For those web masters or indeed visitors out there that are not aware, StopBadWare.org is a site that lists sites that contain malware. This article doesn’t discuss how they malware got there, but more the way that Google lists them in its index.
StopBadware.org is a “Neighborhood Watch” campaign aimed at fighting badware. We will seek to provide reliable, objective information about downloadable applications in order to help consumers to make better choices about what they download on to their computers. We aim to become a central clearinghouse for research on badware and the bad actors who spread it, and to become a focal point for developing collaborative, community-minded approaches to stopping badware.
From: StopBadware.org
When a site is listed in Google as having badware on it, a warning is displayed similar to the following:
The contentious part of the above warning is the “This site may harm your computer”.
When you click on the link within the Google index to a badware infected site, Google actually displays an information page telling you why you should not visit the site. (Note: I have purposely masked the name of the site above in order to protect the web site owner from being mentioned, the reasons why are discussed below).
If you want to see a warning for yourself, just go to the StopBadware.org site. In the search box, enter “.co.uk” for the search term.
Copy the ‘domain name part’ part of it but do not include the TLD and enter it in a Google search box. (So if the domain was www.example-alien-web-design.co.uk, search for “example alien web design” not “example-alien-web-design.co.uk”.
This ‘should’ display a list of search results which will have the warning displayed.
Then click the search result to see the warning page.
My personal thought is that Google should just temporarily remove the site listing from the index rather than apply a label against that site.
You have to ask why Google apply that label and prevent ‘its’ users from clicking on that link within it’s index.
I can only guess at the following:
- Google wishes to protect its users from visiting a site that has malware on it.
(Google has checks in place, or one would hope that they do, that prevents falsely labelling a site as hosting malware).
- Google is also expressing it’s desire to help remove malware from the ‘internet’ by contacting and informing web masters of malware upon the sites it finds.
It doesn’t just list web sites, it does make a concerted effort to contact the web master of the site involved.
Google do have a right to stop users from visiting those sites infected, as potentially one could argue that they could be held responsible for forwarding its users to a site which ultimately costs the visitor time/money or both.
The problem is, that web masters feel that the label Google applies next to their entry in the index causes damage to the reputation of that web site as well as a loss of income.
So why does Google apply a label?
Some have argued that it is the quickest method to ensure that the web master contacts them and the problem sorted.
(Sticking a big red flag next to your site does tend to bring it to your attention rather quickly when your users start complaining to you, OR, as should be happening, a good web master will find this out when he does his daily/weekly check).
I would rather Google remove the entry from the index altogether, not stick a “label” against the entry. You can’t visit the site from the link in the index anyway (without a spot of cutting and pasting – at least you can’t in Firefox with my setup).You could say the link in the index is non-functional, so why bother putting it there in the first place?
Removing the infected site from the index achieves both points from above.
- It prevents Google users from visiting the site. The result is simply not returned.
It is no different from the supplemental index, or at least very similar to the supplemental index.
After all, the StopBadware database is exactly that. It is an index of sites that contain or are believed to contain malware.
Just like the supplemental index, the results are still there, but you have to search for them in a specific index.
- Google can still contact web masters and let them know that their site has been placed into the ‘malware’ index as before.
The removal or placement into the “malware” index would be temporary. Rather than display a warning, it doesn’t display anything. No harder to code than it is at present.
Any decent web master will be monitoring his PR and his SERP placement. Suddenly dropping off the main Google index should be pretty obvious to them.
And if his visitors complain that they are not finding the web site in the index, that too should draw the web masters attention to a possible problem.
Google will still be trying to contact the web master and the web master should also be encouraged to join Webmaster central (http://www.google.com/webmasters/) to keep an eye on their site anyway…
However, web masters have no right what so ever to complain about the damage to their reputation. Malware is a problem, and is far more serious to their users than a lot would lead you to believe. Ok, you could say that around 85% of your visitors would be vulnerable to being attacked by malware (due to the browser type, security settings and whether javascript is enabled). Of of that 85%, at least 50% of them would be very vulnerable, due to no firewall, no or an outdated Antivirus/Antispyware.
So there would be a large percentage of your visitors that could potentially be damaged or effected by malware.
- You cannot say that some malware is less harmful than others.
Malware is malware. Plain and simple.
- You cannot say I have a set of known visitors and I know them to be safe.
(You are complaining about being in the Google index, therefore you are potentially available to everyone who has access to the Google index).
What damage would be done to your reputation IF, one of your users blogger on a popular forum that they went to www.example.com and they got hacked. That www.example.com has no protection, or www.example.com has bad security. Or they blame www.example.com for them installing the malware on their computers (regardless of the fact that www.example.com had NO knowledge of the exploit in the first place).
At least an entry in the Google index as at present is temporary and will be removed once Google are assured that the malware has been removed.
An entry on a web site would be within the index for a lot longer (if not ever).
And that’s if there was just one entry on one blog. What you would do if your sites name was spread around the web by a disgruntled visitor (who was infected as a result of visiting your www.example.com)
There is no argument that the web master purposely allowed their site to become infected.
A web master of a major site earning major money will be running a much more secure system than a small time web hosting company (on a dedicated server or a shared web hosted account). They are less likely to be the victim of an attack.
So it could appear that Google are against the smaller web hosts and web masters sin
ce you won’t find big web sites listed. That is simply not the case.
It is just the simple fact that the smaller web site, web host or web master is more vulnerable to attack since they cannot or do not spend money on massive security defenses against malware attacks.
A web master has a responsibility to protect the visitors to their site. (Whether they rely upon the web host to do this , or whether they takes charge is another matter for discussion).
Google have the same responsibility to it’s users. They have chosen to protect their users by displaying a warning and not giving a clickable link to the infected web site.
I’d like to hear from Google as to why they chose the method they did, and for them to state why they don’t just remove the link temporarily from the index.
