Security Information Vulnerability Research Security Blog

Security seal? sure have one, don’t bother testing or anything

September 3rd, 2008 by , Filed under: Commentary, Full Disclosure, Funny, Web

GoDaddy has decided to start giving away security seals to web sites. What is this security seal about? Well, it doesn’t say much beside telling you that GoDaddy verified something – what did they verify? It doesn’t say.

How does it work?

You are supposed to put a script tag inside your site, with the source reference of https://seal.godaddy.com/getSeal?sealID=[removed]

This generates HTML code that contains references to:

https://seal.godaddy.com:443/flash/sitesealgd_t_medium.swf?domainName=www.putyournamehere.com&color=000000

Changing the www.putyournamehere.com to www.re-electbush.com, www.mcainwon.com or even obamaisournewleader.com will show that you have been verified by GoDaddy – yeah!

Try it out yourself and see how you can get a godaddy seal with no effort – joy to the world :)

Share
  • MrGutts

    That is just great. Goes to show how great GoDaddy’s customer service is. Wait what am I saying, they don’t have any..

  • G

    Well, not to sound like I am defending GoDaddy, but it says “verify,” not “verified.” The two words mean different things, “need to verify” vs. “has been verified.” I’d assume it is supposed to work with all the code like ‘click to verify’ which would then take you to a page at GoDaddy that shows just what they did verify.

    It is misleading regardless. Also any domain name will do.

  • http://iraqhits.net/vb BroKeN

    No one needs that kind of seals ….!
    is there any news about the new godaddy’s dns exploit?

  • http://www.onesealusa.com/ goddy

    G, I am agree with you.
    Vast difference verify and verified.
    Not fair….

  • http://ultrastudio.org audriusa

    And that? Surely the no scan cannot detect all possible security issues but it may detect some, and after the owner fixes them the site gets more secure in comparison to that it was. Then having such seal on the side may indicate that the site team cares more about security than some other team that do not bother to order the scan. Even if the scan does not find all possible holes, it is also useful if it simply finds some.

  • Share







  • Categories


Security RSS Subscribe