SkiifGeek writes "When the team at Sunbelt Software picked up on a sneaky hack present on the Bank of India website, it became a unique opportunity to see how the various anti-phishing and website trust verification tools were handling a legitimate site that had been attacked.
Unfortunately, the results showed that not one of the sites or tools identified that the Bank of India website was compromised and serving malware to all visitors. This isn't the first time that trust verification sites have had trouble identifying web content, with noted web application researcher RSnake recently taking umbrage at the classification that SiteAdvisor applies to his site." Link to Original Source
This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.
Actually really wrong... If you plan to push your own product, at least have the dignity to do your homework right.
Check out the ZDNet article on the same subject - http://blogs.zdnet.com/security/?p=487 [zdnet.com]. Clearly showing a screenshot of one of the products mentioned NOT to detect the malicious code, flagging BOI as malicious...
Not really true (Score:2)
Check out the ZDNet article on the same subject - http://blogs.zdnet.com/security/?p=487 [zdnet.com]. Clearly showing a screenshot of one of the products mentioned NOT to detect the malicious code, flagging BOI as malicious...
Jeez...