Google blasts Web bots: PC big culprit in drive by downloads I reported on new Google security intitiatives early this month, citing research by Niels Provos, Google Software Engineer, on the “ghost in the browser”:
"We have started an effort to identify all Web pages on the Internet that could potentially be malicious. We apply simple heuristics to the crawled pages repository to determine which pages attempt to exploit Web browsers."
Our goal is to observe the malware behavior when visiting malicious URLs and discover if malware binaries are being downloaded as a result of visiting a URL. Websites that have been identified as malicious are labeled as potentially harmful when returned as a search result.
Last week, the Google initiative was widely (mis)reported in the press as signifying "10 percent of sites are dangerous."
Today, Provos refutes that mainstream "10%" conclusion and provides "safe browsing" advice:
Unfortunately, the scope of the problem has recently been somewhat misreported to suggest that one in 10 websites are potentially malicious. To clarify, a sample-based analysis puts the fraction of malicious pages at roughly 0.1%. The analysis described in our paper covers billions of URLs. Using targeted feature extraction and classification, we select a subset of URLs believed to be suspicious for in-depth investigation.
First and foremost, enable automatic updates for your operating system as well your browsers, browser plugins and other applications you are using. Automatic updates ensure that your computer receives the latest security patches as they are published. We also recommend that you run an anti-virus engine that checks network traffic and files on your computer for known malware and abnormal behavior. If you want to be really sure that your system does not become permanently compromised, you might even want to run your browser in a virtual machine, which you can revert to a clean snapshot after every browsing session.
HAPPY, AND SAFE, BROWSING!