StopBadware
Anti-malware nonprofit organization
title: "StopBadware" type: doc version: 1 created: 2026-02-28 author: "Wikipedia contributors" status: active scope: public tags: ["organizations-established-in-2006", "consumer-rights-organizations", "privacy-organizations", "information-technology-organizations-based-in-north-america", "organizations-based-in-massachusetts", "harvard-law-school"] description: "Anti-malware nonprofit organization" topic_path: "law" source: "https://en.wikipedia.org/wiki/StopBadware" license: "CC BY-SA 4.0" wikipedia_page_id: 0 wikipedia_revision_id: 0
::summary Anti-malware nonprofit organization ::
::data[format=table title="Infobox organization"]
| Field | Value |
|---|---|
| name | StopBadware |
| logo | StopBadwareLogo.png |
| type | 501(c)(3) |
| founded_date | 2006 |
| dissolved | 2020 |
| founder | John Palfrey, Jonathan Zittrain |
| location | Cambridge, Massachusetts, USA |
| key_people | Vint Cerf, Esther Dyson |
| homepage | |
| :: |
| name = StopBadware | logo = StopBadwareLogo.png | type = 501(c)(3) | founded_date = 2006 | dissolved = 2020 | founder = John Palfrey, Jonathan Zittrain | location = Cambridge, Massachusetts, USA | origins = | key_people = Vint Cerf, Esther Dyson | area_served = | focus = | method = | revenue = | endowment = | num_volunteers = | num_employees = | num_members = | owner = | Non-profit_slogan = | homepage = | footnotes = StopBadware was an anti-malware nonprofit organization focused on making the Web safer through the prevention, mitigation, and remediation of badware websites. It is the successor to StopBadware.org, a project started in 2006 at the Berkman Center for Internet and Society at Harvard University. It spun off to become a standalone organization, and dropped the ".org" in its name, in January 2010. The website stopped working around 2021 because of copyright restrictions.
People
The founders of StopBadware.org were John Palfrey, then Executive Director of the Berkman Center, and Jonathan Zittrain, then at the Oxford Internet Institute.{{cite web |last=Hines |first=Matthew |url=http://securitywatch.eweek.com/adware/stopbadware_researchers_graduate_from_harvard.html |title=StopBadware Researchers Graduate from Harvard |publisher=eWeek Security Watch |date=January 30, 2010 |accessdate=January 13, 2011 |archive-date=January 28, 2011 |archive-url=https://web.archive.org/web/20110128121613/http://securitywatch.eweek.com/adware/stopbadware_researchers_graduate_from_harvard.html |url-status=dead
Board members of StopBadware include Vint Cerf (Chair), Esther Dyson, Philippe Courtot, Alex Eckelberry, Michael Barrett, Brett McDowell, Eric Davis, and Maxim Weinstein, StopBadware's former executive director.{{cite web |url=https://www.stopbadware.org/board |title=Board of Directors |publisher=StopBadware |accessdate=January 19, 2013 John Palfrey, Ari Schwartz, John Morris, Paul Mockapetris, and Mike Shaver formerly served on the Board.
Supporters
StopBadware was funded by corporate and individual donations. Some of its current partners include Google, Mozilla, PayPal, Qualys, Verisign, Verizon, and Yandex.{{cite web |url=https://www.stopbadware.org/partners |title=Supporting Organizations |publisher=StopBadware |accessdate=January 19, 2013 Google, GFI Software, and NSFocus participate as data providers in the organization's Badware Website Clearinghouse (see below). Previous supporters include AOL, Lenovo, Sun Microsystems, Trend Micro, and MySpace. Consumer Reports WebWatch, a now-defunct part of Consumers Union, served as an unpaid special advisor while StopBadware.org was a project at the Berkman Center.
Activities
StopBadware's focus was on fighting "badware by working to strengthen the entire Web ecosystem." In pursuit of this some of the organization's activities include maintaining a badware website clearinghouse, acting as an independent reviewer of blacklisted sites, website owner and user education, and a "We Stop Badware" program for Web hosts.{{cite web |url=https://www.stopbadware.org/what-we-do |title=What We Do |publisher=StopBadware |accessdate=January 19, 2013 In June 2012 StopBadware launched the Ads Integrity Alliance with support from founding members AOL, Facebook, Google, the Interactive Advertising Bureau (IAB), and Twitter. The Alliance is a resource for online ad platforms seeking to protect users from deceptive or harmful ads.{{cite web |url=http://www.adsintegrityalliance.org/ |title=Ads Integrity Alliance |publisher=StopBadware |accessdate=January 19, 2013 The organization receives data from its data providers and maintains a searchable clearinghouse (Badware Website Clearinghouse) of URLs blacklisted by those data providers.{{cite web |url=https://www.stopbadware.org/clearinghouse |title=Badware Website Clearinghouse |publisher=StopBadware |accessdate=January 19, 2013 StopBadware's independent review process gives webmasters the option to request removal from data providers' blacklists and is intended to function as "due process" for webmasters whose sites have been listed as bad.{{cite web |last=Mills |first=Elinor |url=http://news.cnet.com/stopbadware.org-the-place-to-appeal-a-google-malware-warning/ |title=StopBadware.org, the place to appeal a Google malware warning |publisher=CNET Security News |date=February 2, 2009 |accessdate=January 13, 2011 |url=https://www.stopbadware.org/request-review |title=Request a Review |publisher=StopBadware |accessdate=January 19, 2013 StopBadware maintains a community forum, BadwareBusters.org,{{cite web |url = https://badwarebusters.org/main/about |title = About |publisher = BadwareBusters.org |accessdate = January 13, 2011 |url-status = dead |archiveurl = https://web.archive.org/web/20110101014020/https://badwarebusters.org/main/about |archivedate = January 1, 2011 which includes an online form for reporting badware URLs encountered by the community.
