Badware hunters tame wild Webmasters, hosts

Paypal and VeriSign throw their support behind the StopBadware project, which has so far netted a list of over 600,000 suspect apps

If hijacked sites and hosting companies that fail to police malware distribution sources represent two of the most serious threats to Internet security, there may be hope for improvement, according to researchers working with Harvard Law School's StopBadware.org.

After publishing a list of rogue Web site hosting companies and launching a campaign to label every malicious site they can find on the Internet, an effort that has filtered out over 600,000 nefarious applications thus far, the StopBadware team says that people are responding.

The project currently counts less than 250,000 Web sites that it classifies as distributors of programs that qualify as badware -- any application that either tries to hide itself or any of its intentions, based on the parameters of the effort. StopBadware also announced that Internet mainstays Paypal and VeriSign have joined its influential cast of sponsors, which includes Google.

By inserting warnings into Google's search results that steer end-users away from malware and adware sources, while communicating with those responsible for creating or handing out the suspicious programs, progress is being made, according to StopBadware's lead researchers.

"The interstitials delivered with Google search results are working, and we've been able to communicate with a lot of Webmasters. It's having a neighborhood effect," said Prof. John Palfrey, executive director of Harvard Law School's Berkman Center for the Internet and Society. "We're reaching out to hosting companies and Webmasters and filtering the complaints where it seems useful, and we've seen many people change their behavior."

In addition to all the people who have no idea that their sites are being used to pass out malicious programs and those who misunderstand the nature of the applications they're distributing, StopBadware researchers say that even those who create many of the programs are engaging in the give and take.

For those who can be reached, the debate over whether or not a particular program qualifies as badware typically can be resolved, with very few of those who agree to modify their applications going on to repeat their behavior, said Jason Callina, one of the StopBadware researchers.

"We're seeing a low recurrence of people coming back on the lists once we've gone through the testing and communications process. People are actually helping each other move off the lists," Callina said. "When there's ever any serious disagreement, it's always an argument of our definition of spyware versus theirs."

Most Webmasters complain about the interstitials on Google -- which they are notified of 24 hours in advance and given the opportunity to appeal. But the immediate drop in search-driven traffic that the warnings produce quickly convinces people to either take any questionable applications offline or kill their sites altogether, Callina said.

Meanwhile, StopBadware's list of hosting companies responsible for supporting the largest number of malware sites resulted in at least one leading culprit -- iPower Technologies -- changing its ways, while two others have disappeared completely. Others have also begun to modify their behavior, Palfrey said.

"The best measure of our success is when any of these companies change their business process and we're seeing them adjusting," said Palfrey. "At the same time, we're trying to enable end users to make better choices with their using habits."

So many of the people who end up on StopBadware's list need help understanding what it is that they're doing wrong that the team feels its ability to mete out advice is being overwhelmed, he said.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld

Comments

Comments are now closed.

Latest News Articles

Most Popular Articles

Follow Us

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Resources

Best Deals on GoodGearGuide

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?