Earlier this year McAfee sponsored a rather interesting survey of search engine safety. Safety, that is, from the ‘how safe are the links they deliver and you click’ angle. Now, for the longest time, I have harbored a passing suspicion that the dodgiest links you can follow from any search engine are those that fall into the paid for placement category. You know, those links that appear at the top of the results heap no matter what; those that always fill the contextual advertising sidebars; those that try to tempt you away from the real search algorithm deduced deal.

The ‘Safety of Internet Search Engines’ report was more than supportive of my theory. Based upon a survey of the five major engines conducted between January and April, it confirmed that these sponsored results are nearly three times as likely as non-sponsored hits to lead to unsafe sites. Which makes something of a mockery of the much vaunted claims by the search supremos that such sponsored placements are subject to rigorous editorial policy. The evidence as presented by the survey results suggests that search placements are not checked, or at least not checked adequately enough. To put it into some perspective, the survey revealed that a Google advert is actually more than twice as likely to lead to an unsafe site as an organic search hit, and the figure for an sponsored Ask placement is nearly four times as likely.

Of course, there was as always an ulterior motive behind the survey, or at least the timing of releasing the results to the press: McAfee were plugging their SiteAdvisor resource. Those with a keen eye for such things might recall this as being the brainchild of a group of clever MIT engineers, launched way back in April 2005. As is often the case with bright ideas, and a tool that can help combat the problem of social engineering techniques employed by websites to spread spam, distribute malware and steal IDs is just that, SiteAdvisor was acquired by McAfee earlier this year.

Unusually for such acquisitions, this tool did not find itself absorbed into a commercial Internet Security Suite product, but rather has been released as a freely downloadable resource for both IE and Firefox users. Essentially it is like having a common sense laden angel looking over your shoulder as your browse, informing you whether the link you are about to click is safe, dodgy or somewhere in-between. Green for go, yellow for caution (the site testing might have revealed an attempt to change browser defaults or an increase in spam) and red for dodgy (adware installing downloads, browser exploit execution etc.) It’s the totally unobtrusive way that SiteAdvisor achieves this that impresses me most of all. From that traffic light quick check, right through to the way that if you want more detail you just have to click on the color-coded button and a report pops up with the test results revealed. It makes using Google, or Yahoo and MSN for that matter, a whole lot intrinsically safer.

And those ‘tests’ it refers to? Well these are the combination of automated link following bots that download linked files as well as registering at sites and monitoring resulting spam, plus analysis by Site Advisor teams. McAfee tell me that the sites responsible for 95% of web traffic have been tested and rated this way, with more than 700,000 files downloaded and checked, and 1.6 million online registration forms completed with 1.3 million email senders logged and tracked. It’s impressive and intuitive, exactly what a good security tool should be. I heartily recommend you try it out, and even more heartily recommend you get less tech minded friends and family to do likewise…

About the Author

As Editorial Director and Managing Analyst with IT Security Thing I am putting more than two decades of consulting experience into providing opinionated insight regarding the security threat landscape for IT security professionals. As an Editorial Fellow with Dennis Publishing, I bring more than two decades of writing experience across the technology industry into publications such as Alphr, IT Pro and (in good old fashioned print) PC Pro. I also write for SC Magazine UK and Infosecurity, as well as The Times and Sunday Times newspapers. Along the way I have been honoured with a Technology Journalist of the Year award, and three Information Security Journalist of the Year awards. Most humbling, though, was the Enigma Award for 'lifetime contribution to IT security journalism' bestowed on me in 2011.

You know, I'm not at all surprised by this. Considering that these thudheads that run these sites are willing to pay-per-click (or per whatever) to get the gullible to their sites, I find this to be no more than expected.
The problem though, that I see, is that many search-related sites (yeah, like Google), should they experience enough of a backlash, might not be so willing to take that money, and may feel they have to make that income up somewhere else, like, oh, I don't know, the users! (can you say, pay-per-search?). I don't think that will really happen though, but it does make one cringe.
Also not surprisingly, the impact of the figures in the report are somewhat mitigated by the fact that it comes, rather auspiciously, from a company with something of a history of overblowing statistics in order to suit its own ends. Perhaps the angle is to pump and give away Site Advisor as a way of saying, "See, Mr. consumer, we care about your security.", a position that might help the sales of their bloatware. Or perhaps (and I actually doubt this) they might be looking to charge for Site Advisor in the future.
At any rate, I have to agree that it's a great tool for the unwary and the unseasoned surfer, and I'll check it out, and if it seems efficacious, I'll recommend it.

Companies offering paid inclusion/per per click or otherwise need to filter those allowed or security firms will do what is necessary to protect their clients - by completely blocking out Googles ads or Yahoo ads, or whoevers ads. The only person that will suffer from this will be all the web publishers - you can't afford to run a site today if it isn't making some type of incoming.

Norton and other programs already block CJ and other affiliate programs for no reason, which HIGHLY affects your commission rates and tracked sales earnings since Norton or other related "security" tools block a cookie - come on.

The security companies need to focus on what they do best - stop the malicous software from being installed and detect it. I won't let McAfee, Norton or ANY other software vendor affecting what search results I see - I don't want to give up that control....... maybe others do. If these "security" products start affecting my search listings, I will simply use another product that doesn't.

Stupid move on McAfees part.

But that's the whole point, McAfee are leaving control to you - Site Advisor simply helps you make an informed choice about what you click before you click it. It blocks nothing, merely discretely flags the results.