Last week, PBWorks founder David Weekly found out from some customers that his hosted collaboration site had been blacklisted by Symantec for hosting malware and, thus, visitors to any of the 10 million pages on PBWorks were being warned that the site wasn't safe.

"(Damn) you, Norton Safe Web. Whenever one file on one PBWorks space has a virus, all of PBworks is marked unsafe?!" a frustrated Weekly wrote on Twitter and Facebook on Thursday. In a follow-up interview, he said: "That's tarnishing our brand. It's not legitimate to basically poison the whole domain and all of its sub-domains."

The problem is not unique to PBWorks; many legitimate sites find themselves on the malware blacklists of services from security software firms, search engines, and browser makers every day. However, the problem is exacerbated for sites like PBWorks where most or all of the content is customer-created and not in the control of the hosting provider. Because one student uploaded a Word file with a virus in it to a PBWorks homework assignment space, all of the 850,000 spaces on the site were penalized.

Now there is help for sites that find themselves on malware blacklists, courtesy of two former Googlers who founded start-up Dasient, which is launching anti-malware services.

On Tuesday, Dasient comes out of stealth mode to offer a public beta of its free blacklist alert service and a fee-based service for monitoring Web sites for malware to keep them from getting blacklisted in the first place. With prices starting at $50 a month, the monitoring service will identify what parts of a site are infected with malware, exactly what code is suspect, and recommend actions to take.

Dasient also is launching a private beta test of what will be a fee-based service that automatically quarantines malicious code found on a Web site while still allowing the site, and even the page that was hosting it, to remain accessible. Two of Dasient's three co-founders have the Google DNA, which helped nab funding and should help in many other ways.

Co-founder Neil Daswani got his doctorate in computer science from Stanford, was a product manager on the security team at Google and lead author on "Foundations of Security: What Every Programmer Needs To Know," a Web application development book that is a standard text used at Google. Daswani helped defend Google's vast networks against malware, botnets, click fraud, and other threats for the three years he worked there.

Shariq Rizvi worked at Google for three years as a software engineer on the Web server team, which is the front end to the search engine, and on the Google AppEngine team. The third co-founder, Ameet Ranadive, were early employees at online personal financial services company Yodlee with Daswani and worked as a hardware engineer at HP before that.

Dasient raised $2 million from investors in October in a seed round led by Stratton Sclavos, former chief executive of security firm VeriSign who is now a venture capitalist at Radar Partners. Other investors were Mike Maples, who has invested in Twitter, and Eric Benhamou, former 3Com and Palm chief executive.

Attacks on browsers, apps increasingly common
More and more security threats are targeting browsers and Web applications, using SQL injections, cross-site scripting and other attacks that can lead to drive-by downloads, for instance.

The attacks also are coming increasingly from trusted and reputable sites. As much as 80 percent of sites hosting malware are legitimate, according to antivirus vendor Sophos). There are even worms like Gumblar that automate the stealing of FTP (File Transfer Protocol) credentials so attackers can compromise Web sites.

As a result of all of this, the market Dasient is targeting is under-served and ripe, Sclavos said.

"This is one of those areas where the pain is very high but the knowledge (among Web site owners) about what to do about it is very low," he said. "It's a relatively new space and the attacks are very sophisticated."

At Google, the founders were used to deploying software and addressing security on a large scale. "We need to be able to operate at Web scale and Web speed in order to provide these automated services," said Ranadive.

Just like when Web sites lose their ranking in Google's search results, sites can lose business and suffer damage to their reputation when they end up on malware blacklists.

Dasient will be targeting Web site owners as well as Internet Service providers and Web hosters. One possible customer is Consolidated Communications, a Web hoster and Web site developer that served as an alpha tester for Dasient after a customer (a nonprofit started by Fred Rogers of Mr. Rogers TV fame) was found to be blacklisted.

"We've seen this happen with a number of sites but not a site on that order and we thought we really should act proactively to help our customers guard against future intrusions," said Tim Sweet, Web services manager at Consolidated Communications. "So, if there is a service we can deliver as an add-on to (customers') hosting service we think they would appreciate it and probably pay for it as well.

"How many of us would fire up a computer without virus protection? It's unthinkable," Sweet added. "So, I see a day coming where we'll treat malware intrusion the same way with our Web sites."

