Thursday, March 02, 2006

Trying Out SiteAdvisor

The Washington Post's Security Fix blog has an article about SiteAdvisor, a supposed security enhancing plugin for Firefox and other browsers. CNet gives it a five-star rating, and it works with Linux, Macs, and Windows. After reading the various articles, I had to try it out.

So what is it? SiteAdvisor maintains a database of ratings for web pages. For example, if you search for "Digital Cameras," Google will give you links to places like Circuit City, Best Buy, WalMart, K-Mart, etc. Beside most sites will be a green checkmark. Hovering the mouse over the checkmark gives you a pop-up window which says that SiteAdvisor finds the site is safe, and that if you sign up with that site you might get 1-2 emails per week, or whatever the frequency is.

If, however, you search for "free digital cameras," Google gives you a whole different set of sites. SiteAdvisor puts a red X beside some of these sites, and tells you that you might get "100 spammy emails/week" if you sign up with them.

For any webpage you visit, SiteAdvisor puts a clickable link at the bottom of your browser. This has the same kind of information, and details such as "the things you can download from this page are free of spyware, adware, and other unwanted programs," if the site is safe.

In other words, SiteAdvisor tells you if a given web page can be considered, even remotely, as safe.

The Security Fix article tells you how they do it. Essentially, they put a Windows computer with an unprotected copy of IE online, go clicking around, and find out what kinds of trash gets picked up.

So I had to try it out. I've been using it for, oh, 10 minutes or so, and it's ... we'll, it hasn't done much for me yet. It's only been 10 minutes for Teal'c's sake. But it definitely has potential.

So I'm going to try it out for a few days, and if it changes my life for better or for worse I'll let you know. In the meantime, I'll leave you with a few observations, in no particular order:

  • You have to click on an EULA before they'll let you view the thing. Turns out this is proprietary software, and you're not to reverse-engineer it or look at it funny. I don't have a big problem with this, but if you're a purist you won't load this thing.
  • The Firefox plugin is available from SiteAdvisor, not Mozilla, so you'll have to explicitly allow Firefox to download the file. After downloading the extension, I called up Firefox's Edit => Preferences => Content page, clicked on Exceptions to "Warn me when web sites try to install extensions or themes," and deleted the SiteAdvisor site from the allowed download list. No sense allowing a commercial company to put Extensions on my computer at will, not that they probably would.
  • "The trial version of our software is free of charge. In the future, we will offer paid versions with additional premium features." In other words, they want to hook you, then make you pay. Well, I can always delete it.
  • Not all sites are rated. This blog, for example, has no rating.
  • Hmm. I guess that's all I've gotten out of the first ten minutes of use.

Anyway, you may want to try SiteAdvisor out, or you may want to wait to see if it somehow ruins the web for me. If it does, I'll let you know.


rcjhawk said...

Oh yeah, I forgot to add:

SiteAdvisor knows every address you type into your browser. They promise not to use it for evil, but you'll have to decide if that's OK or not.