Posted by Scott Clark @ 7:24 am
McAfee Hackersafe Case Shows Fragility of Credibility Indicators
Filed under: Ideas
Jan
8
2008
8
2008
The ScanAlert “HackerSafe” logo is a credibility indicator for commerce based websites. Anti-virus and anti-hacker companies are losing ground against financially-well-backed hacker groups looking to exploit faults for money, not just thrills.
But Informationweek reported that a “HackerSafe” website had been compromised on December 5th and some customer information stolen. Geeks.com, who had the vulnerability, is handling things this way:
Geeks.com has reported the incident to federal authorities and Visa, and is encouraging customers to review their credit card statements for unauthorized charges. The company has set up two help numbers — 1-888-529-6261 or 1-212-560-5108 for non-US customers — that will be active starting on Tuesday for those with questions about the incident. It is also providing contact information for the major credit agencies to make it easier to report any identity theft fraud arising from the incident.
Consumers see the “Hackersafe tested daily” logo as being a sentinel. It is constantly scrutinizing the website for vulnerabilities. But it’s often past vulnerabilities that matter. As seems to be the case here:
“…Nigel Ravenhill, a ScanAlert spokesman, said today via e-mail that the vendor had withdrawn the Hacker Safe certification from Geeks.com “several times” last year due to the existence of vulnerabilities in the retailer’s systems. Geeks.com fell out of compliance with ScanAlert’s security requirements last June and then again in December, according to Ravenhill.
During these periods, the Hacker Safe seal was not allowed to appear on their Web site,” Ravenhill wrote in the e-mail. “Preliminary evidence uncovered while investigating this matter suggests that the breach most likely occurred during one of these periods.”
The headlines leave things up in the air “‘Hacker Safe’ website gets hit by hacker” and “‘Hacker Safe’ Geeks.com Hacked” certainly get people’s attention, but in some ways are irresponsible. Unfortunately that’s how Journalism sometimes works. It’s up to McAfee to save the story. I don’t think they did.
Three things are wrong with the Hackersafe / Scanalert situation
- “Tested Daily” should show “Scanned since” or “Secured since” — along with the last day the logo was “taken offline” for any reason.
- “Hacker Safe” tells a story of invincibility that simply doesn’t exist. Hacker Safer doesn’t have the same marketing punch, but is more accurate.
- A better PR response from Mcafee was needed here. No comment was given on the informationweek article, and the one given above to Computing magazine was not very informative to most. It would seem that ScanAlert would be ready to address these things when they happen in a well-crafted way.
del.icio.us Digg it ma.gnolia Netscape reddit StumbleUpon Yahoo MyWeb
8
2008
ScanAlert’s Reply:
The allegation that Geeks.com was hacked while it was certified HACKER SAFE is false and misleading, and does not match the facts provided by Geeks.com to its customers. So far, no one knows exactly what happened, or whether this breach occurred on the web site or somewhere else. There is no evidence that this web site was hacked while it was certified HACKER SAFE. In fact, all of the information that ScanAlert has gathered so far indicates that this breach did not happen while Geeks.com was certified HACKER SAFE.
9
2008
I would contact InformationWeek.com and ComputingMagazine.com and point out their headlines are problematic.
I agree the headlines on those magazinesites should have been written differently, which is pointed out in my post above.