Google to be Our Web-Based Anti-Virus Protector ?

cyberianpan writes "For some time now, searches have displayed 'this site may harm your computer' when Google has tagged a site as containing malware. Now the search engine giant is is further publicizing the level of infection in a paper titled: The Ghost In The Browser. For good reason, too: the company found that nearly 1 in ten sites (or about 450,000) are loaded with malicious software. Google is now promising to identify all web pages on the internet that could be malicious - with its powerful crawling abilities & data centers, the company is in an excellent position to do this. 'As well as characterizing the scale of the problem on the net, the Google study analyzed the main methods by which criminals inject malicious code on to innocent web pages. It found that the code was often contained in those parts of the website not designed or controlled by the website owner, such as banner adverts and widgets. Widgets are small programs that may, for example, display a calendar on a webpage or a web traffic counter. These are often downloaded form third party sites. The rise of web 2.0 and user-generated content gave criminals other channels, or vectors, of attack, it found.'"

Only works through Goolge now...

[cyberianpan]

This is potentially a very useful service but not all URLs we visit are from Google searches, some we still type in others as links from pages. However could we soon expect a Firefox add in that will filter all http requests through Google ? So then our new overlords will indeed know everything about our web-habits ?

Pros and Cons

[PixieDust]

I can see a lot of Pros and Cons to this. While certainly it's good that such a major player is taking an active and aggressive stance on this, I thinkk it's also going to cause a lot of people to have a false sense of security. And while this only affects users who search for pages (and that is a LOT of traffic), it's still going to bring the question to some users "Google tells me if a site is dangerous, what do I need malware protection for?"

I surf almost exclusively in Windows, using IE (IE6 + XP Pro on Desktop, IE7 + Vista on laptop) with no protection, and I've not had an issue with malware in years. But most people's browsing habits aren't quite like mine.

One other effect I can see this having, is let's say www.bigcompanyhere.com gets tagged as being potentially harmful. Now Google has done them a favor by alerting them to a security problem, which they can then address, and are likely to do so much quicker to try and minimize damage to their image.

I'm fairly interested to see how this plays out.

Re:Pros and Cons

[Radon360]

One other effect I can see this having, is let's say www.bigcompanyhere.com gets tagged as being potentially harmful. Now Google has done them a favor by alerting them to a security problem, which they can then address, and are likely to do so much quicker to try and minimize damage to their image.

The next question would be, what are Google's plans/procedure for getting a site recrawled after a problem is corrected? I could see a company being be upset about not having a quick and effective way of getting this flag cleared after fixing the problem. Or, for that matter, a less scrupulous site operator removing the malware, getting cleared, then reintroducing it, and the repeat the cycle on the next crawl when it gets flagged again.

While I think Google would like to just say that such a warning would be reset on the next crawl showing a clean site, most businesses would not be happy about this. This could potentially become an administrative overhead nightmare if not carefully done.

Useful, if reliable, but not 100%

[Bearhouse]

Some people don't like, or cannot use, Firefox or Opera, plus sensible add-ons such as anti-phising plug-ins, noscript...

For example, one of my (very big) corp. customers is still running IE 7...

When I challenged the support guys about this, they said 'that's OK, we detect & block most things at the firewall'...

*sigh*

When I pointed out that:
1. That's bullshit.
2. Lots of their managers travelled, and surfed the net via unsecure methods like hotels using proxy servers, public wifi, they said 'that's OK, they can only access the intranet and internal mail via VPN'.

*double sigh*

So now I advise people not to click on URLs directly, or type them in, but go via Google. It's better than nothing...

Easy to defeat?

[140Mandak262Jamuna]

The malicious websites just have to skip the malicious code when the user agent string is google crawler. Are they going to change the user agent string? Will it be considered pretexting (the euphemism for impersonating)?