Helping people with computers... one answer at a time.
We're often enticed or directed to websites we've never been to before. We'll look at a couple of tools to help identify safe web sites.
How do I know if a site I'm about to visit is a safe web site? Is there any software I can use to know this, or some other technique?
This turns out to be a frustratingly difficult problem to solve.
It's not that there aren't some solutions to identifying safe web sites, but rather that the solutions themselves can often be inconsistent.
But used properly, there are some ways you can at least gather a little additional data before taking the plunge and clicking that link.
The short answer is that there's no authoritative, canonical list of what is and what is not safe. In part because even the word "safe" has different meanings depending on who you ask. For some people "safe" simply means no malware could be downloaded by visiting the site; for others "safe" means things like there not being any risque humor present.
By the former definition, a site like my Forwarded Funnies is quite safe, and by the latter, it's not safe at all (there's definitely some risque, and even "blue" humor on the site).
So I don't think you'll ever get an absolute safe/not-safe decision from anywhere. At best you'll get data that'll let you make that determination yourself.
I'm going to point you at two tools for that data: McAfee's Site Advisor, and Web Of Trust.
I'm also going to use their analysis of Ask Leo! to describe what they do, and while I might mention them as interesting, I can't actually recommend either as authoritative.
Site Advisor evaluates a number of characteristics of a site: things like what email you'll get if you sign up, where the site links out to, what kinds of things you can download from the site and if they contain malware, and more.
Site Advisor's Review of Ask Leo! gives it a good review. But even in that good review there are some minor issues:
(Note: this is as of this writing on 11-Oct-2009 - the information displayed is likely to change over time.)
"What our inbox looked like after we signed up here:" correctly states that you'll get one email per week, but displays something completely unrelated as "what our inbox looked like".
"Download tests" lists a download that I don't host; it's a fine download, but it's not from Ask Leo!.
The "online affiliations" for Ask Leo! is at best incomplete, and those shown don't seem the most relevant to a safe/not safe determination.
There are also several positive (Thank You!) user comments about the site. More on that below.
Web of Trust also displays information about sites, but in a slightly more easy to grasp manner: on 4 different rating scales: Trustworthiness, Vendor reliability, Privacy and Child Safety. It also keeps track of whether the site was recently bookmarked in the social bookmarking site Delicious, which typically indicates that someone found it useful, and the tech news and information site Digg, which typically indicates that someone found it interesting or newsworthy.
As I might hope the Web of Trust scorecard for Ask Leo! ranks the site highly across the board, and once again there are several positive (Thank You!) user comments about the site.
"So, where do these sites get their information?" you might ask.
They have basically two different approaches.
From McAfee's site:
These site ratings are based on tests conducted by McAfee using an army of computers that look for all kinds of threats ... . The result is a guide to Web safety.
What you're seeing in the McAfee SiteAdvisor review is the result of those tests, plus additional user comments. The Site Advisor software, when installed, makes the overall rating visible, reviews available with a click from within your browser.
Web Of Trust (WOT) is more community driven. It has browser add-ons that not only display the rating of the site or page that you're visiting, but actually allow you to contribute your own rating and comments.
From the site:
Web site ratings are continuously updated by millions of members of the WOT community and from numerous trusted sources, such as phishing site listings.
What you're seeing when you look at WOT information is the combination of the reviews, ratings and opinions of other users like you.
I stop just shy of actually recommending either of these services. Let me be clear: these are both good, reputable services. There's value in the information that they provide.
But I have two concerns:
occasionally incorrect information
occasional browser add-on problems
I've experienced both, and with both products, but I'm most concerned with incorrect information.
Every so often Ask Leo!, or a page on Ask Leo! will get erroneously flagged as malicious, when it is most certainly not. I don't know if it's a failure of the automated tools, in McAfee's case, or a failure of appropriate screening of user feedback in the case of WOT, but it happens.
And I know it happens to other sites as well, as I've used both these tools in the past and seen sites that I know are safe yet are flagged as something less than that. It's not often, but often enough so as cause me to question the overall accuracy of the information being used.
So I'm a little hesitant.
What I can say is this: give them a try. As I said, there is good information here. You don't need to install their add-ons if you don't want: simply visit their sites and enter in the URL of the site you want to know more about.
But then take that information with a grain of salt. Use it as part of your own decision making process. Read and understand the reviews, and see if they are fair and make sense.
One of the best things you can do as you surf the web is to simply be skeptical. Don't believe everything you read, every promise made, or every offer. That goes for links people directly you to; it goes for the information people might post on sites like Site Advisor or WOT; it even goes for what you read here on Ask Leo!.
Use some common sense - I'm guessing you already have a sense for what's good or bad; listen to that sense. Use tools like Site Advisor or WOT to gather additional data if you're not sure, or even just a plain old Google search for more information.
And if it's not worth your time to do the extra checking, then it's almost certainly not worth the risk of visiting a site you're not familiar with.
I'm actually quite interested in additional techniques readers are using to identify or avoid good or bad sites on the internet. Feel free to leave a comment with what you do to stay safe.