StopBadware also aggregated badware statistics,{{cite web |url=https://www.stopbadware.org/top-50 |title=AS Report – Top 50 by Number of Reported URLs |publisher=StopBadware |accessdate=January 19, 2013 advocates for consumer protection in public policy, and publishes advisory documents (software guidelines,{{cite web |url=https://www.stopbadware.org/guidelines |title=Guidelines |publisher=StopBadware |accessdate=January 19, 2013 best practices for web hosting providers{{cite web |url=https://www.stopbadware.org/we-stop-badware |title=Web Hosting Best Practices |publisher=StopBadware |accessdate=January 19, 2013 ) compiled with input from the organization's working groups.{{cite web |url = http://stopbadware.org/home/working_groups |title = Working Groups. |publisher = StopBadware |accessdate = January 13, 2011 |url-status = dead |archiveurl = https://web.archive.org/web/20101128001544/http://stopbadware.org/home/working_groups |archivedate = November 28, 2010
Defining "badware"
Originally
StopBadware.org originally, in 2006, defined "badware" as follows:
- If the application acts deceptively or irreversibly.
- If the application engages in potentially objectionable behavior without:
- First, prominently disclosing to the user that it will engage in such behavior, in clear and non-technical language, and
- Then, obtaining the user's affirmative consent to that aspect of the application.
The original mission was to "provide tools and information that assist industry and policymakers in meeting their responsibility to protect users from badware, and that help users protect themselves."{{cite web |url=http://stopbadware.org/ |title=Main Page |publisher=StopBadware |accessdate=January 13, 2011
In the 2010s
StopBadware focused on web-based malware and defined badware as "software that fundamentally disregards a user's choice about how his or her computer or network connection will be used." This includes viruses, Trojans, rootkits, botnets, spyware, scareware, and many other types of malware. A badware website is a website that helps distribute badware, either intentionally or because it has been compromised.{{cite web |url=https://www.stopbadware.org/badware |title=What is Badware |publisher=StopBadware |accessdate=January 19, 2013
Google and StopBadware
There was a common misconception that StopBadware blacklists websites and that Google uses this blacklist to protect their users. In fact, Google's Safe Browsing initiative uses automated systems to identify and blacklist websites.{{cite web |last=Ballard |first=Lucas |url=https://googleonlinesecurity.blogspot.com/2009/10/show-me-malware.html |title=Show Me the Malware! |publisher=CNET Security News |date=October 12, 2009 |accessdate=January 13, 2011
The confusion is likely due to the close relationship between Google and StopBadware. Google links to StopBadware from their interstitial warning pages.{{cite web |url=http://serpguard.com/faq1/ |title=What is the Google Safe Browsing Blacklist? |publisher=SerpGuard website |accessdate=January 13, 2011 The link (now defunct) directed users to StopBadware's educational content about badware;{{cite web |url=http://www.google.com/support/websearch/bin/answer.py?&answer=45449&hl=en |title=Suspicious results and strange behavior: Results labeled 'This site may harm your computer. |publisher=Google Web Search Help results |accessdate=January 13, 2011 it also pointed webmasters to StopBadware's independent review process so site owners can request removal from Google's blacklist.
Google uses automated systems to search for websites that distribute badware, and issues warnings about websites on which malicious activity is detected. When a user tries to access one of these sites, that user is redirected to an interstitial page wherein Google warns the user of the detected malicious activity.{{cite web |last=Gabe |first=Glenn |url=http://www.searchenginejournal.com/yes-youre-an-attack-site-that-contains-malware-now-heres-what-to-do-about-it/10035/ |title=Yes, You're An Attack Site That Contains Malware, Now Here's What To Do About It |publisher=Search Engine Journal |date=April 22, 2009 |accessdate=January 13, 2011 Google attempts to notify site owners when blacklisting a website.{{cite web |url=http://www.google.com/support/webmasters/bin/answer.py?hl=en&answer=163633 |title=About malware and hacked sites |publisher=Google Webmaster Tools Help results |accessdate=January 13, 2011
On February 2, 2009, for the duration of approximately one hour, all sites were temporarily listed as "potentially harmful to [ones] computer".
References
References
- (2020-08-06). "Remove the link to StopBadware.org in SafeBrowsing interstitial page".
- Miller, Mary Helen. (January 28, 2010). "StopBadware Spins Off From Harvard U. to Be a Stand-Alone Nonprofit Group". The Chronicle of Higher Education.
- (April 7, 2006). "Stop Badware Software Guidelines".
- Provos, Niels. (April 2007). "The Ghost in the Browser: Analysis of Web-based Malware.". USENIX.
- [https://www.cnet.com/news/google-warns-entire-internet-is-malware/ Google warns entire Internet is malware] – "For about an hour Saturday morning, Google listed every site on the Internet as potentially harmful to your computer. At first, Google blamed the problem on StopBadware.org but later had to eat crow."
::callout[type=info title="Wikipedia Source"] This article was imported from Wikipedia and is available under the Creative Commons Attribution-ShareAlike 4.0 License. Content has been adapted to SurfDoc format. Original contributors can be found on the article history page. ::