Introducing Google’s online security efforts
Monday, May 21, 2007 9:43 AM
Online security is an important topic for Google, our users, and anyone who uses the Internet. The related issues are complex and dynamic and we’ve been looking for a way to foster discussion on the topic and keep users informed. Thus, we’ve started this blog where we hope to periodically provide updates on recent trends, interesting findings, and efforts related to online security. Among the issues we’ll tackle is malware, which is the subject of our inaugural post.
Malware — surreptitious software capable of stealing sensitive information from your computer — is increasingly spreading over the web. Visiting a compromised web server with a vulnerable browser or plugins can result in your system being infected with a whole variety of malware without any interaction on your part. Software installations that leverage exploits are termed “drive-by downloads”. To protect Google’s users from this threat, we started an anti-malware effort about a year ago. As a result, we can warn you in our search results if we know of a site to be harmful and even prevent exploits from loading with Google Desktop Search.
Unfortunately, the scope of the problem has recently been somewhat misreported to suggest that one in 10 websites are potentially malicious. To clarify, a sample-based analysis puts the fraction of malicious pages at roughly 0.1%. The analysis described in our paper covers billions of URLs. Using targeted feature extraction and classification, we select a subset of URLs believed to be suspicious for in-depth investigation. So far, we have investigated about 12 million suspicious URLs and found about 1 million that engage in drive-by downloads. In most cases, the web sites that infect your system with malware are not intentionally doing so and are often unaware that their web servers have been compromised.
To get a better understanding about the geographic distribution of sites engaging in drive-by downloads, we analyzed the location of compromised web sites and the location of malware distribution hosts. At the moment, the majority of malware activity seems to happen in China, the U.S., Germany and Russia (see below):
Location of compromised web sites. These are often sites that are benign in nature but have been compromised and have become dangerous for users to visit.
Location of malware distribution servers. These are servers that are used by malware authors to distribute their payload. Very often the compromised sites are modified to include content from these servers. The color coding works as follows: Green means that we did not find anything unsual in that country, yellow means low activity, orange medium activity and red high activity.
Guidelines on safe browsing
First and foremost, enable automatic updates for your operating system as well your browsers, browser plugins and other applications you are using. Automatic updates ensure that your computer receives the latest security patches as they are published. We also recommend that you run an anti-virus engine that checks network traffic and files on your computer for known malware and abnormal behavior. If you want to be really sure that your system does not become permanently compromised, you might even want to run your browser in a virtual machine, which you can revert to a clean snapshot after every browsing session.
Webmasters can learn more about cleaning, and most importantly, keeping their sites secure at StopBadware.org’s Tips for Cleaning and Securing a Website.
-
Archives
- September 2011 (4)
- August 2011 (4)
- July 2011 (2)
- June 2011 (4)
- May 2011 (12)
- April 2011 (7)
- March 2011 (18)
- February 2011 (17)
- January 2011 (6)
- December 2010 (7)
- November 2010 (4)
- October 2010 (13)
-
Categories
- $100
- $189 PC
- 1 person acapella
- 12.47 megapixel sensor
- 16gb
- 1800free411
- 1TB hard drive
- 2008
- 22281738
- 23769345
- 23771330
- 2TB
- 320GB 2.5-inch hard drive
- 3D
- 3D fabrication
- 3G
- 45nm
- 57-inch
- 64-core
- 746
- a million channels
- AACS
- AAPL
- acquisitions
- ad spending declines
- adobe photoshop express
- advertising
- advertising network
- adwords
- air horn
- alexa
- alexa rank
- all-in-one
- alternative energy clean technology
- amazon
- amazon fps
- AMOLED
- analytics software
- anime song generator
- answer
- aol
- APB
- appleTV
- aquantive
- architecture
- archos PMPs
- art advertisement
- articles
- asus
- Atom 330
- atom n270 performance
- audi
- audio watermarking
