, and as a paid service, SiteAdvisor Plus, for $20 ($40 for three users) and available for Internet Explorer only. Using an algorithm that weighs a number of different criteria, from the number of spam e-mails generated after registering with the site, the number of downloads associated with the site, and, finally, the ratings of various links embedded within the site, SiteAdvisor makes a determination as to whether a site is safe to visit. As you search or visit a Web site, SiteAdvisor queries its database and returns its results as colored icons on a search page, a colored button on your browser, or blocked Web site access. In theory, this is an effective means to warn users regarding bogus sites; however, SiteAdvisor sometimes gave legitimate sites that have been defaced by cross-site scripting attacks clean bills of health; perhaps they were fine when SiteAdvisor first evaluated them, but these sites have since taken on hacker-introduced malware. On the other hand, SiteAdvisor consistently and accurately warned us appropriately for each of the test phishing sites we chose.
We downloaded and installed SiteAdvisor from the McAfee site onto a Firefox browser. We had some minor trouble. For example, if you have Firefox running the free SiteAdvisor on the same machine as Internet Explorer running the paid SiteAdvisor Plus, we found the free version gave inconsistent results. The fact that two editions of SiteAdvisor can't co-exist on the same machine struck us as odd. We also found that if you use the native browser within AOL or other branded browsers supplied by subscription services, you will need to open a separate instance of Internet Explorer to see the SiteAdvisor ratings. Other than that, we found SiteAdvisor played well with other antiphishing tools tested, including Linkscanner Pro, the Netcraft toolbar, and the native antiphishing tools within Firefox 2 and Internet Explorer 7. SiteAdvisor does not work with Opera. Because SiteAdvisor blocks access to a suspicious site, it often competed with Internet Explorer 7's own antiphishing protection, which is notoriously slow. In order to compare results we had to disable SiteAdvisor to let IE7 process a page.
SiteAdvisor has no configuration options, which can be frustrating to more advanced users. Should you ever want to remove SiteAdvisor, we found the uninstall process quick and clean. After restarting each test browser, we found all traces of SiteAdvisor were removed.
Unlike the Netcraft toolbar, which only detects suspected phishing sites as you access them, SiteAdvisor and Linkscanner Pro both display their safety ratings over your current Google or Yahoo search result page. SiteAdvisor does not work with Microsoft Live.com results. But the heuristics within SiteAdvisor appeared to be off during our tests, a fact confirmed by McAfee. Thus, sites previously rated as clean that have since been defaced still came up clean.
One defaced Web site, a Massachusetts-based restaurant Web site, is infected with a malicious Trojan. By viewing the source code of the page, we can see the hacker-added iframe script at the very bottom; in this case the code calls out to a site in Korea known to host malicious code. SiteAdvisor rated the restaurant's site as green, or clean. Another example is a sex site hosted in a foreign country; it hosts (either deliberately or not) a malicious WMF file. With SiteAdvisor (both the paid and free editions) we were able to access both sites, and we were also prompted as to whether we wanted to install the tainted WMF file. Neither the Netcraft toolbar nor the antiphishing protection within Firefox 2 or Internet Explorer 7 blocked our access to these two sites. Only Linkscanner Pro flagged it, allowing us access to the site after it had stripped out the malicious content.
But Linkscanner Pro failed to identify most of the suspected phishing sites we visited, and here's where the premium SiteAdvisor Plus truly shines. Using 10 sites recently reported to a reputable, independent phish-tracking site, we found that the premium SiteAdvisor Plus identified and blocked access to all 10 sites, tied with the free Netcraft toolbar; next best tools were Linkscanner Pro and Firefox 2, each identifying or blocking access to 7 suspected phishing sites; they were followed by Internet Explorer 7 with an abysmal 5, or half the sites visited. The free edition of McAfee SiteAdvisor gave us inconsistent results over the five days we tested it, so it was not ranked. In general, we found that IE 7 (at the bottom of our results pile) consistently failed to catch phishing sites less than one hour old, although IE 7 caught all phishing sites known for at least one hour or more. Most phishing sites are removed after their initial 72 hours.
McAfee doesn't include a tutorial for using SiteAdvisor Plus. What McAfee does provide is a contextual knowledge base, asking you a series of questions. There is also an FAQ on the SiteAdvisor site, although it could be much more thorough. Should the knowledge base or FAQ fail to answer your question, you're taken to another window where a remote scan will attempt to diagnose what is wrong. If none of these solutions work, you're given more options, including online chat, user forums, and e-mail.
SiteAdvisor, since its acquisition by McAfee, delivers uneven test results and therefore can't be recommended over the free Netcraft toolbar. SiteAdvisor lacks configuration options, doesn't work with Opera, doesn't work with branded browsers from AOL and other services, and this free version installed on Firefox appears to conflict if the paid version is installed on Internet Explorer. Overall, we experienced greater flexibility and fewer hassles when using the free Netcraft toolbar, and we also liked the proactive nature of Linkscanner Pro better.
- See more CNET content tagged:
- McAfee Inc.,
- phishing,
- McAfee Internet Security,
- phishing Web site,
- Microsoft Internet Explorer 7
User reviews
- Average user rating: 3.0 stars out of 21 reviews
- My rating: 0 stars Write review
-
Showing 5 of 21 user reviewsSee all 21 user reviews
-
5 out of 5 people found this review helpful
-
2 out of 2 people found this review helpful
"SiteAdvisor is a unique browser safety plug-in that quickly INFORMS you about the sites you visit"
-
2 out of 2 people found this review helpful
"Siteadivor is a must-have program whenever you use the internet."
-
1 out of 1 people found this review helpful
-
1 out of 1 people found this review helpful
- See all 21 user reviews Write review
