On the Difficulties of Being a Search Engine
Search Engines and those seeking to manipulate the results (normally dubbed Black-Hat SEO [Search Engine Optimisers]) have been locked in a constant battle ever since Internet search engines became the way to find things online. Major engines, such as Google, Yahoo!, and Live (Microsoft) try to keep the details of their ranking algorithms secret, not only to gain a competitive advantage over the other engines, but also so that people trying to manipulate the results have difficulty working out how to do so.
Sometimes these efforts break down and one-off drastic measures need to be taken to "clean up" the search indexes. Google recently carried out such a measure, when it removed thousands of sites that had been created to "poison" (manipulate) the search results for common terms and distribute malware to unsuspecting end users.
A mass poisoning such as this is not an overnight occurrence, but in this case it only took a couple of days for the malware-hosting sites to be created and successfully poison the search results. With such a short period of time between attack launch and successful results, it points to a problem for Google. If attackers can implement and close down an attack in a matter of days it makes it much harder to track and identify who they are. By comparison, the Russian Business Network was well understood not only because of the wide variety of activities they were involved with, but also because, until recently, they were relatively static in location online.
Despite the best efforts of search engine operators, incidents such as the above show that it is still possible to manipulate search results. This also comes not long after the mass PageRank adjustment that affected numerous sites. It seems that Google is endeavouring to make sure that their returned search results are more relevant, by getting their users to notify them when they come across a malicious search result. While the above effort is to reduce the number of sites that distribute malware-creation tools that appear in search results, it isn't really going to reduce the ability of those who really care about creating malware to find those tools. What it will do is help cut down on the number of users infected accidentally by poisoned search results.
Other recent moves by Google, including the planned introduction of their online storage service, GDrive, have drawn the ire of privacy and security advocates. While a lot of people are quite happy to use Google's online office suite to manipulate and manage data that might be considered sensitive, the move to allow users to store data online has attracted more concern. While Google's GDrive isn't the first online storage offering (.Mac and a number of other offerings provide online data storage for users), there are concerns about whether Google will be scanning content in order to provide contextual advertising as they do with searches and email, and concerns about whether there will be any protection (encryption) provided to the data that users supply. The concerns about data protection are not unique to GDrive, it is just that the scale is much larger than other providers.
18 December 2007
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.Comments will soon be available for registered users.