- baby monitor
- balloon in space
- basketball
- battery
- benq projectors
- best buy
- beyond web 2.0
- blackberry
- blackjack
- blog hack
- bluetooth
- box office earnings
- brand protection counterfeiting
- broadband
- broadband subscribers
- browser-based video
- building
- building faces
- burn
- buzzdash
- byo
- cameraphone
- cancer
- canon
- canon EOS 40D
- captcha
- case precedent
- casio exilim
- casual games
- cell phone
- cell phone mobile payments
- cellphone
- cellular over WiFi
- censorship
- channels
- characteristics of web 3.0
- charger
- cheer
- chipin
- cinematic effects
- circuit city
- citizen journalism
- clean technology
- clean water
- cleantech
- clickz
- clipblast
- CMOS
- coal plant
- code based promotions
- coke
- cold boot
- collapsible
- color scheme
- colored katydids
- combustion
- commonangels
- compactflash
- comparison engines
- compete
- conference
- consumer behavior
- consumer market
- consumer market research
- consumer power
- consumer purchasing
- context-based clustering
- contextual commerce
- copyright
- copyright infringement case precedent
- copyright law
- core 2 duo
- core i7
- corian Z
- coscripter
- counterfeiting
- crack detector
- crazyegg
- Creative Commons
- CTR
- current from vibrations
- customer
- customer loyalty
- customer service
- DAP
- DDR2
- DDR3
- deeplinking
- dell
- Dell XPS m1330
- democracy player
- design
- desktop
- didja
- diesel
- digg
- DIGIC II
- digital cameras
- digital cinema
- digital image sensor
- digital marketing
- digital media
- discover music
- distribution service
- DIY
- DNA art
- donation
- DPAC
- dpreview.com
- Dr. Augustine Fou
- DRM
- DTCP-IP
- dubai. energy efficient
- dvr
- e-paper
- earphones
- earth 2tech
- ebook
- ebooks
- eee box
- eggfusion
- electric car
- embed google maps
- embedded
- enthusiast
- entropia
- entropia 3D rendering
- epson 3LCD
- EU
- evolution from web 2.0
- exilim 12 megapixel
- expandable
- experiential marketing
- facebook ebay
- fake ID
- fax
- ferrari
- fiber optic tablecloth
- fiber to the premises
- fingerprint
- fios
- firefighting
- flash
- flavored water
- flexible OLED display
- Flextronics
- flickr
- flickr photo news
- flickrcash
- flickrcash flickr photos
- flickrcash flickr search stock photography
- flickrcash flickr search stock photography Dr. Augustine Fou
- flickrcash stock photography
- FlickrSlidr
- fluorescent lighting
- foleo
- food poisoning
- footagesandbox
- fotolog
- foveon
- framed pages
- frequent flyer miles
- freshbooks
- fruit harvesting machine
- fruit tattoo
- fujitsu
- gaming user generated
- genwi
- geothermal energy
- getty
- getty audio
- Getty Images
- getty stock images footage
- gift of music
- Glenn Gabe
- global warming
- glucose to fuel
- gmail
- gmail auto responder hack
- gmail hack
- gmail tasks
- go-digital marketing blog
- google adwords
- google analytics
- google checkout
- google chrome cache
- google earth
- Google Flight Simluator
- google image search
- google maps
- google online security
- google phone
- google powerpoint
- google talk
- google zeitgeist
- GPU
- green
- green car
- greeting cards
- groceries
- group buying
- group calling
- group chat
- group chief digital officer
- GSM
- gtalk
- GYI
- H and M clothing in SIMS
- h.264 hd encoding chip
- hacking gmail yahoo mail
- handwritten blogs
- hard drive new magnetic tech
- harry potter
- hcg
- HD projector
- hd-dvd
- hdr
- hdtv
- headphones
- hearst
- hitachi
- home entertainment system
- home phone
- hot or not
- hot or not business model
- hotornot
- how fast is intel atom n270
- hsdpa
- html converter
- hulu
- human-powered search
- hybrid mini cooper
- hydrogen generation
- hyphen digital
- i7
- iChat screensharing
- identity theft
- IE7
- ikea hotels
- ilike
- image manipulation
- images
- imagetrail
- implants
- incoming links
- incubator
- induction cooking
- industrial design
- industries
- instant messaging
- INTC
- integrated marketing
- intel
- intel 45nm
- intel atom 330 vs core 2 duo
- intel bearlake
- intel core 2 duo
- invalidation
- inventions
- inventory-centralized retail
- investment
- investors
- IP law
- iPhone
- iphone ringtones
- ipod
- ipod to TV
- ipod touch
- itunes
- jabra
- jerry yang
- jetblue
- jing
- jkwedding
- jkwedding video
- jkweddingdance
- joost
- jpeg
- Katerina
- keyboard
- kitchen
- kodak
- kodak digital camera
- laptop hard drive
- Larry Lessig
- lawsuit
- lawyers
- LCD
- LCD touch screen
- lcd tv
- LED
- LED backlight LCD
- LED display
- led lighting
- lego scale model
