RealTime IT News

McAfee SiteAdvisor Bugs Out

Surfer beware?

McAfee  today unveiled software to help consumers avoid stumbling onto sites that spam them, place adware on their computers or try to extract financial data by pretending to be their bank.

When SiteAdvisor customers click on a link to a site that McAfee thinks is malicious, the tool redirects them to a buffer site warning them that the site in question represents a security risk.

SiteAdvisor Plus is an extension of McAfee's SiteAdvisor, which rates sites by placing green, yellow or red marks next to the hyperlinks that come up in search results.

While SiteAdvisor can be downloaded free of charge, customers must pay $24.99 per year for each user and $49.99 per year for up to three users in a household for SiteAdvisor Plus.

In addition to tagging Web sites with its tri-color warning system, SiteAdvisor Plus includes a password-activated function that creates a physical buffer between users and sites that are marked as either yellow or red.

Users clicking on a link so designated will be redirected to another page alerting them that they are going to a potentially malevolent site.

The solution also monitors links contained in e-mail and instant messaging.

Currently, the solution supports most e-mail and instant messaging clients, including those offered by Microsoft , Yahoo  and Google .

The company expects to begin supporting AOL  e-mail and instant messaging services by early next year.

SiteAdvisor monitors such links by referring back to databases of white listed and blacklisted sites.

If a given link isn't on either list, the software performs a heuristic check on the fly to determine whether a site is safe.

Mark Maxwell, senior product manager for SiteAdvisor, said that the real-time heuristic check can cause a delay of up to two seconds between when the link is clicked and either the clean site or the buffer page are loaded.

But Maxwell said that this happens infrequently because SiteAdvisor has already documented 95 percent of the sites on the Internet.

"The blacklist is updated almost hourly," he told internetnews.com.

In the event that a user clicks on a link to an unknown site, the heuristic check includes a verification of the URL to determine if the display matches the underlying URL, and whether form fields on the destination site are written using HTTPS rather than HTTP.

"Those are the obvious checks. We use other more sophisticated checks too, but we don't want to tip our hand," said Maxwell.

McAfee is making this solution available exclusively online and is not selling it through brick and mortar retail channels.

According to Merrill Lynch analyst Ed Maguire, security vendors are getting an increasing number of new customers from ISP, online and OEM channels.

This reflects a long-term shift in emphasis from products toward services that produce recurring revenues, he wrote in a note reviewing the sector.

Jonathan Singer, an analyst with the Yankee Group who follows the security sector, said it would have made more sense for McAfee to bundle SiteAdvisor Plus with a more complete security suite.

"Security at the consumer level is moving toward suites," he noted.

McAfee is the number three vendor of antivirus software in the United States, with 14.6 percent of the market, according to data from NPD and Merrill Lynch.