A search engine isn’t worth much if the results it produces lead users to malware.
An obvious statement no doubt, but one Microsoft kept in mind with its new -Bing’ search engine. Following the footsteps of other search engines, Bing may not break new ground when it comes to security, but it doesn’t really fall behind its competitors either.
“Bing’s malware detection consists of two things,” a Microsoft spokesperson said. “The first is Drive-by-Download detection where Bing warns [end users] that the site is hacked and won’t take them directly to the site when they click, instead providing a warning. Secondly, for social engineering malware sites, Bing manually blocks such sites from showing up in the search results.”
For drive-by downloads, users get the warning when they click on the query title, the spokesperson added. If they still want to visit the page, they can click on the “visit the website” link in the warning pop-up. Microsoft scans the sites and also consumes lists from various sources. The frequency of the scans varies from site to site.
Microsoft did not say much on how they are working to prevent hackers from poisoning search engine results, stating only that they are continuing to work on improving their technology.
Microsoft’s main rival in the search business is of course Google. Like Google, Bing offers users the opportunity to set ‘SafeSearch’ Web filter preferences to weed out sexually explicit images, videos and text from search results. Bing has actually taken a bit of criticism in the press around this, as the search engine prompts users to adjust their security settings if, for example, they are searching for porn and it is blocked by the filter.
When it comes to detecting rogue sites, Google has set up a number of automated systems to scour its index for rogue sites. When offenders are found playing host to drive-by downloads or phishers, the search engine labels them as a warning to users. The search engine also works with Web masters to help them keep their sites secure by alerting users of Google Webmaster Tools if their software is vulnerable.
“We publish our list of potentially dangerous sites via our Safe Browsing API to browsers such as Firefox, Safari, and Google Chrome,” a Google spokesperson said. “We believe that we all need to work together to identify threats and stamp them out to help make the Web a safer place for everyone.”