Google Getting Into Malware Detection

Written by ray on May 29, 2007
Categories: News

Malware distribution has been moving to the web and now Google is moving into the anti-malware business. The question is: Are they looking to get into it as a business or are they getting into it to protect their business?

In early May Google published their Ghost in the Browser(pdf) report. The headlines from the report were that 10% of websites are dangerous. If this was an antivirus or antispyware vendore we could say they’re trying to sell software. But the report seemed like bad news for Google. As an Internet advertising business, which is where they make almost all their money, they need people to trust the Internet.

The on May 21st Google started a Oneline Security Blog and along with it the news that they had an anti-malware team which has been around for about a year. Their first post clarified the “1 in 10 dangerous websites” headlines:

Unfortunately, the scope of the problem has recently been somewhat misreported to suggest that one in 10 websites are potentially malicious. To clarify, a sample-based analysis puts the fraction of malicious pages at roughly 0.1%.

Google has also been flagging sites in their search results if Google thinks the site may be harmful. There are security vendors which also have products that flag potentially malicious sites so this isn’t unique. But it’s free and already built in. As the Google blog and report point out, a fact that a site may be dangerous could be unknown to the owner since in many cases these are legitimate sites that were hacked.

Then on Monday Google announced that they purchased Greenborder. Greenborder provides “safe surfing” software by running IE or Firefox in a virtual session which isolates it from the rest of the PC. This technology protects the PC from drive-by downloads. An interesting note here is that Greenborder no longer offers there product for download. They appear to have pulled it shortly before the announcement. They still support existing customers. So is Google planning to release a free version or include it in their toolbar?

I wonder what Symantec, Microsoft, McAfee and other vendors with online security products are thinking? It appears Google’s getting into their business, although in a vary focused way so far. Google’s cash cow is search, web security would just be a way to get people to trust, and use, their search and then click on their ads. It can’t be good news for security software vendors but is only going to help us.

Tags: ,

Comments are closed.