SiteAdvisor began as a standalone company, and was purchased in early 2006 by veteran security vendor McAfee. Bundled within McAfee Internet Security Suite 2007, SiteAdvisor is also available as a free download for Firefox and Internet Explorer, and as a paid service, SiteAdvisor Plus, for $20 ($40 for three users), but is available for Internet Explorer only. Using an algorithm that weighs a number of different criteria, from the number of spam e-mails generated after registering with the site, the number of downloads associated with the site, and, finally, the ratings of various links embedded within the site, SiteAdvisor makes a determination whether a site is safe to visit or not. As you search or visit a Web site, SiteAdvisor queries its database and returns its results as colored icons on a search page, a colored button on your browser, or blocked Web site access. In theory, this is an effective means to warn users regarding bogus sites; however, SiteAdvisor sometimes gave legitimate sites that have been defaced by cross-site scripting attacks clean bills of health; perhaps they were fine when SiteAdvisor first evaluated them, but these sites have since taken on hacker-introduced malware. On the other hand, SiteAdvisor consistently and accurately warned us appropriately for each of the test phishing sites we chose.
We downloaded and installed SiteAdvisor Plus from the McAfee site, but we had some minor trouble. For example, if you have Firefox running the free SiteAdvisor on the same machine that has Internet Explorer running the paid SiteAdvisor Plus, we found the free version gave inconsistent results. The fact that two editions of SiteAdvisor can't coexist on the same machine struck us as odd. We also found that if you use the native browser within AOL or other branded browsers supplied by subscription services, you will need to open a separate instance of Internet Explorer to see the SiteAdvisor ratings. Other than that, we found SiteAdvisor played well with other antiphishing tools tested, including Linkscanner Pro, the Netcraft toolbar, and the native antiphishing tools within Firefox 2 and Internet Explorer 7. SiteAdvisor does not work with Opera. Because SiteAdvisor blocks access to a suspicious site, it often competed with Internet Explorer 7's own antiphishing protection, which is notoriously slow; in order to compare results, we had to disable SiteAdvisor to let IE7 process a page.
SiteAdvisor Plus has one configuration option, to turn on Protected Mode or not. Protected Mode is a password-enabled feature that automatically blocks access to dangerous sites. McAfee says this feature is designed for multiuser Windows systems--for example, parents blocking dangerous sites for minors--but we'd rather see SiteAdvisor block only the dangerous components on a site rather than block full access to the sites themselves. Should you ever want to remove SiteAdvisor, we found the uninstall process to be quick and clean. After restarting each test browser, we found all traces of SiteAdvisor were removed.