Spiga

Yahoo Search adds SearchScan, a malware filter

May 6, 2008 Posted by GoodLe

Yahoo launched a beta service called SearchScan that will warn you when pages shown in the search results contain viruses, spyware or send unsolicited emails. SearchScan basically uses the reports from McAfee's SiteAdvisor, a service that gives you information about particular websites: if they contain spyware, adware, malware or other threats, if they send unsolicited emails, or if they link to other websites that contain these threats. The problem? If you're a webmaster you must be sure that the other websites you're linking to are "green", because if you are linking to sites that are marked as insecure (a big red X) your website will be marked accordingly.

Back to the SearchScan service, basically when you're doing a search on search.yahoo.com you'll see that some results have a warning right below the title (e.g. Warning: Dangerous Downloads) and when you hover over it you get more details about the threats that website contains:

SearchScan will be turned on by default for all users in the U.S., Canada, UK, France, Italy, Germany, Australia, New Zealand and Spain. Google Search also offers for a long time now a similar service in collaboration with StopBadware.org, which will mark websites that install browser exploits or other unwanted malware with a "This site may harm your computer" splash. Unlike Google's service, Yahoo SearchScan will also show a warning when the website you're about to visit sent multiple unsolicited emails, but, when you click on the search result of a such filtered website it will let you visit that site without any additional warnings (Google shows another page before letting you visit the website).
However, Yahoo SearchScan offers a setting that lets you "Never display websites indicated as potentially harmful" (by default it will "Alert you to websites indicated as potentially harmful") and you can change the setting here

One quick bug I've discovered using Yahoo SearchScan, whenever you hover a warning for a first result, the pop-up balloon with the information is stretched somewhere at the top of the browser and you only see the lower part of it

Labels: , , ,

1 comments:

Jim Buckley

9:19 PM

Yahoo has posted a false “Unsolicited Emails” warning associated with our website, www.rumford.com, when searching for “Rumford fireplaces”. The warning is generated by Yahoo’s partner, McAfee SiteAdvisor. False because SiteAdvisor says they made that determination by “entering our e-mail address on this site”. Problem is, we have no forms or any other way to automatically enter an email message. I do all the site maintenance manually in html and sweep all the pages onto the Internet myself.

Thinking that SiteAdvisor had somehow made a simple mistake, I tried to contact them by phone and email - to no avail. After a month of trying, I have not gotten to anyone who will listen. Rather, I get transferred from one anonymous customer relations person to another. Same so far with McAfee and Yahoo.

So I have complained to the Washington Attorney General and the California and Texas Better Business Bureau and have hired a lawyer - just to try to get someone in charge to talk with me.

I have also spent some time surfing the blogs to see what others think about McAfee and Yahoo. I learned that McAfee falsely targets many websites with their faulty but arrogantly defended technology - and then blames their victims. There is plenty of discussion about the websites McAfee has falsely red tagged on several blogs, such as http://ycorpblog.com/2008/05/05/do-you-know-where-you-mouse-has-been/ and http://www.crn.com/security/208401061 and http://groups.google.com/group/Google_Webmaster_Help

I also discovered at http://www.sec.gov/news/press/2006-3.htm that McAfee paid a $50 million penalty to settle a lawsuit filed against them by the SEC for fraud.

If you'd like to join us please contact me.

Jim Buckley
360 385 9974
buckley@rumford.com

Post a Comment

Subscribe to: Post Comments (Atom)