×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Google Adds Data About Malware To Transparency Report

Soulskill posted about 10 months ago | from the for-connoisseurs-of-worldly-fare dept.

The Internet 20

Nerval's Lobster writes "Google is adding data about malware to its Transparency Report. For the past seven years, the search-engine giant has offered a Safe Browsing program that warns Web-surfers about unsafe Websites (i.e., those loaded with malware or phishing scams). The new section of the Transparency Report will show how many people see those Safe Browsing warnings on a weekly basis, along with other malware-related tidbits, including Webmaster response times to threats and Website reinfection rates. The data includes malware distribution by autonomous systems, which are one (or more) networks controlled by a single entity such as a university or ISP. 'This data is part of our effort to support a safer and more secure web,' read Google's explanatory note in the Report. 'By sharing information from our scans, we hope to encourage cooperation among those who battle malware.' Google takes all that autonomous system data and breaks it down by country. For example, of the 31 million Websites in the United States scanned by Google, roughly 2 percent host malware. In other words, this data just reinforces what pretty much everybody knows: it's not a safe Internet out there."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

20 comments

NSA Malware (0)

Anonymous Coward | about 10 months ago | (#44116263)

Did they add the NSA and their illegal surveillance to this Malware list?

Surely the NSA is the biggest piece of Malware out there right now, I hope google added them to this list.

Re:NSA Malware (2)

AliasMarlowe (1042386) | about 10 months ago | (#44116329)

Surely the NSA is the biggest piece of Malware out there right now, I hope google added them to this list.

One of the biggest distributors of malware, certainly, but they outsource this function to numerous others (possibly including Microsoft, Apple, Oracle, etc.). The NSA is probably also one of the biggest purchasers of malware [zdnet.com].

Will they include ... (2)

DavidClarkeHR (2769805) | about 10 months ago | (#44116279)

Being warned against malware is great - on the other hand, I don't tend to use the internet (or my computer) in a way that would make me susceptible to most infections.

Now, being warned about potential government spying on the other hand ... that would be useful.

Re:Will they include ... (1)

auric_dude (610172) | about 10 months ago | (#44116387)

Sounds like a man in the middle attack where Google alters and amends the data returning from the site you wish to visit, but, they are at least polite enough to inform you of their intervention.

Re:Will they include ... (1)

tukang (1209392) | about 10 months ago | (#44116893)

I don't tend to use the internet (or my computer) in a way that would make me susceptible to most infections

Vast majority of malware attacks spawned from legit sites [arstechnica.com]

Re:Will they include ... (0)

Anonymous Coward | about 10 months ago | (#44117025)

Not concerned ... using VMs for most of my browsing that get wiped after each use, and different VMs (and OSes) for different purposes. So, yeah, I guess if I was doing anything sensitive on my trashy VM, I'd be concerned. But when I only do my banking on a VM in a strange OS and disabling scripts ...

Re:Will they include ... (0)

Anonymous Coward | about 10 months ago | (#44117215)

Being warned against malware is great - on the other hand, I don't tend to use the internet (or my computer) in a way that would make me susceptible to most infections. Now, being warned about potential government spying on the other hand ... that would be useful.

The part nobody mentions is the tracking. Google cannot tell you if a given site is known to harbor malware without your browser first telling Google what site you are trying to visit. Now they can track sites that don't participate in their Google Analytics and ad networks. That's .. just spiffy.

Re:Will they include ... (0)

Anonymous Coward | about 10 months ago | (#44117611)

Service I use to check sites I visit knows what sites I visit, oh my!

IIRC, they only check it once per site per cache expiry time and promise not to store anything except anonimized info - if you don't trust the privacy levels they promise for this tool, then just turn it off and use Opera's or MS's or WOT's site checking. I think at least WOT had plugins for all major browsers.

Re:Will they include ... (0)

Anonymous Coward | about 10 months ago | (#44118685)

You're an idiot. Take a look at how this is actually accomplished, and you'll see that your browser downloads a file containing the infected sites, which then get cross-referenced to the sites you're visiting LOCALLY. ... but don't let that stop you from posting your Microsoft-funded FUD, douchebag.

