As you may have noticed, reports of malware are on the increase. In some browsers you can get anti-phishing filters, and Google has introduced its "this website may harm your computer" warnings. Occasionally these warnings are false positives. Imagine you could say to your visitors that all your links are checked regularly, say weekly, for malware. Imagine you could say the same thing to your submitters: it could be a great selling point to have the reassurance that if you become an unwitting host of malware, you'll get an email about it immediately from a directory, instead of having to wait until traffic tails off and you're scratching your head wondering which search engine has penalised you. I think directory owners and script builders have a great opportunity to provide something that search engines and browser builders can't, using the element of human review and the emails that are collected from submitters for notification. Rather than simply removing suspect listings entirely, they could be put back in pending status and investigated further. So you wouldn't have to have a case where listings are automatically binned just because a mistake is made. It would be up to the directory editor to investigate cases and respond accordingly. So how could this practically be achieved? One way would be to compare listings against the list at StopBadware.org. McAfee's SiteAdvisor also has public ratings for the safety of websites. There are probably other lists I haven't heard of, as well as IP blacklists for spamming. Ideally it could be done automatically at set intervals. This is an open request to script developers and mod writers to consider implementing this feature. Let's clean our directories of malware, and restore confidence in them as safe places to browse.
hmmmm... this is an interesting concept, especially since there were a lot of complaints a couple weeks ago regarding "viruses" on certain sites. You raise a couple of good points, with the sizes of most directories it is not feasible for an owner to manually check all of the links to make sure ONCE they have been approved that the content is not changed (adult) or some form of malware is not introduced. I would be very interested in such a "mod". If there are any developers that have some ideas I would be willing to discuss funding or working with other owners on getting something like this done. Lance
Nice post Obelia. Need to spread the green around before giving you more again, but that post deserves it IMO.
It's absolutely do-able, given the right list of IPs and urls. Unfortunately I don't have the experience with common scripts like phpld to be able to do this myself. However, one way to do this might be independent of your web directory script: by producing a programme that will spider all the urls of any website, or allow you to cut and paste them into a text box if there are few enough, or even just put them all in a large file. Then examine the urls, and display the bad ones. Integrating it into a directory script so that you can just click "check" and automatically send emails and suspend websites would be neater, though. I'm interested in what directory customers would think of this. Personally I'd find it a reassuring feature on a directory, but is this what everyone else thinks?
The only snag I could see with offering this is folks looking to sue you or asking for compensation for malware that slips through your detection and damages them. I think the risk of liability for the directory owner would be too high compared to the rewards.
I would look at a system like this as just another tool for the editor to use in evaluating a site's eligibility for a listing - not something that would be advertised as if published listings are guaranteed safe.
Good post obelia, I'm going to look into it as I do lots of the programming on phpLynx, we're always looking at new ways to move forward and advance, maybe this is one. Wont make empty promise but have already passed this on to the team.
That's a good point, it might not be a good thing to advertise as a feature. Even if you post a disclaimer, people don't often read the small print and can get the wrong end of the stick. But in terms of protecting the interests of a directory owner, it would still be very worthwhile, because having links to websites which host malware tars you by association. Thanks for considering this, Phoenix.
Mmm not sure about this idea. Even though it's commendable, if you announce an anti-malware script it will become a target. I used to hang out on a security newsgroup and it was a favourite site for the script kiddies.
See where your coming from but if its intergrated into a pre-existing script as an optional feature then it will do no harm at all.