StopBadware


StopBadware is an anti-malware nonprofit organization focused on making the Web safer through the prevention, mitigation, and remediation of badware websites. It is the successor to StopBadware.org, a project started in 2006 at the Berkman Center for Internet and Society at Harvard University. It spun off to become a standalone organization, and dropped the ".org" in its name, in January 2010.

People

The founders of StopBadware.org were John Palfrey, then Executive Director of the Berkman Center, and Jonathan Zittrain, then at the Oxford Internet Institute. Both are now Professors of Law at Harvard University and faculty co-directors of the Berkman Center.
Board members of StopBadware include Vint Cerf, Esther Dyson, Philippe Courtot, Alex Eckelberry, Michael Barrett, Brett McDowell, Eric Davis, and Maxim Weinstein, StopBadware's former executive director. John Palfrey, Ari Schwartz, John Morris, Paul Mockapetris, and Mike Shaver formerly served on the Board.

Supporters

StopBadware is funded by corporate and individual donations. Some of its current partners include Google, Mozilla, PayPal, Qualys, Verisign, Verizon, and Yandex.
Google, GFI Software, and NSFocus participate as data providers in the organization's Badware Website Clearinghouse. Previous supporters include AOL, Lenovo, Sun Microsystems, Trend Micro, and MySpace. Consumer Reports WebWatch, a now-defunct part of Consumers Union, served as an unpaid special advisor while StopBadware.org was a project at the Berkman Center.

Activities

StopBadware's current focus is on fighting "badware by working to strengthen the entire Web ecosystem." In pursuit of this some of the organization's activities include maintaining a badware website clearinghouse, acting as an independent reviewer of blacklisted sites, website owner and user education, and a "We Stop Badware" program for Web hosts. In June 2012 StopBadware launched the Ads Integrity Alliance with support from founding members AOL, Facebook, Google, the Interactive Advertising Bureau, and Twitter. The Alliance is a resource for online ad platforms seeking to protect users from deceptive or harmful ads. The organization receives data from its data providers and maintains a searchable clearinghouse of URLs blacklisted by those data providers. StopBadware's independent review process gives webmasters the option to request removal from data providers' blacklists and is intended to function as "due process" for webmasters whose sites have been listed as bad. StopBadware maintains a community forum, BadwareBusters.org, which includes an online form for reporting badware URLs encountered by the community.
StopBadware also aggregates badware statistics, advocates for consumer protection in public policy, and publishes advisory documents compiled with input from the organization's working groups.

Defining "badware"

Originally

StopBadware.org originally, in 2006, defined "badware" as follows:
  1. If the application acts deceptively or irreversibly.
  2. If the application engages in potentially objectionable behavior without:
  3. * First, prominently disclosing to the user that it will engage in such behavior, in clear and non-technical language, and
  4. * Then, obtaining the user's affirmative consent to that aspect of the application.
The original mission was to "provide tools and information that assist industry and policymakers in meeting their responsibility to protect users from badware, and that help users protect themselves." StopBadware took the position that software is badware if it does certain prohibited things, despite any disclaimer in an EULA or purported consent by the user. "Silently downloading" and "Installing additional software without informing the user of the identity and purpose of that software " are examples of such prohibited behavior. StopBadware investigated reports of improper behavior by programs, and offered vendors the opportunity to reply to their findings.

Currently

StopBadware now focuses on web-based malware and presently defines badware as "software that fundamentally disregards a user's choice about how his or her computer or network connection will be used." This includes viruses, Trojans, rootkits, botnets, spyware, scareware, and many other types of malware. A badware website is a website that helps distribute badware, either intentionally or because it has been compromised.

Google and StopBadware

There is a common misconception that StopBadware blacklists websites and that Google uses this blacklist to protect their users. In fact, Google's Safe Browsing initiative uses automated systems to identify and blacklist websites. This blacklist is used by Google to warn users before they visit potentially dangerous sites. The Firefox web browser and other applications also use Google's Safe Browsing API to warn their users based on the same blacklist.
The confusion is likely due to the close relationship between Google and StopBadware. Google links to StopBadware from their interstitial warning pages. The link directs users to StopBadware's educational content about badware; it also points webmasters to StopBadware's independent review process so site owners can request removal from Google's blacklist. StopBadware's Badware Website Clearinghouse also lists websites blacklisted by Google.
Google uses automated systems to search for websites that distribute badware, and issues warnings about websites on which malicious activity is detected. When a user tries to access one of these sites, that user is redirected to an interstitial page wherein Google warns the user of the detected malicious activity. Google attempts to notify site owners when blacklisting a website.