Badware hunters tame wild Webmasters, hosts

Paypal and VeriSign throw their support behind the StopBadware project, which has so far netted a list of over 600,000 suspect apps

If hijacked sites and hosting companies that fail to police malware distribution sources represent two of the most serious threats to Internet security, there may be hope for improvement, according to researchers working with Harvard Law School's StopBadware.org.

After publishing a list of rogue Web site hosting companies and launching a campaign to label every malicious site they can find on the Internet, an effort that has filtered out over 600,000 nefarious applications thus far, the StopBadware team says that people are responding.

The project currently counts less than 250,000 Web sites that it classifies as distributors of programs that qualify as badware -- any application that either tries to hide itself or any of its intentions, based on the parameters of the effort. StopBadware also announced that Internet mainstays Paypal and VeriSign have joined its influential cast of sponsors, which includes Google.

By inserting warnings into Google's search results that steer end-users away from malware and adware sources, while communicating with those responsible for creating or handing out the suspicious programs, progress is being made, according to StopBadware's lead researchers.

"The interstitials delivered with Google search results are working, and we've been able to communicate with a lot of Webmasters. It's having a neighborhood effect," said Prof. John Palfrey, executive director of Harvard Law School's Berkman Center for the Internet and Society. "We're reaching out to hosting companies and Webmasters and filtering the complaints where it seems useful, and we've seen many people change their behavior."

In addition to all the people who have no idea that their sites are being used to pass out malicious programs and those who misunderstand the nature of the applications they're distributing, StopBadware researchers say that even those who create many of the programs are engaging in the give and take.

For those who can be reached, the debate over whether or not a particular program qualifies as badware typically can be resolved, with very few of those who agree to modify their applications going on to repeat their behavior, said Jason Callina, one of the StopBadware researchers.

"We're seeing a low recurrence of people coming back on the lists once we've gone through the testing and communications process. People are actually helping each other move off the lists," Callina said. "When there's ever any serious disagreement, it's always an argument of our definition of spyware versus theirs."

Most Webmasters complain about the interstitials on Google -- which they are notified of 24 hours in advance and given the opportunity to appeal. But the immediate drop in search-driven traffic that the warnings produce quickly convinces people to either take any questionable applications offline or kill their sites altogether, Callina said.

Meanwhile, StopBadware's list of hosting companies responsible for supporting the largest number of malware sites resulted in at least one leading culprit -- iPower Technologies -- changing its ways, while two others have disappeared completely. Others have also begun to modify their behavior, Palfrey said.

"The best measure of our success is when any of these companies change their business process and we're seeing them adjusting," said Palfrey. "At the same time, we're trying to enable end users to make better choices with their using habits."

So many of the people who end up on StopBadware's list need help understanding what it is that they're doing wrong that the team feels its ability to mete out advice is being overwhelmed, he said.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Maryellen Rose George

Brother PT-P750W

It’s useful for office tasks as well as pragmatic labelling of equipment and storage – just don’t get too excited and label everything in sight!

Cathy Giles

Brother MFC-L8900CDW

The Brother MFC-L8900CDW is an absolute stand out. I struggle to fault it.

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?