Badware Prevention and Website Security
on
So everyone knows that the Internet has people out there looking to gain control of your computer using some innovative new malware program that they developed. There are all kinds of reasons to do this, most recently I heard of malware that was targeting Tibetan solidarity NGOs in order to track their communications with people within Tibet. So although sometimes lives are on the line, most of the time though it is just to grab credit card information or to use your computer as a spam bot.
The Internet is a great way to distribute things, including Trojan horses, and it is important to be conscious of what you Download from legitimate looking websites. Web browsers, particularly Microsoft's Internet Explorer, are one means that people are using to invade your security. People post programs to the web that look fun or useful, some but not all of them are. This is generally called malware.
There are attempts however from many companies out there to educate users about sites that really need more documentation. I ran into Google's anti-malware initiative to protect it's users earlier in the week with a friend's site. Google and others are collaborating on a site to Stop Badware, which has a collection now of 264420 potentially dangerous sites. It is great to see prominent tech companies collaborating on things like this, but it would be even better if there was more information available about why a site was labeled as a potential threat.
The instance in this example, Shake the Pillars, is a simple WordPress blog about online campaigning. Google seems to have first reported this site back in February, and still reports (as of this post) that the site is a threat to it's visitors. The process of going through all of the possible issues that might be affecting an active blog is pretty daunting. Sure, most folks are going to be aware if they are intentionally distributing program files through their site. However, with the domain name scammers out there buying up expired domain names, how do you even begin to check to see if any of the links on your site point to sites that have badware on them. I don't know of a single tool that allows you to list/order/check all of the links that you have on your site.
In any case, through some effort I was able to track the problem that Google had picked up. The site had unfortunately been subject to a Word Press 2.3.3 exploit and was indeed a potential threat to visitors to the site. The site was quickly upgraded after alerting the owner. Google & the Stop Badware folks should be taking this site off of their list shortly.
This exploit brings up an important issue that many webmasters forget, any dynamic website is software and all websites use software -- all software is vulnerable to security exploits. The more software you use, the more you need to pay attention to security upgrades. With a popular application like Drupal or Word Press it can be easy for a hacker to find vulnerable sites, just like it is quite easy to find exploited sites (Google lists 683,000 of them with this phrase, most aren't listed officially as a site that may harm your computer). With a less popular or custom applications then the challenge is in keeping up with the best practices of changing security standards.
With power comes responsibility, and unfortunately online communities and Web 2.0 applications all require people to monitor their software to ensure that the site continues to operate safely. Oh yeah, and if you are interested in social change, check out the upgraded version and secure version of the site -- Shake the Pillars.
Share this article
About The Author
Mike Gifford is the founder of OpenConcept Consulting Inc, which he started in 1999. Since then, he has been particularly active in developing and extending open source content management systems to allow people to get closer to their content. Before starting OpenConcept, Mike had worked for a number of national NGOs including Oxfam Canada and Friends of the Earth.