Searching for a hot news topic or buzzword can already lead an unsuspecting person to harmful malware. Recent articles are full of warnings about malware hidden in links that are supposedly about the World Cup or the Icelandic Volcano. Estimates have suggested that about 14 percent of traditional searches for trending news go to sites hosting malware.

As real-time search becomes more important, the problem of malware-related results could become much worse, according to a talk given yesterday by Dan Hubbard, CTO of Websense, at the Cloud Security Alliance Summit, which took place at the Black Hat security conference in Las Vegas. The event brought together speakers from government, industry, academia, and the underground. Hubbard outlined several ways that real-time search results are easy to poison.

Much of the problem stems from the nature of information provided in real time, Hubbard says. It's noisy, spammy, and not authoritative. So search engines have a difficult task ahead determining what links can be trusted.

The results are also easy to manipulate. Hubbard experimented with searches related to the recent Boston marathon. He found that he could get posts to the top of real-time search engine results by posting in anticipation of events. For example, he posted information about who had won before there was a winner, garnering a top spot on real-time results pages. He found that he could trick even Google by introducing typos that other users might be likely to make (such as "Botson" marathon). And, by posting images along with text, Hubbard found that he was able to rocket his posts to the top of results pages.

Hubbard says spammers could use social graphs to manipulate real-time search results as well. A botnet, for example, could create large numbers of interconnected Twitter accounts, creating a source of information that could seem authoritative. Hubbard also pointed to recent reports of spammers taking over the Twitter accounts of well-known users.

There may be big opportunities for spammers as location gets factored into the ranking of real-time results. Current location services trust where users say they are, he says. Location is also relatively easy to spoof. Spammers could add their links to real-time search ranks by seeming, for example, to tweet about the Icelandic volcano from Iceland, or about the Boston marathon from the finish line.

Hubbard plans to continue his investigation by looking at how spammers might be able to influence Facebook streams and search, and what they might be able to do with the popular location-based social network Foursquare.

At TechCrunch Disrupt, a conference on the Web taking place this week in New York City, famous venture capitalist John Doerr, a partner at Kleiner Perkins Caufield and Byers, outlined his vision of the next wave of change on the Web.

Doerr is known for having invested in such heavyweight companies as Google and Amazon, and in rising stars such as the fast-growing social gaming network Zynga. He believes that the new wave of the Internet "is a combination of social, mobile, and some new kinds of commerce." Though Doerr says he's still searching for a name for the change he sees, he ranks it on a level with the introduction of the personal computer and the rise of the Internet.

The key, he says, is that smart phones change everything. These devices know who you are and where you are, and they're always connected. To Doerr, this is the key to shifting the Web from being about documents and websites to being about people, places, and relationships.

Doerr has put his money where his mouth is by looking to invest in applications for mobile devices. His firm raised a $100 million to fund such ventures--the announcement was made the same day as the launch of the app store. As evidence for the impact of such devices, Doerr says that the 14 ventures his firm invested in using the money raised are going to do $100 million in revenue this year. The people who have downloaded the applications are spending 80 million minutes a day using them.

Yesterday, at Facebook's f8 developers' conference, the social network announced a new platform called Open Graph. The service will allow partner sites to put "Like" buttons on their pages, mimicking a feature that's already popular within Facebook itself. If logged-in Facebook users click on these "Like" buttons, the action goes back to Facebook and posts on the user's profile, with a link to the site where the content was located.

This strikes me as a second try at Facebook's ill-fated advertising platform, Beacon. Although advertising isn't integrated into Open Graph yet, the similarities are hard to ignore.

With Beacon, Facebook reported user actions on third-party sites on the user's page on the social network. Facebook sold the platform as a way of letting users share even more about their Web activity with their friends. Where it went wrong was that users were often surprised when Beacon reported on their activity. Because they didn't feel in control, and the system was linked explicitly with advertising, users felt tricked into participating in product endorsements, and they felt their privacy was invaded.

Open Graph is a good second take. It still allows users to share data on their activities on third-party sites with friends and with Facebook. However, users will choose when to do so, because they'll have to choose when to push the "Like" button. And, by extending a feature that's already popular, Facebook increases users' comfort with the changes.

But this is still a way of giving Facebook much more information about user activity on the Web, which could be used to target advertising. It would also be easy for Facebook to add more advertising integration later, once users are comfortable with using Open Graph. For example, I could imagine a site offering incentives to entice users to push "Like."

Facebook also announced deeper integration with some services, such as those offered by Pandora and Microsoft, at f8. Docs for Facebook, for example, lets users cooperatively edit documents online. They can also move them back and forth between the Web and Office 2010.

All in all, Facebook plans to become even more involved in its users' online lives.