Google Publishes Malware Blacklist API

Dennis Faas's picture

Two of Google's Antiphishing and Antimalware employees have announced that the company is releasing its Safe Browsing API to the public.


The public will be able to access Google's updated blacklist of suspected phishing and malware-infected websites.

Brian Rakowski and Garrett Casto explain that developers could use the API to prevent users from posting phishing links on a blog, or to notify users that links lead to sites with malware. "The API is still experimental, but we hope it will be useful to ISPs, web hosting companies and anyone building a site or an application that publishes or transmits user-generated links," the Google researchers said. (Source:

Anyone with a Google account can gain access to the blacklist by signing up for an API key. The key, which is a 58-character string used for authentication purposes, allows Google to disable access if users violate the terms of the service agreement.

There are a few more limitations to using the API. One such restriction is the number of users an application using the API is allowed to service. Google's license agreement says that if more than 10,000 users are expected to regularly send requests to the API, the developer will have to send an email to Google to lift the cap. Further, applications that use the API must inform users that the service does not provide 100 per cent protection. (Source:

Google's release of the Safe Browsing API represents another step in the right direction. Google has been trying to make Internet safety a top priority; the company recently purchased the security firm GreenBorder.

While the Safe Browsing API does not protect against all malware and phishing websites, it can certainly be a big help. The more tools out there to protect the public against malicious attacks, the better it is for everyone.

Rate this article: 
No votes yet