Weekly of PBWorks now has plans to implement server software that checks uploaded files for malware. Any security for the private work spaces that PBWorks hosts would have to be handled in-house, he added.

The Dasient founders hope to share data with the StopBadware.org organization, coordinated by Harvard Law School's Berkman Center for Internet & Society. StopBadware.org, meanwhile, is looking to eventually launch a blacklist alert service of its own one day, according to Maxim Weinstein, manager of the organization.

"I think this idea of more proactive monitoring of sites is a good one. This is an important step for site owners to be able to figure out what's going on with their sites," said Weinstein, who added that his group does not endorse or evaluate specific products or services.

"But, realistically, I think it may be difficult convincing Web site owners to do that until they've been hacked for the first time."

So the Googlies are, allegedly, gnashing and wailing.

Their ears, their nostrils, even their fully formed eyebrows are twitching beyond all human control.

Though I am not one of those who necessarily subscribes to the idea that Googlies ever have extreme emotions, the rumor is that they are in a fizzy tizzy. Because of Bing, the new search fragrance from Microsoft.

According to a report, Google's Sergey Brin has ordered some of his finest brains to take Bing apart as if it were a secretly smuggled advance exemplar of the Palm Pre.

He wants to know how it thinks. He wants to know who its friends are. He wants its very innards examined for performance-enhancing algorithms.

I would very much like to believe this story. Mainly because I want the word "Bing" to become part of the language, but also because Bing seems like a rather fine product.

However, a small part of me, somewhere between my spleen and my liver, is sending a warning signal. You see, last Christmas I read the highly amusing Michael Wolff biography of Rupert Murdoch.

In it, Wolff describes how Murdoch's wife, Wendi Deng, encouraged him to hang with a younger crowd. You know, some of the folks that might just decimate the newspaper industry as we know it. Folks such as Sergey Brin and Larry Page.

So perhaps that place between my spleen and liver has been aroused by the fact that the newspaper that broke the "Google is blinging scared" story was Murdoch's own, and very much beloved, New York Post.

Of course it's possible that someone at Google was trembling so much that he spilled his tale of fear to a friend at the New York Post.

However, when you're perceived as being a little bit of a, well, monopoly, isn't it nice to occasionally bathe in the idea that there is a serious threat to your throne and your, um, pension? Might you just be tempted to find a nicely engineered way of slipping that story out there just to improve the way you are regarded?

It's a little like movies of the last 15 years or so in which the male protagonist has to show his vulnerable side to get the girl.

Because he sheds a tear or two and visits a psychologist to talk about his mama, we end up thinking his belching, slobbering, swilling, snorting, slightly uncouth persona was all actually rather charming.

He does get the girl, though. And that, for him, is really all that matters.

Linux kernel version 2.6.30 has been released, adding support for new file systems, performance improvements, and new hardware drivers.

The Linux kernel is the core used by GNU/Linux operating system distributions from Red Hat, Novell, and others. The new release was made final and was publicized in a newslist post from Linux developer Linus Torvalds last week.

The most prominent new features include support for two new file systems, according to release notes published by Kernelnewbies, a group of Linux developers.

Support was added or updated for the NILFS2 file system, still under development, which is designed to be more resistant to crashes; and for POHMELFS (Parallel Optimized Host Message Exchange Layered File System), a high-performance and network-distributed file system.

The kernel also comes with updated support for other file systems, including EXOFS, a file system for object-based storage devices, and the FS-Cache file system. Tweaks have been made to generally improve file system performance, Kernelnewbies said.

Storage improvements include the addition of support for DST, a technology designed to simplify the creation of high-performance storage networks.

The kernel adds a feature contributed by Intel for speeding up the kernel's boot time by carrying out several steps of the boot process at once. "This feature speeds up the total kernel boot time significantly," Kernelnewbies wrote in their notes on the release.

Other changes include allowing the use of LZMA and Bzip2 compression of kernel images, so that they take up less space; and new or updated drivers that add support for additional hardware and hardware features.

A new architecture for putting hardware into suspend mode has been put into place, according to Torvalds. "We're hopefully now done with the suspend/resume irq re-architecting, and have switched to a new world order," he wrote in the newslist post.