Security

Facebook Bolsters Malware Protection

Facebook has cemented a new partnership to protect its users against malicious links posted on their walls, news feeds, and elsewhere in the social network. You know, those links from someone you haven't seen in years encouraging you to click through to the photos of how "you waz sooo crazy at that party last night!!!" or some such. Click on one and you could be welcoming all kinds of nasty stuff into your account and even your hard drive.

Facebook's new security alert (click to enlarge)

Facebook will now be using Websense to clamp down a little tighter, adding the company's "Advanced Classification Engine" on the back end. When a user clicks on a link inside Facebook, it's passed on to ACE, which lives in the cloud and is constantly checking for new threats. If ACE has already classified the site in question as a threat, it sends a warning message back to the user.

ACE is the same technology behind the TRITON security package that's used by many enterprises, so it's pretty rapid at picking up on new bugs and malicious campaigns and classifying them, but that doesn't mean it will be fast enough to catch every nasty link on Facebook before a few users click through.

A link that goes viral on the social network can often spread faster than just about anything -- and when that viral link also happens to be a virus accessing your list of friends and reposting itself all over without your permission, it can soon be anywhere. The good news is that the quicker it spreads, the quicker ACE is likely to pick up on it and classify it as nasty.

Facebook hopes that adding the new partnership to their existing arsenal of security defenses will help to shrink that window of vulnerability -- the time between when a threat crops up and when it is identified, cataloged, and the warnings go out.

Facebook wasn't exactly naked before integrating Websense into the service. It has its own security systems, and has worked out deals with the likes of McAfee in the past. Websense has also supplied a Facebook app called Defensio, which provides filters and controls for content posted to users' walls, for some time.

Follow Eric on Twitter, and at ericmack.org. Follow PC World on Twitter, too.

Subscribe to the Security Watch Newsletter

Comments