Your next search on Yahoo may include a friendly warning.
You don't need to conduct a search to know that the Web is the prime vector for spreading malicious code, from Trojans to keyloggers. Millions of dangerous sites, often optimized for searches, await to deliver drive-by downloads of trouble, whether you are doing business research or casually surfing for free games at home, in a coffee shop or on a break.
The warning on links to suspect sites, powered by McAfee's SiteAdvisor, will tell you to proceed at your own risk of getting malicious programs or giving your email address to be shared with spammers and phishers. The Yahoo-McAfee partnership, branded as SearchScan, launched in beta today to help protect users, who may not suspect their exposure until its too late.
"I think they are moving in right direction. These kinds of moves help a little bit at least in making some of the obvious things a bit safer for users," said Rich Mogull, a former Gartner analyst, now an independent consultant and founder of Securosis, observing the state of Internet security for major search engine providers and online vendors.
"I don't think this is a problem any of them can solve," Mogull said. "The concern is if users become overly reliant on these kinds of results they may still end up going to dangerous places."
Reasoning that most Web sessions start with searches, Yahoo believes enhanced security is essential to protect its users and shore up confidence in online commerce. A bright red icon warns them of the nature of the suspected threat "Warning: Dangerous downloads" or "Unsolicited emails". Running your cursor over the warning provides additional explanation and information; a discreet green shield icon in the upper right corner of the search page tells you about SearchScan.
"Getting this launched is really crticial to keeping the Internet on its growth track," said Priyank Garg, director of product management for Yahoo Search. "This can help to go a long way to making consumers feel more truasted and feel safer when they're interacting with Web sites."
SearchScan does not include all of SiteAdvisor's features, including the ability to help detect compromised legitimate websites. That requires a full version of the product or one of McAfee's other desktop security products that include it.
SearchScan is the most recent move by Yahoo to improve its users' security. In October, Yahoo annoucned it was rolling out signature-based email authentication to all Yahoo Mail users, specifically to verify mail for eBay and PayPal, among the leading targets for phishing scams.
Yahoo said its user research shows flagging user confidence in ecommerce, and hopes initiatives like SearchScan and DomainKeys will help restore that confidence and give it a competitive edge against the elephant in the room, Google.
"Our goal is to be the search engine that users love and can trust to get from 'to-do' to 'done' on a daily basis as they use search," said Garg. "Our web expertise and McAfeee's security expertise and will provide the best protection users can find, and that will be differetiating experience for users in this space."
While praising the effort, Mogull says the evidence is that while users say they are concerned about security, they are conducting more and more business online every year. And, he is less than confident SearchScan or improved Web security--user polls notwithstanding--will translate drive business to Yahoo.
"It's a great move, but don't expect to change business," he said. "We have not seen that security concerns have affected the choice of search providers that consumers use. It's the right thing to do, but I don't it will affect user [search] behavior."