Friday, May 25, 2007

Google launches security awareness effort using the blogosphere

There is another effort to curb fraud, phishing and financial misdeeds in the blogosphere. This week, Google launched a blog called the "Google Online Security Blog," which is designed to protect their users from the sometimes dangerous (murky) waters on the Internet.

In their own words (from their first post):

Online security is an important topic for Google, our users, and anyone who uses the Internet. The related issues are complex and dynamic and we've been looking for a way to foster discussion on the topic and keep users informed. Thus, we've started this blog where we hope to periodically provide updates on recent trends, interesting findings, and efforts related to online security. Among the issues we'll tackle is malware, which is the subject of our inaugural post.

In this post they discuss "drive by downloads," which install what I call "cybernasties" on systems, often designed to steal personal, or financial details. They point out that Google already warns users of malicious sites in their search results and that users can prevent these sites from loading using Google Desktop Search.

They have also included a link to a paper, which studies this issue.

Since Google (as far as I know) isn't selling security software, the paper is well worth a read. This isn't to say that a lot of the papers published by security companies aren't relevant, it just means that Google's effort isn't designed to sell security software.

They also point out that most of the sites they investigated that download malware a.k.a. crimeware belong to webmasters, who don't know they've been hacked and are being used to compromise systems.

This post was written by Panayiotis Mavrommatis and Niels Provos of Google's Anti Malware team and includes a link to has a lot of great tips on how to protect and avoid the growing phenomenon of malware (crimeware).

Google's Online Security Blog can be seen, here.

I look forward to seeing what else they come out with!

No comments: