Everyone is scared about malware and hacking on the web. There is nothing wrong with this and there really is a genuine threat out there. People need to make sure that their browsing is as safe as possible. For most people, unless you are running a high volume internet banking transaction server this can be simply done by getting a good anti virus (AVG Free is cost effective) and a firewall (windows own, Zone Alarm or one on your router).
Despite this a lot of online organisations feel the need to join in and help out. Most modern browsers have built in “phishing filters” and will try to alert you when you click on what it thinks is an untoward link. This is all well and good and there are only minimal privacy implications.
Equally, search engines are doing the same thing now. When you google a search term, you get links with any potentially harmful ones highlighted. Just in case you ignore google’s advice, they have a blocking page pretty much ensuring you cant click through to malware from google. Again, this may seem all well and good but there are even more issues. For a start, it is down to google to decide what is, or isn’t malware. They may be correct 99% of the time, but what about the other 1%? It becomes the responsibility of the website owner to discover they have been flagged as “malware” by google and then jump through google’s hoops to clear their name. This is wrong.
More importantly, who is responsible when there is a problem with google? A sensible hacker could target google’s servers and create the illusion that certain companies are full of malware. It would take a brave person to ignore the warnings and keep going through to a site that is so heavily flagged on the search page.
Do you think this is unrealistic? Here is the results of a search I did today on www.google.co.uk – imaginatively I searched for “Google”:
The whole internet is infected with malware. Every link is flagged with the dire warning it may harm your computer. I am not alone in discovering this… (PCPlus simply suggests using another search engine for the afternoon, Neowin is more informative) Google isn’t hacked (this time), its just broken. The effect is the same though. Any attempt to search meets with this warning and googles intervention means you cant ignore it and click on. Well done Google – you have borked searching… Amazing.
This is (IMHO of course) the problem with allowing web services to have more and more control over our daily lives. It is bad enough that the most popular search engine on the internet suffers a glitch like this, but imagine if you were using Google to host your remote office systems – an outage can be crippling. Cloud computing may be in vogue, but it is fundamentally a bad idea. You can not delagate your responsibilities to unaccountable groups – you are responsible for making sure no malware gets on your PC, so why does google feel the need to intervene?