resource center
  See your link here
|
Computerworld - Google Inc. yesterday released to outside developers the same security API currently used by its own Google Desktop and Mozilla Corp.'s Firefox for warding off phishing and malware-dropping Web sites.
Dubbed the Safe Browsing API, the application programming interface gives third-party developers a way to integrate the ability to check for malicious sites into their own applications, said a pair of Google developers in an entry on the company's security blog. "It provides a simple mechanism for downloading Google's lists of suspected phishing and malware URLs, so now any developer can access the blacklists," wrote Brian Rakowski and Garrett Casto.
Google maintains a pair of blacklists that any client application using the API can now access to warn users of potentially dangerous sites. Developers could use the API, suggested Google, to prevent users from posting phishing links on a blog or to alert users that a link from a software download site is a known malware distributor.
"The API is still experimental, but we hope it will be useful to ISPs, Web hosting companies and anyone building a site or an application that publishes or transmits user-generated links," Rakowski and Casto wrote in their blog posting.
According to the limited documentation Google made available, developers who choose to use the API have to comply with several guidelines and a live with a few limitations. Presumably for liability reasons, Google requires that developers qualify any warning. "You may not lead users to believe that the page in question is, without a doubt, a phishing page or a page that distributes malware," Google said. "You must qualify the warning using terms such as: suspected, potentially, possible, likely, may be."
Developers' client applications are also limited to 10,000 users sending regular requests to the API for the blacklists, Google noted, although it provided an e-mail address for requests to expand an application's user base.
Interested developers can request an API key at Google's site.
Safe Browsing's blacklists -- and the API that updates locally-stored lists on users' PCs -- is the basis of Firefox 2.0's current anti-phishing feature, and it may be used in Firefox 3.0, which is scheduled to ship before the end of the year, to display alerts of sites suspected of spewing malicious code.
Read more about security in Computerworld's Security Knowledge Center.
Death to PST Files
Download Now
The Tangled Web: Silent Threats & Invisible Enemies
Download Now
Tape Killed the IT Guy
Watch Now
Forrester Consulting Mobility Study: Taking Control of Enterprise Mobile Device Diversity
Download Now
BRM: What You Can Do To Reduce Risk In Challenging Times
Watch this webcast now!
What IT Must Do to Support Employee-Owned BlackBerry, iPhone and Android Mobile Devices
Download Now
Web 2.0, Social Media and the Dark Web - A Web Criminals Paradise?
In this discussion, learn about the challenges of protecting your users from the potentially unsafe content hidden in the "Dark Web".
eGuide: Enterprise Security
Smart Security Strategies for 2010. Read now!
Disaster Recovery 2008: Reduced Costs and Improved Performance
How long can your Enterprise afford to be without your data? With an accelerated disaster recovery program, you never have to answer this...
Sign up to receive updates on the latest Security resources
CIO
Computerworld
CSO
DEMO
GamePro
Games.net
IDC
IDG
IDG Connect
IDG Knowledge Hub
IDG TechNetwork
IDG Ventures
IDG.net
InfoWorld
ITwhitepapers
ITworld
JavaWorld
LinuxWorld
Macworld
Network World
PC World
The Industry Standard
Copyright © 1994 - 2010 Computerworld Inc. All
rights reserved. Reproduction in whole or in part in any form or medium
without express written permission ofComputerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc. |
