Firefox add-on blocks malicious search results
The free Search Engine Security add-on from Zscaler attempts to thwart malware lurking in bogus search-engine results by making page requests appear to originate elsewhere.
In their never-ending quest to steal your credit card and bank account numbers, passwords, Social Security numbers, and other sensitive personal information, malware purveyors go wherever the eyeballs are. Lately, the bad guys have increasingly been targeting the links served up by Web search engines.
Two computer security firms recently issued press releases touting the dangers of searching for popular terms, such as the names of starlets or items in the news. Barracuda Labs' 2010 Midyear Security Report highlights the risks of entering a popular topic in Google, Bing, or Yahoo. The company entered thousands of search terms in these engines over a two-month period and found that many of the top results returned led to sites hosting malware.
Similarly, Symantec accompanied the release of its free Norton Safe Web Lite Web site rating tool with a study claiming 10 percent or more of the results returned by one-third of topical search terms led to malware.
Firefox tool masks page requests from Google, Bing, and Yahoo.
Cloud-computing security firm Zscaler offers a free Firefox add-on that the company claims reduces the risk of clicking a link in search results that leads to malware. The company's Search Engine Security tool works by changing the HTTP referrer (or "referrer") header (or "string") in the page request the search engine sends when you click a link to make it appear the request came from somewhere other than Google, Bing, or Yahoo.
The theory is that malware authors deliver their bogus links only when they detect a search engine's address in the referrer string that accompanies the page request. The only indication you have that the add-on is active is the small "SES on" message that appears just below the search box.
The referrer isn't changed when you follow links leading from one page to another within Google, Yahoo, or Bing. You can choose which of the three search engines you want to mask by clicking Tools > Add-ons > Extensions, scrolling to Search Engine Security and choosing the Options button. In addition to checking or unchecking Google, Bing, or Yahoo, the program's Options dialog lets you specify a "referrer" and enter domains to its white list of approved sites.
You can also disable Firefox's referrer manually: type about:config in the address bar and press Enter. Click through the reminder to be careful and navigate in the resulting list to network.http.sendRefererHeader. Double-click the entry to open the "Edit integer value" dialog. Change the value to 0 and click OK. The change will take effect when you restart Firefox.
I prefer the more granular control offered by Zscaler's add-on. But I'm not willing to rely on any single product to protect my privacy when I search. I also use McAfee's free SiteAdvisor, which scans thousands of sites for malware and adds a color-coded safety indicator to search results.
Similar tools include Web of Trust (WOT), which collects recommendations from thousands of volunteers to rate the reputation of sites, and LinkExtend, a Firefox toolbar that combines the site safety ratings of eight services and scores sites for security, child safety, company ethics, and other categories.
As usual, a layered approach is the best way to protect your data and your privacy--on the Web and elsewhere.