I'm usually a curmudgeon and a contrarian when it comes to the state of IT security. However, recent developments give me hope that my vision of a safer Internet might not be too far off. Major Internet companies, including Google, Comcast, and Verizon, have all rolled out new services that could seed a worldwide warning system and ultimately make the Internet far safer by slowing the spread of malware.
The first is Google's apparent previously unannounced modification to its Gmail service: When Gmail (via an IP address resolution query) detects that an account is being accessed from a country -- for example, China -- that's not the normal point of entry, the service will alert the user when he or she logs in from his or her regulation location. The user will see a red banner reading, "Warning: We believe your account was recently accessed from: China" followed by the IP address.
[ Also on InfoWorld.com: Oracle database admins acknowledge security gaps | Master your security with InfoWorld's interactive Security iGuide. | Stay up to date on the latest security developments with InfoWorld's Security Central newsletter. ]
I applaud the new warning. The overall idea is not really new; several online email services over the past two decades have displayed the user's last logged-on location. But Gmail is the first (that I know of) to place a visible banner to actively warning users, particularly about accesses from China. This is in response to the larger China-based hacking incident from earlier this year, which involved logon account information compromises.
I'd be an even bigger fan of such warnings if they simply report that the access occurred from a location different than the user's normal location. Certainly, there would be a few false positives as many of us travel and access our email from new locations -- but more information is usually better than less information. I applaud Google for its disclosure and service, and I hope more email vendors offer similar services.
Comcast's Constant Guard service is another proactive step in the right direction. If the service, one of the world's latest ISPs, detects malicious bot activity on a customer's computer (for example, a high number of connections from a wide range of IP addresses, customer listing on antibot reports from antimalware services, and so on), the company will alert the customer to the possible bot exploitation on his or her PC.
In 2009, Comcast started to send warning emails to alert customers. Now, the company will try to impose a banner warning in the middle of the user's browser session, which is quicker. I appreciate Comcast's efforts. When the company protects its customers, it protects more of the world's non-Comcast consumers as well.