Badware hunters tame wild Webmasters, hosts

Paypal and VeriSign throw their support behind the StopBadware project, which has so far netted a list of over 600,000 suspect apps

If hijacked sites and hosting companies that fail to police malware distribution sources represent two of the most serious threats to Internet security, there may be hope for improvement, according to researchers working with Harvard Law School's StopBadware.org.

After publishing a list of rogue Web site hosting companies and launching a campaign to label every malicious site they can find on the Internet, an effort that has filtered out over 600,000 nefarious applications thus far, the StopBadware team says that people are responding.

The project currently counts less than 250,000 Web sites that it classifies as distributors of programs that qualify as badware -- any application that either tries to hide itself or any of its intentions, based on the parameters of the effort. StopBadware also announced that Internet mainstays Paypal and VeriSign have joined its influential cast of sponsors, which includes Google.

By inserting warnings into Google's search results that steer end-users away from malware and adware sources, while communicating with those responsible for creating or handing out the suspicious programs, progress is being made, according to StopBadware's lead researchers.

"The interstitials delivered with Google search results are working, and we've been able to communicate with a lot of Webmasters. It's having a neighborhood effect," said Prof. John Palfrey, executive director of Harvard Law School's Berkman Center for the Internet and Society. "We're reaching out to hosting companies and Webmasters and filtering the complaints where it seems useful, and we've seen many people change their behavior."

In addition to all the people who have no idea that their sites are being used to pass out malicious programs and those who misunderstand the nature of the applications they're distributing, StopBadware researchers say that even those who create many of the programs are engaging in the give and take.

For those who can be reached, the debate over whether or not a particular program qualifies as badware typically can be resolved, with very few of those who agree to modify their applications going on to repeat their behavior, said Jason Callina, one of the StopBadware researchers.

"We're seeing a low recurrence of people coming back on the lists once we've gone through the testing and communications process. People are actually helping each other move off the lists," Callina said. "When there's ever any serious disagreement, it's always an argument of our definition of spyware versus theirs."

Most Webmasters complain about the interstitials on Google -- which they are notified of 24 hours in advance and given the opportunity to appeal. But the immediate drop in search-driven traffic that the warnings produce quickly convinces people to either take any questionable applications offline or kill their sites altogether, Callina said.

Meanwhile, StopBadware's list of hosting companies responsible for supporting the largest number of malware sites resulted in at least one leading culprit -- iPower Technologies -- changing its ways, while two others have disappeared completely. Others have also begun to modify their behavior, Palfrey said.

"The best measure of our success is when any of these companies change their business process and we're seeing them adjusting," said Palfrey. "At the same time, we're trying to enable end users to make better choices with their using habits."

So many of the people who end up on StopBadware's list need help understanding what it is that they're doing wrong that the team feels its ability to mete out advice is being overwhelmed, he said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Matt Hines

InfoWorld
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?