Google Safe Browsing Changes

Keeping yourself safe from internet threats is not easy. Fortunately, there is a lot you can do, but if you want to be reasonably safe, there are a lot of different bases that need to be covered.

Fortunately, years ago Google decided to help out. And, for the last 11 years, they have been operating their Safe Browsing program. This program shows warnings on web sites that violate Google’s safety related policies. The warnings stay in place until Google verifies that the site no longer violates the policies.

Google won’t necessarily post these warning instantaneously. So, a site could host malware for a few days before it gets marked. That’s not a good thing, but at least once a site is marked, it’s marked.

Instead scam sites will have warnings for 30+ days. That gives users more warnings. Which will mean that people will be more likely to see the warning on a site like this. That’s a good thing.

Or is it? A problem Google has is that many times Google is right about the site, but it’s not the fault of the site owner. In those cases, Google needs to take down the warning when the site owner fixes the problem. Google will do so when it finds the site to be cleaned, or when the site owner asks them to do so. Of course, Google verifies that the malware is gone before it takes the warning down.

So why is this a problem? Well, if your site got hacked and that’s why your site was marked, then it’s a good thing that Google takes down the warning when you clean it up. What if someone is not legitimate? Instead, they put the malware in deliberately. Then, when they get marked by Google, they the clean the malware off – it’s something they can do easily because they put it there in the first place. Once Google takes the warning down, they put the malware back up. And, now they have a few more days to snag people without any warning from Google. Of course, Google eventually finds them again, and the cycle repeats itself. In other words, these malicious sites are using Google’s mechanisms to help legitimate sites, to improve their ability to harm people.

So, Google has changed its policy. If a site has a pattern of doing this – taking malware down then getting infected again repeatedly – Google will no longer allow the site owner to ask Google to take down the warning for at least 30 days. That means that sites will no longer have the option of a cycle of warnings for a few days, then no warnings for a few days. Instead scam sites will have warnings for 30+ days. That gives users more warnings. Which will mean that people will be more likely to see the warning on a site like this. That’s a good thing.

Google Online Security Blog: Protecting users from repeatedly dangerous sites

http://www.computerworld.com/article/3140227/web-browsers/google-punishes-web-backsliders-in-chrome.html

About the author