base64 - 10:22 pm on Jan 8, 2008 (gmt 0)

Some time ago I found XSS security bug in scanalert.com site :)
Basically i was able to make "hacker safe" sign to be sertified on any site ...
This service is useful, so that clients believe that your e-commerce site is secure. It's like SSL - most of the hacks are possible with or without SSL, anyway having SSL in use will raise client's trust to website. It's more like psychological factor.
And my suggestion to website owners - let someone to do the pentest or source code audit. It's much more effective then "hacker safe" nonsense.