Friday, April 25, 2008

Web 2.0: Whatever Google Knows About Spam, It Isn't Saying - InformationWeek

At the on Friday, Google applied scientist Flatness Cutts, who heads Google's Web Spam team, gave a keynote computer address titled

Cutts and many others at Google cognize a batch about Spam because Google acquires a batch of spam, in e-mail and on Web pages. The job is, he couldn't state very much about it.

Cutts anticipated this in a on Tuesday in which he mentioned his approaching speech."I'm struggling with what exactly to say," said Cutts. "On one hand, Google cognizes a batch about spam... On the other hand, I don't desire to let on things that would profit people that attempt to spam."

While keeping Google's security card game stopping point to the waistcoat is apprehensible -- few companies are unfastened about security issues -- Cutts's reluctance to let on what Google cognizes about Spam made his presentation more tantalising than rewarding.

For instance, Websense Security Labs on Thursday echoed former studies that spammers were having a just grade of success in defeating Google's CAPTCHA system, which forestalls spammers from registering free business relationships that they can mistreat services like Gmail and Blogger.

"Spammers have got managed to make automated bots that are capable of not only signing up and creating Blogger business relationships (using spammer business relationship credentials), but also utilize these business relationships as redirectors and room access pages for advertisement their merchandises and services," said Websense security research worker Sumeet Prasad in a .

Cutts made no reference of this and Google have maintained that business relationship maltreatment at its free services goes on to be driven by people rather than bots. Nor did Cutts computer address what looks to be an in progress inundation of malware-infected porn on Google Groups pages.

Instead, Cutts focused on Web Spam and how land sites can avoid it.

"Web Spam is when person seeks to beat or take cutoffs so that their Web land site shows up higher [in hunt consequences rankings] than it rates to demo up," he explained.

The root cause of Spam is money, Cutts said, so land site proprietors should look for ways to deny money to spammers. (Putting an end to all free online services would effectively deny money, in the word form of free Spam infrastructure, to spammers. But that would interfere with Google's concern model, so the burden is on land site proprietors to make something.)

Trust and repute systems are a great manner to cut down spam, Cutts said, citing eBay's and Amazon's work in this area. True though that may be, Cutts made it sound as if eBay and Amazon had more than or less quit their systems of abuse. There's no uncertainty that eBay and Amazon have got top-notch security, but retention those two companies up as the reply rubrics over existent jobs that remain.

Guillaume Lovet, a security research worker at , recently explained that swindlers cognize that to beat out eBay's repute system, they either have got to steal business relationships -- which is why, he said, eBay is phished about 20 modern times more than Banks -- or make fake trust with bogus transactions. That's why, he says, there are so many points sold on eBay for a penny: to game the repute system.

Given his observation that "Spam will acquire more than than malicious and more unsafe in the approaching calendar months and years," Cutts is clearly aware of the trends. Yet his recommendations -- acquire some trust chemical mechanism into your system, avoid being a target, and endeavor to thwart spammers by not giving them what they desire -- look incomplete.

Google clearly cognizes a batch about spam, perhaps as much as spammers themselves know. If lone it were more than than willing to share that knowledge, we might be able to have got a more informed treatment about possible solutions.

No comments: