The Federal Trade Commission has settled with the cheats over at ControlScan over their "misleading practices" and lying to customers about their site security. DarkReading has more on the story here. Personally, I think the opening paragraph of the summary says it best:
"ControlScan, a company that consumers have relied on to certify the privacy and security of online retailers and other Web sites, has agreed to settle Federal Trade Commission charges that it misled consumers about how often it monitored the sites and the steps it took to verify their privacy and security practices. The settlements will bar future misrepresentations. The founder and former Chief Executive Officer has entered into a separate settlement that requires him to give up $102,000 in ill-gotten gains."
Of course, some of us have been blogging and screaming about this type of crap for months, some of us years. These "security seals" have always been seen as a joke by anyone with an ounce of brainpower and understanding of how security works - but people like the ControlScan folks have been peddling this crap to customers who own websites and don't actually care about their customer's security - only their money. Whether you're talking about the ControlScan Seal, the HackerSafe seal, or the HackerProof seal - and there are others - it's all crap.
I fully realize that most of the security literate who read this blog know this already... and you're probably like me - when you see one of these seals you run and never go back to the site. The problem is that the average web-surfing Joe doesn't know better and sees one of these idiotic seals and thinks they're safe.
It's good to see the FTC has finally woken up and is doing something about these deceptive vendors selling a false sense of security. I can't wait to see the rest of them get lined up and taken down.