Public service or self-serving? This article asks the question: what limits should Google observe in pursuit of its new process of automatically searching web sites for the presence of malicious spyware (hereinafter "malware")? At what point does doing an admittedly useful thing become a reach too far? Google's interaction with web site owners as a part of their malware detection and site review process is the subject of this article.

Malware is software that can report personal or critical computerized information back to the entity that created the malware, can plant viruses on the user's computer and can even infect web sites maintained by the owner of the site. Other names include "spyware," "trojans," "badware," "deceptive adware," and so on. It is placed on computers without the knowledge or consent of users when they connect to the Internet and visit sites on the web.

In summary form, Google and Mozilla now cooperate to render web sites inaccessible via Mozilla's widely used Firefox browser when Google's automatic scanning process claims to have found an infected site. In order to remove this "blacklist" mark and restore site accessibility via Firefox, the site the owner must first clean the site (a reasonable requirement) and then create a Google "Webmasters/Site owners" account and request a "review" of the site. (The blacklist is passed to Firefox browsers via a file named urlclassifier3.sqlite. It does no good to delete it because Mozilla soon downloads another copy.)

You read that correctly. You cannot obtain a review by Google without first creating an account with Google – which is then in a position to use any information thus obtained for their own purposes without further knowledge of or control by the account applicant.

It should be clearly understood that malware, viruses and other forms of malicious software are a serious problem for computer users worldwide. The fact that Google and other organizations acting as partners in a new web entity called StopBadware, along with Mozilla, PayPal, AOL, VeriSign, Trend Micro, and Consumer Reports WebWatch, is detecting malicious software is a good thing. And, it is certainly reasonable and proper that a web site owner who has been victiized by a malware attack should, once informed, clean the web site before once again offering web access.

The part that web site owners should be aware of is the fact that Google itself provides no method by which a site can be reviewed and restored to full Firefox access other than through creation of a Google account. There is the claim that Google periodically re-reviews blacklisted sites. However, nothing is said about the frequency of these visits, and a long delay could conceivably work a hardship on those who depend on their web site for worthy uses or economic support. The better alternate is to make your review request through StopBadware.com. To initiate the process, visit this link: http://stopbadware.org/home/reportsearch.

One has to ask, is forcing someone to create an account under consequence of having one's web site rendered non-accessible for some unknown period of time in one of the more popular web browsers (i.e. Firefox) a user-friendly practice? The thoughts expressed herein in no way constitute an accusation of malfeasance. But they are food for thought by other web users and site owners.