Wrestling With Malware, Google Launches Security Blog

Google said it began tackling online security in a public manner last year.
In a continuation of its year-old effort to make the Web more secure, Google today launched an online security blog to keep Internet users informed about security threats. It makes no mention, however, of Google's ongoing vulnerability to redirection exploits.

The initial post by Panayiotis Mavrommatis and Niels Provos of Google's Anti-Malware Team attempts to clarify misinterpretation of the company's own study about the prevalence of malware online.

"Unfortunately, the scope of the problem has recently been somewhat misreported to suggest that one in 10 Web sites are potentially malicious," explained Mavrommatis and Provos. "To clarify, a sample-based analysis puts the fraction of malicious pages at roughly 0.1%."

While Google may be glad to set the record straight that only about one in 1,000 Web sites are potentially malicious, it says something about the state of online security that some simply accepted the 1-in-10 figure.

Google began tackling online security in a public manner last year. In January 2006, Google was among the companies that sponsored the launch of, a site conceived to fill the role of a neighborhood watch group on the Internet.

The insecurity of search came to the fore last May when a McAfee SiteAdvisor report found that search engines regularly returned risky sites when queried using popular keywords. Shortly before that report appeared, Google made an arguably long-overdue addition to its Webmaster Quality Guidelines: "Don't create pages that install viruses, Trojans, or other badware."

Three months ago in February, Google started to flag suspect search result links with the message, "This site may harm your computer." The company also disabled the links on flagged results, preventing users from visiting those sites unless they copied the URL and pasted it directly into their browser address bar.

That same month, Google also added a notification for owners of flagged sites to help those with good intentions identify and mitigate any malware they might be hosting.

While Google's efforts may provide some comfort to its users, cyberthieves appear to be unimpressed. Since last year, Google has been dealing with URL redirection exploits that allow phishers to disguise malicious URLs to look like Google links. While the company has closed some holes, others apparently remain.

"We're aware of the issue and working on a fix," said a Google spokesperson.

Indeed, Google has "started an effort to identify all Web pages on the Internet that could potentially be malicious," according to a security paper published by several Google engineers, Mavrommatis and Provos among them.

Even so, not everyone believes Google is moving fast enough. Writing about an exploit that Google closed in February, Robert Hansen, CEO of security consultancy SecTheory and the maintainer of under the name RSnake, said, "Google is riddled with these holes and they are incredibly easy to find."

Editor's Choice
Mary E. Shacklett, President of Transworld Data
James M. Connolly, Contributing Editor and Writer