- levis
- levitation
- LG KS20
- li-ion batteries
- light
- light-sensitive
- lightbox
- linux
- liquid cooling for the masses
- low light
- LuckyOliver
- lympus
- macbook benchmark
- macbook pro
- made in china
- magnetic fields
- mahalo
- mailbox
- malware
- marketing
- marketplace answers
- me.dium
- media encoder
- medical images
- medical record
- megan fox
- meizu
- metrics
- microprojector
- microSD
- microsoft
- microsoft office
- microsoft yahoo google advertising
- mini
- mini projector
- miniPC
- miro
- missing link marketing
- MIT
- MMO
- motorola
- mp3
- mrm worldwide
- multi touch
- multi-point video posting
- multi-touch LCD
- multiple copies of same program
- music
- myspace news
- NAND
- nanoglue
- nanoprojector
- nanosolar
- nas
- nasa
- nbc venture capital
- NEC LCD
- nehalem
- network print sharing
- neuros OSD
- nokia
- not hackable
- not selling well
- NowPublic
- ntp
- nvidia
- Objects D'esire
- obvious
- octo-core
- October 28
- OLED
- Olympus
- omnicom
- online game
- online identity theft
- online money management
- online music
- online world game
- openCola
- overclocking
- paid reviews
- palm
- panasonic 12 megapixel hd shooter
- parakey
- password
- password managers
- patent
- patent lawsuit
- patent reform
- paypal
- pc
- PDF by email
- peonies
- personal asset
- peter kim
- pharming
- Philips
- philips ambilight
- phishing
- photo editing
- photo greetings
- photo tagging
- photobucket valuation
- photos
- photos flickr creativecommons
- photos for blogs
- photoshop
- Phreetings
- piclens
- pico projector
- PictureSandbox
- piezoelectric
- pingdom
- platial google mymaps
- player
- polls
- pollution detector
- polyesters
- polymer
- porsche design
- portable media
- post widgets to multiple sites
- postage
- pr
- prevent image download
- print server
- privacy
- prostockmaster
- prosumer
- prototype
- question
- RAM
- rank
- raw food
- RAZR 2
- rebate
- recorder
- remix
- remote control cell phone
- research
- restart windows
- retail
- retail theft
- revenue share
- RFID
- RFID cards
- RIAA
- ringle
- robert scoble
- roi of social marketing
- rss
- rubik's cube
- sageTV
- salesforce
- Samsung
- samsung cell phones
- samsung ssd
- sanyo xacti
- satl water
- screencapture
- screencasting
- Scribd
- Scribd investment VC
- scripps
- scrub clipboard
- sdhc
- search
- search innovations
- secondlife
- secondlife virtual advertising
- security loophole
- semacodes on ads
- set-top box
- seth godin
- sharp LCD
- shopping cart install
- sigma
- sign
- single login
- site stats
- skype
- slapvid
- SMS
- social marketing
- social media marketing
- social network
- social networking aggregator
- social surfing
- solar
- solar panel installation
- solar power thermal
- Solectron
- songbird
- sony OLED
- sony TFT
- spam
- speakers
- speed of information
- spffy
- spider web
- spiralfrog
- SSD
- starbucks publicity
- stars
- stats
- stephen hawking
- stereolithography 3D printing
- stereoscopic display
- Steve Fossett
- stock images
- stock photos
- streetview
- stylish projectors
- sugar
- supercomputer
- surface
- surveillance
- sweepstakes fraud
- swfir
- sync photos
- tablet PC
- tapefailure
- taxes
- taxonomy
- techcrunch
- TED2007
- tesla
- the long tail
- the perfect babe
- theives
- thermoacoustic
- thin film battery
- thin TV
- three gorges dam
- tivo
- toaster
- toolkit
- tools of production
- tornado
- toshiba hard drive
- trademark yoga
- transistor
- trash balls
- treo
- trustcode
- trusted opinion
- twango
- Uncategorized
- unlocked iPhone
- usb 2.0
- USB hub
- usb monitors
- USPTO
- VC
- vCore
- vdimm
- venture capital
- veotag
- verizon
- veryfunnyads
- VGA server
- video
- video editing
- video fingerprint tech
- video search
- videoegg
- videos
- virgin charter service
- virtual PC
- virtual sales associates
- virtual world
- visa
- voip
- voip over WiFi
- vonage
- watch
- watches
- wave energy
- weather
- web 2.0
- web 2.0 participation
- web 3.0
- web analytics
- web API
- web conferencing
- web design
- web OS
- webcam
- webmail
- wells fargo
- whatinhellwastheiragencythinking
- whatinhellweretheythinking
- whois
- widget metric traffic visitors views
- WiFi
- wifi extender
- WiFi repeater
- wiFi SD cards
- wiki
- windows
- windows vista
- wine high end
- wireless
- wireless USB
- witricity
- WOM
- woot
- word of mouth
- worldview
- WSJ
- xcavator
- xerox search
- xgrid
- yahoo
- YCombinator
- youlicense
- youtube
- youtube shooter
- zap
- zonbu
- zooomr
- zune
-
RSS
Entries RSS
Comments RSS