MalicioussitesNot long ago, anti-virus programs and firewalls kept you safe from unwanted viruses and harmful content.  Email attachments were one of the biggest culprits for distributing malware, but now things have changed and websites that seem harmless are actually infesting your computer.

To help with this issue, Google has come to the rescue in hopes of providing users the opportunity to browse the web safely.  They’re considering the use of software to identify potentially harmful web pages, and in the search results, any of these sites would be labeled as “potentially harmful” so that everybody would know before they visited.

Google recently did a study, and what they learned from it was that there are around “450,000 web pages that launched drive-by downloads of malicious programs.  Another 700,000 pages launched downloads of suspicious software.”

Out of the malicious programs that were identified as part of this study, many of them were “bot software” which collects sensitive data from users like banking transactions, and then it’s emailed to a temporary account.

This is a big deal to Google because people are getting to these sites after they’ve been directed to them from Google searches. Google’s new system, while there aren’t a whole lot of details about it yet, reminds me of a Firefox and IE Extension that Ryan just wrote about called TrendProtect. It automatically scans the page that you have open as well as search results from Google, MSN, and Yahoo to look for any potential problems.

Google Security specialist Niels Provos gives more details about Google’s effort and explains that:

To address this problem and to protect users from being infected while browsing the web, we have started an effort to identify all web pages on the Internet that could potentially be malicious. Google already crawls billions of web pages on the Internet. We apply simple heuristics to the crawled pages repository to determine which pages attempt to exploit web browsers. The heuristics reduce the number of URLs we subject to further processing significantly. The pages classified as potentially malicious are used as input to instrumented browser instances running under virtual machines. Our goal is to observe the malware behavior when visiting malicious URLs and discover if malware binaries are being downloaded as a result of visiting a URL. Web sites that have been identified as malicious, using our verification procedure, are labeled as potentially harmful when returned as a search result. Marking pages with a label allows users to avoid exposure to such sites and results in fewer users being infected.

So now, with that, is Google censoring material? Is it up to them to determine which sites are good, and which ones are not? What happens if their system isn’t always accurate which is bound to happen?

I’m actually pretty fond of this idea because I’d like to be warned if a site is potentially dangerous. Plus, they’re not removing the sites from their index, they’d just be labeling them as potentially harmful.

If the thought of Google filtering the content you’re searching for just doesn’t seem right, on the bright side, at least there are many alternative search engines available to you.

Source: Rough Type