Dear McAfee,
On September 29, 2010, I wrote to you saying:
> Your SiteAdvisor has suddenly begun showing a red alert for our
> site, serendipity.li When I view the site report there is
> *nothing* to indicate any problem. Your report says:
>
> "Download tests for serendipity.li:
> 6 green downloads. In our tests, we found downloads on this site
> were free of adware, spyware, and other potentially unwanted
> programs."
>
> "Linked to green sites: When we visited this site, we found that
> most of its links are to sites which are safe or have only minor
> safety/annoyance issues."
>
> According to your report serendipity.li does NOT fail any email
> test and there are NO annoyances.
>
> There appears to be NO reason for McAfee to flag this site with a
> red alert. It appears to be an error. Please fix this.
On September 30 you replied:
>Thank you for contacting us and your interest in SiteAdvisor.
>SiteAdvisor engineers will look into your issue, and will issue a
change if it is deemed appropriate.
>Thank you for your patience during this process.
>
>Sincerely,
>Rajesh
>Avert Services
>McAfee SiteAdvisor
It is now October 25, my site at http://www.serendipity.li is still
rated red, and I have received no reply from McAfee. On your page
at http://www.siteadvisor.com/webmasters/index.html under "How long
will the evaluation process take?" you say: "Claims that McAfee
made a mistake: 10 business days once the evaluation is begun."
Under "What happens after the evaluation is done?" you say: "McAfee
will e-mail the site owner to share the results of its evaluation."
But it is now 26 days, and 17 business days, since you began your
evaluation so your reply regarding the results of your evaluation
is way overdue (and during these 26 days McAfee's red alert has no
doubt been causing many web surfers to avoid visiting my site).
On the same web page you say under "Why Is a Site Rated Red?":
"Sites are rated red when, in our judgment, the site poses
especially hazardous risks to a user's computer security, there are
an exceptional number of annoying behaviors, or there is
exceptional information that we believe our users would want to be
aware of before or during a visit to that site. Behaviors that
typically lead to red site ratings are hosting drive-by exploit
code, impersonating a legitimate business (phishing), making
unrequested or unexpected system changes, or hosting malware for
download at the time of our visit. Sites can also be rated red when
we receive unexpected e-mail to the unique e-mail address we
submitted to that site, and the e-mails we receive exhibit
characteristics consistent with spam e-mail, such as unusual volume
or a high "spamminess" score as determined by an automated scanning
program. Additionally, we may rate a site red for certain types of
linking behavior with other red sites, or when we find a site that
engages in activities we believe could be misleading."
My site Serendipity does not pose any security risk -- this is
confirmed both by Norton Safe Web and by Checkpoint Technologies'
ZoneAlarm Site Check, both of which give my site a green rating and
report zero risks (see
http://safeweb.norton.com/report/show?url=www.serendipity.li ) and
none of the reasons you mention regarding "when sites are rated
red" are true of my site.
According to your own report
(http://www.siteadvisor.com/sites/serendipity.li?version=2&core_ver=
1.0&pip=true&premium=false&client_ver=2.9.258&client_type=IEPlugin&s
uite=true&aff_id=0&locale=en-us&os_ver=5.1.3.0 ): "In our
[download] tests, we found downloads on this site were free of
adware, spyware, and other potentially unwanted programs. ... When
we visited this site, we found that most of its links are to sites
which are safe or have only minor safety/annoyance issues." Note
also that, according to your own report, Serendipity did not fail
any of McAfee's email tests, and no "annoyances" are listed. Also
there are no reports of spam, adware, spyware, viruses, browser
exploits, popups, phishing or other scams or bad shopping
experiences.
So why is McAfee red alerting my site? I want to know *exactly*.
It is not good enough for McAfee to hide behind techno-speak jargon
such as "millions of sensors", "proprietary technology", "analyzes
traffic and linking patterns", or to talk of "web reputation" or
"overall reputation rating" (these terms can mean anything you want
them to mean). If McAfee is "advising" (or rather misleading) web
surfers by claiming that it found "potential security risks" on my
site and that it should be "used with extreme caution" then you'd
better state exactly what these "potential security risks" are and
exactly why it should be "used with extreme caution". If you
cannot do this then McAfee is lying to the general public about my
website, which (if you persist in rating my site red) would be
grounds for legal action.
Among your reasons for rating sites red you mention the possible
existence of "exceptional information that we believe our users
would want to be aware of before or during a visit to that site",
but you do not provide any such information regarding Serendipity.
Perhaps you are rating my site red because of the information which
is on it. That would, of course, amount to attempted censorship.
I'm sure that McAfee would not wish to be known for censoring
websites which reveal information or express opinions which are
disliked by McAfee (or by one of McAfee's employees).
Since Norton Safe Web and ZoneAlarm both report zero security
risks, and SiteAdvisor itself identifies no specific security risks
(just asserting on no discernible basis that there are "potential"
security risks) it would appear that McAfee's red alert of my
website cannot be taken seriously, and that McAfee's credibility in
rating websites is close to zero. Word of this will soon get
around on the web.
Regards,
Peter Meyer
Owner of Serendipity
www.serendipity.li
|
Details here.