Eastern Europe, Russia and China are double US... (0)

Anonymous Coward | about 10 months ago | (#44116409)

With the whole debacle over Snowden and US snooping... its a relatively safer Internet for US citizens than it is in the countries that are calling US an Internet spying tyrant.

Re:Eastern Europe, Russia and China are double US. (1)

pr0fessor (1940368) | about 10 months ago | (#44116697)

I'm not so sure that is accurate the number of sites scanned in the US is around 14 Billion but none of the other countries had more than 1 million scanned. I'm not sure how that skews the results since I have no idea how many sites are in each country. India had 25k sites scanned but has a population of around 1.2 Billion compared to the US 313 million.

Re:Eastern Europe, Russia and China are double US. (0)

Anonymous Coward | about 10 months ago | (#44117257)

I'm not so sure that is accurate the number of sites scanned in the US is around 14 Billion but none of the other countries had more than 1 million scanned. I'm not sure how that skews the results since I have no idea how many sites are in each country. India had 25k sites scanned but has a population of around 1.2 Billion compared to the US 313 million.

They're much too busy making glue to adhere dots to their foreheads, sweet-talking cows, answering tech support calls with thick accents claiming to have names like "Bob," and churning out low quality software for american megacorps, to be bothered setting up too many sites.

You should really learn to be more culturally sensitive.

went fro a frosty posty (0)

Anonymous Coward | about 10 months ago | (#44116515)

but my AC post timer won't allow it.

What about false positives? (0)

Anonymous Coward | about 10 months ago | (#44116553)

So far the various warnings have usually done their utmost to block me from my favourite webcomics, usually because some advertising mishap or other. What was their biggest business again?

This sort of "service" all too easily turns into false competition and position abuse. Especially since google does everything and a bit to keep you from contacting them. Sometimes having to talk to a small shell script is just no replacement for getting a human.

Re:What about false positives? (0)

Anonymous Coward | about 10 months ago | (#44117279)

Sometimes having to talk to a small shell script is just no replacement for getting a human.

In America the shell script is smarter and a whole hell of a lot less obese.

when do the ISPs get DROP'ed (0)

Anonymous Coward | about 10 months ago | (#44116579)

All well and good listing the hosts but if the police wont get involved then perhaps upstream is where efforts should be put, when a network hosts 94% of malware how bad does it have to get before they are DROP'd ?

Sure (0)

Anonymous Coward | about 10 months ago | (#44116651)

They never say what malware it was, either.

What do we know, we know (1)

Stan92057 (737634) | about 10 months ago | (#44117497)

What do we know, we know what sites are bad. We know what IP addresses are bad, we know what software is bad. Well woopdefuckingdo all that knowledge and none has the balls enough to actually DO something to stop them. The stinking NSA knows who the bad guys are but cant do anything because they are breaking the law by spying on people so they cant do anything. I keep getting and reporting child porn spam messages. I even called the FBI ya know what they said?? Just delete it thats it just delete it and hung up on me. I wrote a email to my senator and was emailed back i must fill out a privacy release form in order to get help from him. Evey-ones making excuses or passing the buck its very sad.

Waste of time (0)

Anonymous Coward | about 10 months ago | (#44118733)

Being warned that there IS malware on a site is great. However Google's re-check time on this is ... basically useless.

A few weeks ago, one of our sites had this malware warning popup. But there was no malware on the site, in fact it was on the ad network, and the malware script wound up losing us thousands of dollars, even though the malware was cleaned up in less than 20 minutes. The warnings didn't go away for nearly 36 hours.

What is the use of the warning if the owners of the site are just going to say it's a false positive? What was the goddamn point of flagging all our sites as containing malware when the warning was only valid for about 20 minutes (less than 1% of the time the warning was visible)

When the webmaster clicks "review" that review should be done in 30 minutes, not 36 hours. And more to the point it should be blocking just the site containing the malware.

Check for New Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...