Do you have a blog, online profile, or some other personal web page? Would you like to communicate more with your visitors? Today we’re launching a new Google Talk feature that lets visitors to your web site chat with you. We call it “chatback” because instead of you doing all the talking on your blog, your visitors can talk back to you. Sure, they could leave comments, but those are public and hard to use for a real conversation. With chatback, it’s a real instant message session.
To use chatback, you must have a Google Talk account … but your visitors don’t have to! They don’t even need to have an email address, or to have ever used instant messaging.
When they visit your site, they’ll see a badge like the one on the right showing your online status (available, busy, offline) and, if you’re available, they can just click and start chatting. Chatback uses the web-based Google Talk Gadget so your visitors don’t need to download anything. It opens in a new window so they can keep chatting with you even if they browse to other pages.
Of course, chatback isn’t just for blogs. You can use it on any web page that you can add HTML content to. To get started, visit the chatback start page. (This is also linked from the Google Talk homepage.) Then just copy the provided HTML snippet to your web site. Visitors will then see a badge on your site indicating your availability, and can click to start a chat with you. If there’s a time when you don’t want to be distracted, just set your online status to “busy” and visitors won’t be able to chat with you until you change your status back to “available.”
If you’re not already a Google Talk user, it’s easy to become one. If you’ve got a Gmail account, then you already have a Google Talk account. If not, just go to www.google.com/talk or www.gmail.com to get started.
It has been over a year and a half since we started to identify web pages that infect vulnerable hosts via drive-by downloads, i.e. web pages that attempt to exploit their visitors by installing and running malware automatically. During that time we have investigated billions of URLs and found more than three million unique URLs on over 180,000 web sites automatically installing malware. During the course of our research, we have investigated not only the prevalence of drive-by downloads but also how users are being exposed to malware and how it is being distributed. Our research paper is currently under peer review, but we are making a technical report [PDF] available now. Although our technical report contains a lot more detail, we present some high-level findings here:
Search Results Containing a URL Labeled as Harmful
The above graph shows the percentage of daily queries that contain at least one search result labeled as harmful. In the past few months, more than 1% of all search results contained at least one result that we believe to point to malicious content and the trend seems to be increasing.
Browsing Habits
Good computer hygiene, such as running automatic updates for the operating system and third-party applications, as well as installing anti-virus products goes a long way in protecting your home computer. However, we have been wondering if users’ browsing habits impact the likelihood of encountering malicious web pages. To study this aspect, we took a sample of ~7 million URLs and mapped them to DMOZ categories. Although we found that adult web pages may increase the risk of exploitation, each DMOZ category was affected.
Malicious Content Injection
To understand if malicious content on a web server is due to poor web server security, we analyzed the version numbers reported by web servers on which we found malicious pages. Specifically, we looked at the Apache and the PHP versions exported as part of a server’s response. We found that over 38% of both Apache and PHP versions were outdated increasing the risk of remote content injection to these servers.
Our “Ghost In the Browser [PDF]” paper highlighted third-party content as one potential vector of malicious content. Today, a lot of third-party content is due to advertising. To assess the extent to which advertising contributes to drive-by downloads, we analyze the distribution chain of malware, i.e. all the intermediary URLs a browser downloads before reaching a malware payload. We inspected each distribution chain for membership in about 2,000 known advertising networks. If any URL in the distribution chain corresponds to a known advertising network, we count the whole page as being infectious due to Ads. In our analysis, we found that on average 2% of malicious web sites were delivering malware via advertising. The underlying problem is that advertising space is often syndicated to other parties who are not known to the web site owner. Although non-syndicated advertising networks such as Google Adwords are not affected, any advertising networks practicing syndication needs to carefully study this problem. Our technical report [PDF] contains more detail including an analysis based on the popularity of web sites. Structural Properties of Malware Distribution
Finally, we also investigated the structural properties of malware distribution sites. Some malware distribution sites had as many as 21,000 regular web sites pointing to them. We also found that the majority of malware was hosted on web servers located in China. Interestingly, Chinese malware distribution sites are mostly pointed to by Chinese web servers.
We hope that an analysis such as this will help us to better understand the malware problem in the future and allow us to protect users all over the Internet from malicious web sites as best as we can. One thing is clear – we have a lot of work ahead of us.
It goes without saying that instant messaging has become integral to communicating in the workplace and at school. Chat helps us to share ideas instantaneously with co-workers and classmates. That’s why Google Talk has always been a part of Google Apps, our package of applications built for collaborating within organizations. We’re happy to announce today that we’ve made it even easier for you and your co-workers or classmates to start using Google Apps and Google Talk. It’s called Google Apps Team Edition, and if you have an email address from your employer or school, you can sign up right now.
With Google Apps Team Edition, you and members of your organization get Google Docs, for creating and sharing documents, spreadsheets and presentations, and Google Calendar, for coordinating your schedule. When you use Google Talk with Google Apps Team Edition, your contacts list will automatically include the other people at your organization using Google Apps Team Edition. And since Team Edition recognizes your connection to co-workers or classmates, it makes sharing documents and calendars easier too. Give it a try by visiting www.google.com/apps.
