[jeffgrant]

I can tell you that most of the "Hacker Safe" scans are completely bogus, and check only simplistic things.

I do security engineering for a living (everything from EA Online gaming transactions to online banking sites), and 99% of these so-called services are complete BS.

It is VERY trivial to set up a properly "Verisigned" and "Hacker Safe" site that will completely hose you and rip you off.

"Verisign" just means that they've paid their money for a certificate, it does nothing to validate the intentions of the business, etc.

I could set up a simplistic numbered company, get a valid Versign cert, and easily pass the "Hacker Safe" scans, and still bilk you of your CC numbers, etc.


I think that the Hacker Safe stuff is there doing the same thing as the TSA... providing a SENSE of security to the uninformed end-user, but in reality it does nothing to promote true security/etc.

All that stuff is put into context by the amount of technical knowledge that the end-user has... the more they understand, the less it means.


$0.02