Friday, April 29, 2016

A note on website safety ratings from Webroot (mine, at least)

Webmasters who wonder how Webroot, among other security companies, assesses the safety of websites, can visit this resource  and enter the domain name.
I showed the results for “” and “”.

It does appear that newer sites with low popularity are “penalized” because many malware sites are new and pop up like mushrooms.  But that sounds like saying that a statement proves its converse (it doesn’t – it does prove its contrapositive).

It appears that the “.me” redirection (from the “billboushka” blogspot blog) got penalized because it is less conventional (Montengro).  Google assigned the name because the “.com” is in use with Verio, a small domain that may soon be removed (material to be consolidated elsewhere).

It seems that free custom subdomains of Blogger (Google) and Wordpress (Automattic) get higher safety ratings than redirected personal domains.  (Tumblr may be similar.)  That's partly because of the popularity and direct supervision of security by large, well-known companies.  It also appears that it is easier to put in https on subdomains.  But subdomains don't have the reputation of being as "professional" and offer less support if there are problems (like incorrect marking of spam blogs).  Webroot may be writing about this problem more soon on the Threat blog; I've chatted with them about this on Twitter today and asked them to talk to EFF, too.

No comments: