Google, Sun Backing New Anti-Malware Effort

Harvard, Oxford researchers aim to create Internet defensive strategies geared to consumers.

Major figures at Sun and Google -- including Vinton Cerf, one of the inventors of the Internet and now Google's Chief Internet Evangelist -- are backing a new academic anti-malware initiative that aims to spotlight spyware purveyors and ultimately give besieged computer owners simple technologies to guide their Web surfing and downloading decisions.

The new effort launches today in the form of a website, www.stopbadware.org, created by Harvard Law School's Berkman Center for Internet and Society and Oxford University. The site's initial function is to serve as a collection point for empirical information -- from consumers and technical experts alike -- about nasty code that infects computers and aims to steal data, send spam, and churn out obnoxious pop-up advertisements. The researchers behind the effort plan to use this data to understand the scourge, spotlight offending malware purveyors, and generate consumer-friendly defensive strategies.

Malware (or the anglicized "badware") is a catchall term for little pieces of code that can ride like parasites inside pieces of software, games, and other objects downloaded from web sites. In some cases, the malware slips in when the user merely visits certain sites.

Infected machines often slow down dramatically and begin generating error messages. According a recent Pew Internet & American Life Project, the computers of roughly 59 million Americans suffer from these digital infections. And home computer users spent roughly $3.5 billion in 2003 and 2004 to fix the problems, according to a recent Consumer Reports investigation.

"There are lots of efforts at fighting spyware or badware," says John Palfrey, the Berkman Center's executive director. However, he adds, until now "there has been no consumer-focused, disinterested, nonprofit effort that will give consumers guidance in terms of what they want, or don't want to download on their computers. We can bring expert guidance." The research team will comprise researchers at academic institutions, including Harvard, MIT, and Oxford.

While the research will be done by academic figures, Palfrey says, it is supported by grants from Google, Sun, and Lenovo, the Chinese company that bought IBM's PC business. He said the grants are in the "multi-year, multi-million dollar" range. Consumers Union, the publisher of Consumer Reports magazine, is helping design the program and assisting with strategies for notifying and educating consumers.

Google's Cerf will offer technical input when it's sought by the researchers, Palfrey says; as will his two counterparts at Sun, Greg Papadapolous, chief technical officer, and Carl Cargill, director of standards, and Lenovo's George He, chief technology officer.

Asked what service or product he hoped to see coming from the effort, Cerf replied via e-mail that he sought “specific information for users about known badware” and “alerts for the software, networking, and operating systems industry about problems.” He added that “by cataloging as many of the known bad software cases and their means of infection, we may be able to assist operators and programmers to filter, inhibit, or even eliminate such software in a more automatic fashion.”

The team hopes to publish academic research, inform consumers, and highlight offending companies. Its long-range goal is to give consumers a simple collaborative technology for gauging the likely hazards of a web site they are considering visiting, or a file they're considering downloading.

Berkman cofounder Jonathan Zittrain, now also the chair in Internet governance at Oxford, who helped hatch the idea for www.stopbadware.org, says this technology might take the form of a kind of PC "dashboard" that indicates the level of novelty or danger associated with a piece of code. This "dashboard" would draw upon the anonymized, aggregated mouse clicks and experiences of thousands or even millions of PC users.