[ insider_reports_insider ]
Google Seeks Better Web Page Security
David Utter
Staff Writer
2007-05-10
 Insider Reports RSS Feed
The threat of malicious websites hosting exploits has reached a point where Google's engineers have decided to respond with a security analysis of the pages they index.
 | | Google Seeks Better Web Page Security |  |
For websites that contain malware through no active fault of the webmaster, or sites that do not properly sanitize user contributed content, the ultimate Internet penalty could be imposed on them - a Google advisory that the site found in a search is unsafe.
That could effectively destroy traffic to a site that has been hacked or designed poorly. Nick Carr calls Google's security aims a plan to police the Web.
"If the plan goes forward, Google will use new software to automatically identify compromised web pages in its database and label them as "potentially harmful" in its search results," he said in a blog post.
Google's internal analysis, seen in their PDF report on malware delivered through regular websites, found hundreds of thousands of web pages that either launch drive-by downloads of malicious or suspicious software.
The search company plans to fight back with a heuristic look at the pages they index.
Carr thinks the stakes are high for webmasters and designers.
However, Google's Matt Cutts took issue with Carr's headline about Google policing the web, and described it as inaccurate.
"Almost exactly a year ago, Google and other search engines were raked over the coals for exactly the opposite reason: allowing users to get infected with malware from search engine results," said Cutts.
He noted that Google users liked the malware protection the search site his already deployed, which serves up an interstitial warning to someone about to visit a potential malware site.
"Certainly compared to other search engines I think we provide more notice to users about potential malware urls, and we provide more info to webmasters about potentially hacked urls," said Cutts. "So I think Google's response to this issue balances the needs of users and webmasters pretty well."
It all comes back to botnets, and the widespread infestation of bots in computers worldwide.
That spread has been partly due to the drive-by nature of infections cited by Google's Niels Provos, one of the people who conducted Google's security study.
He observed how bots have been victimizing casual visitors of websites hosting that malware.
With the ability to silently install, and in some cases deactivate the security software in place that could stop it, bots are a primary threat to Google.
They could cause people to mistrust Google's search results, and the search company does not want that to happen.
---
Tags: Google, Computer Security
About the Author:
David Utter is a business and technology writer for SecurityProNews and WebProNews.
More insider_reports_insider Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
