The whole click-based economy seems strange and illogical to me, and this sort of bizarre situation is one of the results: scammers and purveyors of malicious code advertising in supposedly legitimate venues. Nobody taking responsibility. This isnt right. According to the study, "Users cant count on search engines to protect them; to the contrary, we find that search result rankings often do not reflect site safety." I dont think this is an acceptable situation.With sponsored links, as far as Im concerned, the search engine is implicitly endorsing the target of the link. They took money to put it up there, and that makes an important difference. Its disingenuous for them to disclaim any responsibility if a user follows one of these links and incurs damage as a result. Perhaps our standards for what we see on the Internet have dropped to the point where nothings really wrong anymore. Its not hard to find spam-quality sponsored links. Do searches for "arthritis medicine" and "erectile dysfunction" and look at the sponsored ads. The "erectile dysfunction" search on Google is especially illuminating: The first page of organic links is entirely made up of legitimate medical sites: the NIH, the Mayo Clinic and legitimate pharmaceuticals. I wont repeat the sponsored links, but they look like stuff youd read on the walls of a high school boys room. MSNs and Yahoos results are no better. Ask.com, which had the worst overall performance in the study, had more respectable results in my queries. But why should a query for "American Idol" generate this sponsored result: "Disguise Your Caller IDChange Your Caller ID At Will! Works From Any Phone"? Mind you, I havent even tested for malware at the target sites, just looked for obviously phony and offensive material. Click here to read more about SiteAdvisor. Forget for the moment my argument that sponsored links amount to an endorsement and think of them as what they obviously are: advertising. If you went to a store after reading its ad in the local newspaper and the store robbed you once you got there, wouldnt you expect the newspaper to do something about it? Dont most newspapers have policies about running ads with actual offensive material in them? Its not like theyre responsible for a robbery, but if they ignore warning and continue to run the ads, then they are complicit. The SiteAdvisor/Edelman report is such a warning. Who knows how many users are willing to click on a link that brings adware to their system because Yahoo or Google or MSN listed it? Its going to mean forgoing advertising revenue, so I dont expect them to, but the search engine companies need to start paying attention to whose money they take. Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.
More from Larry Seltzer
The way I see it, theres a difference here between sponsored and organic links. Engines should do what they can for organic links. It would be good and probably to their competitive advantage to provide some warning about trustworthiness of a target. But engines dont get paid for that, and theres a tradition that they should be neutral in a sense when generating these results.