However, Mark Edwards in an article for Windows Secrets Newsletter has highlighted the various ways that this simple-sounding technology breaks down.

And the prime reason is greed.

In the continuing search for profit, McAfee have cut support for the product so much that any changes can take a whole year to propagate

This means that a nefarious person can set up a ‘good’ site, get it checked by McAfee, then once they’ve got the green light, redo the site completely with any malware and dodgy links they want to include whatever, safe and sound behind the green light of the Site Advisor checks, knowing full-well that no checks will be done for a year!

A security system is only as good as the weakest link in the chain – and this isn’t very strong, at all!!! Line & Learn eh? Live and Learn.

Now, (today, 11 Feb 2009), they’ve broken into F_Secure as seen in their posting here: F-Secure.com – SQL Injection + Cross Site Scripting.
I was just thinking today, that the crown jewels for a hacker to hack has got to be the Windows Update site. Any malicious code dumped there would probably bring the world to a halt for a few days….
So I’ll just watch and wait. NOD32 next…or Symantech…or McAfee…or…

A nice comment has appeared here on this blogger’s site, “Security and the Net”. The blogger is a Dutch IT professional and says;

“It’s also a good reminder never to trust any code, whether it was produced in-house or by a contractor”

And that’s my point – no security system, no work or creation of man is perfect, and for the UK Government to put all their paranoid security into one massive ID Cards basket, is just stupid. Because it all runs on code.