Google is issuing warnings to Web surfers when they are about to click on a Web site that could be hiding malware able to infect their computer.
Google has launched this initiative as part of its partnership inStopBadware.org, a malware clearinghouse established by Harvard Law’s Berkman Center for Internet & Society together with Oxford University’s Oxford Internet Institute. Besides Google, it is supported by a number of major tech companies including Lenovo and Sun Microsystems.
When a Google user clicks on a particular site identified as harmful by the organization, a warning pops up that links to a general page on StopBadware’s Web site. Currently, these links go to a general page, according to a statement on the organization’s Web site. “But as we finish researching sites, we’ll replace the general page with one of our individual Web site reports,” StopBadware says.
Given that Google is the most-visited search engine, the Internet security community is happy to have the backup.
“Google is providing an additional layer of protection,” Sophos senior security consultant Ron O’Brien told TechNewsWorld.
Despite the growing awareness of the need for security software among consumers, he says, many still don’t use it correctly. “They don’t always keep their anti-malware software up to date.”
New Front in Malware Wars
Approaching the security issue at the search engine level is a relatively new strategy, but it is one that is likely to catch on. In addition to reasons cited by O’Brien, there is the fact that a very large percentage of adware and spyware is picked up from Web pages.
Sophos is in the process of developing a similar product, a Web security appliance called “WS 1000.” Like StopBadware’s research initiative, it will establish an information base regarding suspect URL addresses. “It will analyze the behavior of the code on the page before it is loaded,” O’Brien says.
Besides adware and spyware, “unwanted applications” — a new category of malware a user can pick up from a Web site — are becoming more prevalent, O’Brien reports.
“These are applications not necessarily referenced in end-user agreements,” he says. “For instance, if a user were to download a screen saver from a Web site, it might come with a payload with adware or spyware associated with it.
“What Google and we are proposing to do is give Internet users more information about the potential application that they are about to download.”