P
Paul Collin
I notice with interest that MSAS sends information to
SpyNet when threats are detected. Does this information
contain the offending URL? If so, can this information be
collated to create an up-to-date picture of
internet "black-spots"? And if an up-to-date list of
internet black-spots DOES exist then please can we start
seeing it being put to some good use?
Good use example 1
------------------
I would really like to be informed by MSAS when the URL
I'm about to visit is (or has been) known to carry
spyware. I could then opt to make a hasty retreat and not
give the site's owner the pleasure of another hit (and
I'm sure I'm not alone in thinking this).
The URL alerts could easily be achieved via a topical
list of, say, the top 1000 offending URLs (and maybe a
static list of known URLs used by the criminal
fraternity). This list can be downloaded with each
signature update and scanned before by MSAS letting IE
load a webpage.
Good use example 2
------------------
Another potentially greater benefit of this "black-spot"
information exists - make the information available to
search engines! I'm sure that reputable search engines
would use this information in a snap! How good would
a "Risk" rating be on Google's search results?
I might be asking for stuff that's already in the
pipeline (I hope so), or I might be asking for the moon
on a stick, but I thought I'd throw in my two cents in
while the product is still being developed. Come on
people! What would you like to see?
Paul Collin (no email address for fear of spiders)
SpyNet when threats are detected. Does this information
contain the offending URL? If so, can this information be
collated to create an up-to-date picture of
internet "black-spots"? And if an up-to-date list of
internet black-spots DOES exist then please can we start
seeing it being put to some good use?
Good use example 1
------------------
I would really like to be informed by MSAS when the URL
I'm about to visit is (or has been) known to carry
spyware. I could then opt to make a hasty retreat and not
give the site's owner the pleasure of another hit (and
I'm sure I'm not alone in thinking this).
The URL alerts could easily be achieved via a topical
list of, say, the top 1000 offending URLs (and maybe a
static list of known URLs used by the criminal
fraternity). This list can be downloaded with each
signature update and scanned before by MSAS letting IE
load a webpage.
Good use example 2
------------------
Another potentially greater benefit of this "black-spot"
information exists - make the information available to
search engines! I'm sure that reputable search engines
would use this information in a snap! How good would
a "Risk" rating be on Google's search results?
I might be asking for stuff that's already in the
pipeline (I hope so), or I might be asking for the moon
on a stick, but I thought I'd throw in my two cents in
while the product is still being developed. Come on
people! What would you like to see?
Paul Collin (no email address for fear of spiders)