Google's malware warning

Google have given more details of the malware warning that they will be issuing at the top of their search engine. They have been able to identify around 2,000,000 infected machines on the basis of traffic sent to their servers.

A couple of things strike me about this:

• I wonder how applicable this technique could be to other servers in general? Could we see other sites performing a similar civic duty of warning users about potential malware.
• Given that one route of infection (which Google blames specifically as the culprit in this case) are those fake "Your computer has been infected" popups already littering the Internet, how do we give out a message to users that these popups should generally be ignored because they're likely to be fake, whilst at the same time issuing genuine warnings in an ostensibly similar manner?

I'm interested to hear your thoughts either here, or by tweeting to BitterCoffey.