Firefox add-on blocks malicious search results

The free Search Engine Security add-on from Zscaler attempts to thwart malware lurking in bogus search-engine results by making page requests appear to originate elsewhere.

In their never-ending quest to steal your credit card and bank account numbers, passwords, Social Security numbers, and other sensitive personal information, malware purveyors go wherever the eyeballs are. Lately, the bad guys have increasingly been targeting the links served up by Web search engines.

Two computer security firms recently issued press releases touting the dangers of searching for popular terms, such as the names of starlets or items in the news. Barracuda Labs' 2010 Midyear Security Report highlights the risks of entering a popular topic in Google, Bing, or Yahoo. The company entered thousands of search terms in these engines over a two-month period and found that many of the top results returned led to sites hosting malware.

Similarly, Symantec accompanied the release of its free Norton Safe Web Lite Web site rating tool with a study claiming 10 percent or more of the results returned by one-third of topical search terms led to malware.

Firefox tool masks page requests from Google, Bing, and Yahoo.
Cloud-computing security firm Zscaler offers a free Firefox add-on that the company claims reduces the risk of clicking a link in search results that leads to malware. The company's Search Engine Security tool works by changing the HTTP referrer (or "referrer") header (or "string") in the page request the search engine sends when you click a link to make it appear the request came from somewhere other than Google, Bing, or Yahoo.

The theory is that malware authors deliver their bogus links only when they detect a search engine's address in the referrer string that accompanies the page request. The only indication you have that the add-on is active is the small "SES on" message that appears just below the search box.

Zscaler Search Engine Security active indicator
Zscaler's free Search Engine Security add-on for Firefox claims to protect against malicious search results by masking page requests from Google, Bing, and Yahoo. Zscaler

The referrer isn't changed when you follow links leading from one page to another within Google, Yahoo, or Bing. You can choose which of the three search engines you want to mask by clicking Tools > Add-ons > Extensions, scrolling to Search Engine Security and choosing the Options button. In addition to checking or unchecking Google, Bing, or Yahoo, the program's Options dialog lets you specify a "referrer" and enter domains to its white list of approved sites.

Zscaler Search Engine Security Options dialog box
Customize the "referrer" used by the Search Engine Security add-on or add sites to its white list via the program's Options dialog. Zscaler

You can also disable Firefox's referrer manually: type about:config in the address bar and press Enter. Click through the reminder to be careful and navigate in the resulting list to network.http.sendRefererHeader. Double-click the entry to open the "Edit integer value" dialog. Change the value to 0 and click OK. The change will take effect when you restart Firefox.

I prefer the more granular control offered by Zscaler's add-on. But I'm not willing to rely on any single product to protect my privacy when I search. I also use McAfee's free SiteAdvisor, which scans thousands of sites for malware and adds a color-coded safety indicator to search results.

Similar tools include Web of Trust (WOT), which collects recommendations from thousands of volunteers to rate the reputation of sites, and LinkExtend, a Firefox toolbar that combines the site safety ratings of eight services and scores sites for security, child safety, company ethics, and other categories.

As usual, a layered approach is the best way to protect your data and your privacy--on the Web and elsewhere.

About the author

    Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.

     

    Join the discussion

    Conversation powered by Livefyre

    Don't Miss
    Hot Products
    Trending on CNET

    HOT ON CNET

    Want affordable gadgets for your student?

    Everyday finds that will make students' lives easier: chargers, cables, headphones, and even a bona fide gadget or two!