- Related Stories
-
Deploying the wisdom of the crowds against badware
June 29, 2006 -
Spyware fight attracts a crowd
February 10, 2006 -
Google, Sun, others band to fight spyware, adware
January 24, 2006
The search giant is using data from the Stop Badware Coalition to flag sites that are potentially host to malicious software. Google, along with Sun Microsystems and Chinese PC maker Lenovo, announced support for the group in January.
People who attempt to go to a Web site that has been identified as risky by the coalition are taken to a warning page.
"Warning--the site you are about to visit may harm your computer!" the page states in bold type, then suggesting users can "learn more about malware and how to protect yourself at StopBadware.org."
The interrupt page suggests that users can try returning to the search page and choosing a different result, trying another search, or they can continue to the potentially malicious site."We're not going to say don't do it," said John Palfrey, a professor at the Harvard Law School and one of the driving forces behind the effort. "What we want to do is basically give people some more information about what might happen to their computer."
Harvard has teamed with Britain's Oxford University to provide much of the manpower for the coalition's Web-monitoring effort. People can report sites that have malicious code on them, and then a human being checks the report before any sites are flagged, Palfrey said.
Palfrey likens the effort to a "Neighborhood Watch" program. Sites in question are not removed from search engines, but the idea is that users are warned of potential problems. Although the Stop Badware Coalition has been working closely with Google, Palfrey said he would like to see other search engines tap its watch list as well.
"We very much encourage other search engines to join and use the data in the same way," he said. "We're quite open."
A Google representative was not immediately available for comment.
Stopbadware.org is one of a number of coalitions aiming to stop the spread of malicious code. Initially, the group was focused on merely identifying bad programs, but not necessarily on working on which sites distributed the code.
"The initial idea was to say that law in the ordinary sense of the word has not been doing a good job with these highly distributed problems--spyware or viruses or spam," Palfrey said.
See more CNET content tagged:
coalition, malicious code, Sun Microsystems Inc., search engine, Google Inc.
If a system of this type isn't 100% water tight, which it isn't then its going to be more harm than good ;)
Hackers will target those 'trusted' sites and embed malware into them.
XSS is so wide spread, you'd need to close down the internet to legally say 'this site is trusted'.
lolz, what if you say a site is trusted and it isn't, can single moms and retired couples sue your *****?
lolz, hackers will use the system to their advantage, you're solving nothing, accept confuzing legitmate consumers into a false sense of trust and security.
Hackers don't need to create silly free hosted web pages to implant malware.
Just research properly wants going on. Only today it was announced, for example, there are 40 unpatched XSS zero-day on the Symantec.com web site.
To flag Symantec or not to flag? Consumers a bit edgey and unsure about this Bdware thingy, you bet they are.
Hackers rubbing their hands to target sites not flagged, belonging to major vendors? You bet.
You will just be shifting the problem to 'other sites' and changing trends, than stopping or decreasing malware.
You might succeed in hackers never using GeoCities, Angelfire, Googlepages etc again, but they will move into new areaz to deliver the same malwarez
Move the problem off free host sites and onto XSS exploitable web sites.
You bet security professionals would rather 'the problem' stays on free hosting sites than forcing the absolute 100's of thousands of XSS holes out there.
Right now XSS isn't used in wide spread malware distribution, but if forced they will, and it will shift the problems into a more serious code injection agenda.
At least while the sites are there, they can be tracked and shutdown, once you kill that trend and create an XSS epidemic of attacks, far worse a security situation that you have with free hosting sites redirecting single moms and retired couples too.
Your project should be slammed by the security industry, to avoid a transition from one trend into a far more worrying trend.
Take care :)
Nobody learnz
Oh well, security nil, badhats 1, yet again!
Björn Lundahl,
Göteborg Sweden
There's no censorship, you're simply receiving a warning about a potentially harmful website.
The links produced by using googles search engine are links that google have either been paid to produce, or have been asked to produce - but they're running on google servers and being displayed by google software.
If you distrust that Oxford or Harvard engineers can decide whether a site is harmful or not you can choose to ignore the warning and continue to the website.
If you feel that this is too much like a net nanny or preaching a "holier than thou" message at you, you can choose to use another search engine.
But what we can't do is tell google that they're not allowed to run their software how they choose to, or that they aren't allowed to warn their search customers about potentially harmful websites.
In a way they do bare some responsibility for the result of using their links (after all people sue businesses if they come to harm using that businesses product, even if it's obvious that their behaviour with that product is dangerous) - so I consider this more of a warning label for their less reputable listings than anything like censorship.
If google wants to 'warn' users by putting a little graphic icon next to results, that would be sufficient. But to actually hijack a link is too much. And then, of course, there will be innocent publishers getting branded incorrectly as malware sites. Will google be the recipient of numerous libel suits for ruining the reputation of publishers?
They have every right to run their software any way they choose, just as you have the right to not use it. For all you know they could already be filtering out websites they don't want you to see - like they do for the Chinese government.
They take money to put particular websites at the top of their search lists, and they take money to place them down the sides or along the bottom of the page.
But these sites have been verified as potentially harmful by Harvard and Oxford - and it's up to you to decide whether you trust these entities to make that decision. You've simply been told that a particular site might be harmful, you're not prevented from going to that site, and you're not prevented from using another search engine that fails to warn you about sites hosting malware.
So it's not really a free speach issue, there's no government entity forcing you to use google.
If you decide that this is too similar to an oversensitive net nanny making your choices for you, go to the at least half a dozen other search engines that operate in the way you're happy with.
Google is putting up a false sense of security in that they won't catch all sites and some which they fail to flag will contain malacious code. That said... are they willing to guarantee that NO site which they don't include that warning on WILL include malacious code? Hardly not. That said, then what's the point other than to give people a warm-fuzzy feeling that Google might be safer than Yahoo or other search engines.
Bottom line: There will be a lot of false-positives and a few positive-falses. False-positives are quite known in the security world, but Google will be creating a new term "false-positives" in which they don't flag as malacious, but which contains malacious code!!!
My bet is that somebody will draw them into court over the matter and probably win and then they'll stop this non-sense!
It's a marketing ploy at best... and a false (wet) security blanket at worse!!!
Walt
present concern to me), all it will take is one lawsuit by a web site
Google warns about to put an end to this. Lawyers control
everything in American, including love, eating, and breathing.
WHAT EVER HAPPENED TO THEIR GOLDEN RULE OF 'DO NO HARM'? Google's definition of 'Malicious" is harming many sites that simply have code that fits their description of malware, but by other definitions is NOT. What the HELL is Google thinking?
This is really pissing me off! Getting AV and Anti Malware software is the responsibility of individual users. Google has NO RIGHT to arbitrarily throw up warning pages on sites based on one definition of 'malware'.
This is an OUTRAGE - BIGGEST MISTAKE GOOGLE HAS MADE!!
- by safemode55 October 19, 2009 3:30 PM PDT
- This is a fascinating dilemma. The obvious two problems are 1: Can you trust these Harvard and Oxford people to be all honest and straight forward chaps without a crazy extreme right wing religious agenda? I don't think so. Secondly ; How exactly do they determine if a site is dangerous? If it's a porn site it is by definition automatically dangerous? I don't think so. I see a lot of serious problems with the implementation of this.
- Like this Reply to this comment
-
(21 Comments)