Blogger Clamping Down on Malware and Spam

Last week, Blogger was branded the number one host for malware across the internet in a report by security company, Sophos. Then on Friday, Blogger began a major initiative to identify and lock down potential spam blogs hosted on its’ servers in which many innocent blogs were caught in the crossfire.

The result? A damaging blow to Blogger’s reputation as a reliable blog host, and many frustrated users moving their blogs over to Wordpress.

But what’s the real story behind these damning headlines? Is Blogger really such a bad host?

Why is Blogger the No#1 Host for Malware?

Blogger is a free blog hosting and publishing service which allows users complete access to their template code. This means that Blogger users are able to fully customize their templates, which includes adding JavaScript: an option restricted by most other free hosting and blog publishing services (including Wordpress.com).

This option has proved to be a double edged sword: on one hand, most Blogger users are happy to have full access to their template code and publish perfectly innocent blogs which are no danger to the internet at large. But on the other hand, malicious hackers are able to take advantage of this loophole to host malicious code.

A recent trend has seen innocent blogs corrupted by malicious links posted as comments to their posts. As Sophos points out:

Hackers both set up malicious blogs on the service, and inject dangerous web links and content into innocent blogs in the form of comments (Source)

Graham Cluely of Sophos explains that Blogger hosted sites are a prime target for hackers because of the close relationship with Google:

The attraction for the bad guys in targeting Blogger is that things pretty much get spidered instantly into Google, because it [Blogger] is part of Google

In total, Blogger hosted content accounts for 2% of malware on the Internet. As one of the world’s leading free blog services, Blogger has a duty to it’s users to ensure a reliable and trustworthy service which is free of malicious exploits and undesirable content. As a Google spokesperson pointed out:

Google takes the security of our users very seriously, and we work hard to protect them from malware. Using Blogger, or any Google product, to serve or host malware is a violation of our product policies. We actively work to detect and remove sites that serve malware from our network. (Source)

Sophos says it doesn’t blame Google for the situation and that the company is proactive in weeding out malicious sites from its search results. It also claims pre-scanning blogs for malicious content simply wouldn’t work.

The sheer weight of legitimate traffic makes that unworkable. We see 16,000 malicious web pages added every day - that’s one every five seconds. (Graham Cluley, Sophos. Source)

Blogger does have a system in place to detect blogs which host malware or which are suspected of spam. Bloggers whose blogs are identified as sources of these problems are notified and suspended from posting until they remove unwanted content and request a manual review. However, this system can also cause problems, particularly when innocent bloggers are caught in the crossfire.

False Positives in Blogger’s Spam Detection System

At the other end of the scale, many Blogger users have been angered by the false detection of their blogs as potential hosts of spam.

On Friday, and also in previous months, the official Blogger Help Group was awash with protests from members who were locked out of their blogs due to the suspicion of spam:

Dear Blogger user,

This is a message from the Blogger team.

Your blog, at http://welovetemplates.blogspot.com/, has been identified as a potential spam blog. For an explanation of what spam blogs are, please see Blogger Help.

You will not be able to publish posts to your blog until we review your site and confirm that it is not a spam blog. To request a review, please fill out the form found here: link was here.

We will take a look at your blog and unlock it within four business days. Please note that if we do not hear from you within 20 days, we will remove your blog. If this blog does not belong to you, then you do not have to do anything. Any other blogs you may have will not be affected.

Since you are an actual person reading this, your blog is probably not spam. We find spam by using an automated classifier. Automatic spam detection is inherently fuzzy, and occasionally a blog is flagged incorrectly. We sincerely apologize for this erroneous result. By using this kind of system, however, we can dedicate more storage, bandwidth, and engineering resources to users like you instead of to spammers.

Thank you for your understanding and for your help in our spam-fighting efforts.

Sincerely,

The Blogger Team

After Friday’s incident, Blogger restored all innocent blogs which had been locked in this manner and apologized to all affected in an official statement:

We want to offer our sincerest apologies to affected bloggers and their readers. We’ve tracked down the problem to a bug in our data processing code that locked blogs even when our algorithms concluded they were not spam. We are adding additional monitoring and process checks to ensure that bugs of this magnitude are caught before they can affect your data. (Source)

It’s no surprise that bloggers affected by this issue were infuriated by the accusation and inability to post on their blogs. Many had already vowed to export their blogs to a different host, hoping to safeguard their content against further occurrences of this issue.

Is Blogger a safe host for bloggers?

This is the million dollar question, and one certainly asked by thousands of bloggers in light of these recent revelations about the blogging giant.

Surely, the initiative to remove spam and malware from the system is working. Fewer (if any) splogs appear when using the “next blog” browser on the Blogger toolbar, and it certainly seems many have been removed from Technorati’s index.

As stated in the terms of service, Blogger does not own the content hosted on its servers:

Your Intellectual Property Rights. Google claims no ownership or control over any Content submitted, posted or displayed by you on or through Google services. You or a third party licensor, as appropriate, retain all patent, trademark and copyright to any Content you submit, post or display on or through Google services and you are responsible for protecting those rights, as appropriate.

Like all reputable hosts, Blogger has policies in place to protect itself from malicious content and reserves the right to remove such content from its servers if it violates these terms of service. Indeed, any reputable host should have similar terms in place and will exercise the right to remove content which violates these terms.

Those affected by false positives in Blogger’s fight against spam should feel reassured that their privileges will be restored after review. While this is incredibly inconvenient and upsetting for those involved, let’s hope Blogger will win the fight against spam and ensure a better environment for those using it’s free service.