Google to police the net, ProjectSkyLine to write better code

Greetings,

Yup, totally unrelated. Google will begin to police the net and we will write better code. As you know, we started the port from PHP4 to OOP PHP5, along with using a MVC inspired design and smarty templates. All great things.

We just read in a slashdot post that:

For some time now, searches have displayed 'this site may harm your computer' when Google has tagged a site as containing malware. Now the search engine giant is is further publicizing the level of infection in a paper titled: The Ghost In The Browser. For good reason, too: the company found that nearly 1 in ten sites (or about 450,000) are loaded with malicious software. Google is now promising to identify all web pages on the internet that could be malicious - with its powerful crawling abilities & data centers, the company is in an excellent position to do this. 'As well as characterizing the scale of the problem on the net, the Google study analyzed the main methods by which criminals inject malicious code on to innocent web pages. It found that the code was often contained in those parts of the website not designed or controlled by the website owner, such as banner adverts and widgets. Widgets are small programs that may, for example, display a calendar on a webpage or a web traffic counter. These are often downloaded form third party sites. The rise of web 2.0 and user-generated content gave criminals other channels, or vectors, of attack, it found.'"

Now, at first glance that is great. Besides the common posts about, "won't we be shutting out %10 of the web?".

I see an immediate tactic of malware distributed through 3rd party applications to contain code that will *hide* or disable the exploit code that injects the malware when it see's a google bot querying the page.

Pretty simple for them to do, since google bot advertises itself. In fact, writers could just have it not displayed on any OS/Browser that it couldn't effect. If it needed Windows IE Version 6 to run the exploit, programmers could only serve to that browser.

But then of course bots could start serving fake URI data.

We'll see, won't we.

In other news, we've just completed a case study of our current, *exciting* clients.
Take a look at it here.


We also started working with the World Food Prize, modifying our RSVP software, Project-Contact, to account for a special event they are organizing. Because it is a
government function, special attention must be paid to securing the data and its'
transmission. This project is currently being tested. Stay tuned for more.

We've also been working in depth on WARP2, beginning the complete wireframe and SQL transaction specification. Programming seems easy compared to this!


Also, our lead designer Ben has been working on a few skunkwork projects, including data mining, scripting, automation and emailing. Ha, fill in the blanks.

More to come!

- PSL