Google Acquisition Crosses the Security Border


News that the Federal Trade Commission is reviewing Google's purchase of online ad traffic aggregator DoubleClick overshadowed another curious acquisition by the search giant -- that of a security company.

Google bought GreenBorder, a small startup that never garnered much attention with its Web browser sandboxing technology. With Google now shepherding its development, GreenBorder could be the catalyst that turns Google into more of a security company.

I first encountered GreenBorder a few years back at the RSA Conference, the world's largest gathering of security geeks and vendors. A friend of mine was doing PR for this little startup, and convinced me to take a meeting with GreenBorder at its booth, tucked neatly away in the far alcove under the stairs at the Moscone Convention Center. As you can tell, I wasn't overly impressed -- but not for the reasons you think.

GreenBorder works this way: Its software rides on top of a Web browser. Whenever a user hits a Web site, GreenBorder creates a virtual air gap between the site and the client, insulating the user from any malicious code -- viruses, worms, Trojans and spyware -- that may be hidden in the pixels. The user knows he's protected because -- you guessed it -- a green border appears around the Web browser.

Again, at the time, I wasn't overly impressed. For consumers, it seemed like a reasonable alternative to conventional AV and static Web-based attacks. For businesses, the value proposition seemed a little more difficult to discern, since it was yet another application that would ride on an already overburdened client. In either case, it would take years before there was enough critical mass in deployment to make a measurable difference in the propagation of Web-based malware. Besides, GreenBorder was a one-trick pony compared to the security powerhouses of Symantec, McAfee and Trend Micro.

That potentially changes with Google taking over. Here's why.

It was just a few weeks ago that Google released a study of 4.5 million Web sites that concluded that 10 percent of all sites are infected with some form of malware. A similar study by antivirus vendor Sophos concluded that 70 percent of those sites were legitimate entities -- in other words, not porn, spoofed sites, gambling or illicit businesses -- that had been compromised with bots, Trojans and other malicious code. Google, which drives more than half of all Web searches, is often the vehicle for users to stumble upon compromised sites that contain the code that will infect clients and their host networks.

Since the days of the LoveLetter virus and Nimda worm, the security intelligentsia has bemoaned the lack of intervention by the ISPs and carriers, which could theoretically squash malware at peering points or somewhere in the cloud. AT&T flirted with the idea; and the major public e-mail services -- MSN, AOL, Yahoo, etc. -- scan messages for malicious content. Otherwise, it's been a pipedream.

Google is mum about its intentions for GreenBorder. A spokesperson would only reiterate a comment from their press release on the deal: "We believe the expertise of GreenBorder's small, talented team of engineers will greatly benefit our users, advertisers and publishers." Nevertheless, it doesn't take a genius to see the potential for GreenBorder's integration with the Google search engine.

Imagine being able to search the Web carefree of security risks. Google could incorporate GreenBorder's technology to scan sites before allowing search engineer users access (or at least warn them of the security risk). Likewise, Google could integrate GreenBorder in the Google Web browser toolbar, giving users an easy to use tool that provides a certain degree of insulation from malicious Web sites. Either way, Google enhances its value proposition to its paying customers and makes it increasingly more attractive to users than rivals, such as Microsoft and Yahoo.

Google's official blog makes frequent references to preserving the security of its users and customers. GreenBorder may be the first step in making security a prominent part of the "we can do anything" software as a service company. What comes next? Google is mum and the company could go in any direction. But the prospect of Google having security ambitions is making the major security companies are taking note.