Search Results icons

[Amaroq_Starwind]

The Webroot SecureAnywhere browser extension will show an icon next to websites on a Google search results page if the websites in question have been verified as legitimate (example, a green checkmark in a circle). That feature should be added to the MalwareBytes extension for Chrome and Firefox, along with a different icon for websites which have have been suspected as fraudulent (a red exclaimation in a circle), and/or a Malwarebytes logo for websites which are directly affiliated with MalwareBytes. Maybe it could also generate an identicon preview for URLs you find on a search results page, determined by the IP address which is hosting the website.

[exile360]

I'm not too sure about this just because a big part of how the Malwarebytes browser extension works is to observe page behavior at loading time to determine if it fits the known patterns of certain malicious types of sites (such as tech support scams etc.), though this probably could be done for known sites in the block database.  That said, it could generate a lot of traffic if MB had to poll all of the IPs/domains of every site listed on a page of search results/links.

Also, if Webroot (and the other AV/AM vendors who do things like this like AVG, Kaspersky etc. that I've seen in the past) are accomplishing this by hijacking connections, altering certs and breaking security protocols like HTTPS (something such technologies are often known to do) then I'd rather Malwarebytes didn't go this route.  If however it's possible to accomplish this without compromising certs and security encryption protocols like HTTPS etc. then I'd be fine with it.

[Amaroq_Starwind]

I'm sure that there are ways to cut down on the amount of traffic that it would generate. The exact nature of that, on the other hand,  I'm not entirely sure.

[Amaroq_Starwind]

Actually, in IPv4 you can use something called MultiCast to cut down on the number of packets you need to send, since you just need to send a single packet for every MultiCast address or destination you're polling, and it will take care of polling everything below it. At least that's how my dad explains it. I'm also not sure what the equivalent would be for something like IPv6.

You could also use a database for Verified websites, not just Fraudulent ones, and any websites which are known to be associated with MalwareBytes would of course also be part of the database. You wouldn't even have to update a clientside database constantly, just periodically, and anything not already in the database can be uploaded as needed once its status has been determined by the client.

[Amaroq_Starwind]

And here we go:

https://en.wikipedia.org/wiki/IP_multicast 

Turns out there's numerous different extensions to Multicast, so it should already be well-suited to this feature.

Side-note: I really hope that I eventually get the permission to edit my own posts, even if the edits have to be moderator-approved before they're shown to the world. I just really dislike having to make multiple posts in a row.

[rakka]

@Amaroq_Starwind thanks for the suggestion, currently we don't have anything that can easily accommodate this feature request but, it is worth investigating for future releases. 

I have added this request to the product backlog.