The Security Mentor

Security people have a funny reaction to the word "trusted". Their hackles go up, they arch their backs, and their tails puff out.

"Trusted", you see, doesn't mean "trustworthy". When you see the word "trusted" in security literature it means "something you have to trust because you don't have any choice".

The Netscape web browser comes with what sounds like a nifty feature. They rate web sites and change security settings based on the trustworthiness rating. The theory is that if you wind up at a site that installs spyware, and if the site is a known one, your browser will put its deflector shields up.

How do they decide what sites are safe and which aren't? They get a list from their "trusted security partners". There's that word, "trusted". How good a job do the "trusted security partners" do?

Spyware Warrior sharply questioned the Netscape trusted sites list. Many sites on the list are known sources of spyware/adware/whateveryoucallitthesedaysware. (via Broadbandreports).

It's a funny world when you get better advice from fictional characters than from a commercial product that you pay for, but here's some good advice about trust:

"Trust is earned. Not given away!" -- Lt. Worf, The Wounded
"Trust requires time and experience" -- Capt. Picard, First Contact