Jay Neely puts it best at his Social Strategist blog: "Whenever Google enters a market, big changes happen.”
In a continual year long effort to make the Web more secure, the Anti-Malware team devoted to protecting its users from drive-by downloads at Google, shortly launched an Online security blog to keep web users well informed about security threats and provide appropriate updates and findings on recent trends relating to online security.
The unveiling of its security team has set blogs abuzz with conjecture about what Google might do next in the security arena.
The initial security posting by Panayiotis Mavrommatis and Niels Provos of Google’s Anti-Malware Team attempts to clarify misinterpretation of the company’s own study about the prevalence of malware online.
A recent Google paper on the subject was widely misinterpreted to the effect that one in 10 Web sites potentially host malware. The paper (PDF), titled "The Ghost in the Browser: Analysis of Web-based Malware," actually covered billions of sites.
A subset of those billions that were deemed suspicious was weeded out for in-depth investigation. Out of 12 million URLs inspected, Google found about 1 million that host drive-by downloads, for a total malicious site population of roughly 0.1 percent.
Google began tackling online security in a public manner last year. In January 2006, Google was among the companies that sponsored the launch of StopBadware.org, a site conceived to fill the role of a neighborhood watch group on the Internet.
Google has not been lax in making acquisitions, and I expect them to buy the expertise they need both to complement their knowledge of search, and possibly to enter the desktop security market, Neely wrote in his blog.
The Google Pack, “a free collection of essential software,” already includes Norton Security Scan and Spyware Doctor Starter Edition. I would not be surprised if Google replaced these with its own re-branded tool, but I also think they are more likely to offer an online utility.
Neely also points out that, unlike security companies, Google’s AdSense and AdWords profits are tied to lessening threats on the Web.
The insecurity of search came to the fore last May when a McAfee SiteAdvisor report found that search engines regularly returned risky sites when queried using popular keywords. Shortly before that report appeared, Google made an arguably long-overdue addition to its Webmaster Quality Guidelines: "Do not create pages that install viruses, Trojans, or other badware."
In the security post, Google has a map showing densities of malicious sites on a country-to-country basis. The United States and China are where the most activity is concentrated, with Russia and Canada right up there.
To avoid infection, Google recommends enabling automatic update for operating systems, browsers, browser plug-ins and applications, as well as running an anti-virus engine. Or, the search giant suggests, users can try running their browser in a virtual machine and reverting to a clean snapshot after browsing.
While Google’s efforts may provide some comfort to its users, cyberthieves appear to be unimpressed. Since last year, Google has been dealing with URL redirection exploits that allow phishers to disguise malicious URLs to look like Google links. While the company has closed some holes, others apparently remain.
Even so, not everyone believes Google is moving fast enough. Writing about an exploit that Google closed in February, Robert Hansen, CEO of security consultancy SecTheory, and the maintainer of ha.ckers.org under the name RSnake, said, "Google is riddled with these holes and they are incredibly easy to find."
“We are aware of the issue and working on a fix,” said a Google spokesperson