AV-TEST stands by claims that Bing shows more malware-infected links than Google

Owners of URL that Microsoft cites as example deny they're hosting malware, accuse Bing of 'inaccurate analysis'

1 2 Page 2
Page 2 of 2

Marx acknowledged that some search engines ward off users from suspicious links with warnings, but of those, not all are as clear as Bing's, and could be easily ignored or dismissed by users.

He also cited Felstead's claim that "Our data shows that these warnings block 94% of clicks to malicious sites" to defend AV-TEST's approach.

"Microsoft argues that their warning is 94% effective, so 'only' 6% of the people will click on the malicious link anyway," Marx countered. "Still, that's a lot of people."

Additional protective measures, including Bing's in-results warnings, those displayed by browsers -- all the major Web browsers have mechanisms for warning users of potential danger when they click on some links -- and others generated by security and antivirus software, were "out of scope for this study," Marx said.

Marx stood by the study, and said it would not be revised to take Microsoft's complaints into account. "The report was NOT designed to be a 'safety comparison' for search engines," he said.

However, he confirmed that AV-TEST was considering revamping its methodology for future tests. "In the next report, we might be able to report that search engine A warns [of] 30% of the malicious links, or if it's just 1%, or more like 70-80%, plus how many false positives we've seen," Marx said.

As to why Bing indexes suspicious links and shows them in its results, Felstead contended that "most are legitimate sites that normally don't host malware but have been hacked."

He also called on other arguments to defend Bing's approach, including one related to competition with Google and other engines. "We warn our customers rather than suppressing the result [because] if a user searches for 'vacation hotline' and doesn't get the site they're looking for, they perceive Bing to be an incomplete index of the Web which impacts their confidence of the engine," Feldstead said.

Feldstead cited the website vacationhotline.net to show Bing's warnings.

But Thomas Stelter, CFO and a co-owner of Foremost Travel & Tours of Chicago -- which manages vacationhotline.net along with scores of other travel sites -- categorically denied that the domain was infected.

During a telephone interview, Stelter used Norton Safe Web -- a component of Symantec's security software -- to examine the link to vacationhotline.net and reported that the Norton tool said it was safe to click. Other tools at Foremost's disposal also showed no evidence of malware.

Stelter was unaware that Bing had classified his website as hosting malware until the call from Computerworld.

"This creates a significant concern on our side when proper reporting and testing has not been done," Stelter said after collecting himself. "Norton is telling me it's safe, Bing tells me it's not. This inaccurate analysis causes further confusion within the consumer marketplace about where I should go or not go."

Stelter said that his firm manages more than 100 travel-related websites, has a significant presence on the Web -- vacationhotline.net was first registered in 1999, virtually in the Internet's Dark Age -- and has never before been accused of harboring malware.

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at  @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His email address is gkeizer@computerworld.com.

See more by Gregg Keizer on Computerworld.com.

Copyright © 2013 IDG Communications, Inc.

1 2 Page 2
Page 2 of 2
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon