Slashdot Mirror

← Back to Stories (view on slashdot.org)

Desktop Search Tools Will Help Virus Writers

Posted by CmdrTaco on from the helping-the-hurters dept.

An anonymous reader writes "With desktop search tools all the rage, ZDNet is reporting that virus writers could take advantage of the technology to produce more efficient malware. "Any software that can index and capture data on a users PC will be subject to virus and Trojan exploits. It is just a matter of time," said an analyst at Frost & Sullivan. "

16 of 140 comments (clear)

  1. Please.. don't shoot the messenger by Ckwop · · Score: 4, Informative

    Don't shoot the messenger. Desktop search is only exposing a weakness that is already there as it can only index stuff it has permission to index.

    As always, Schneier is particularly lucid on this issue, see his essay here

    Simon.

    1. Re:Please.. don't shoot the messenger by uptownguy · · Score: 5, Interesting

      Desktop search is only exposing a weakness that is already there as it can only index stuff it has permission to index.

      I understand that this is technically true -- but did you know Google Desktop Search can do some pretty nasty things -- things like indexing all of the Word files on your computer? If one of them happens to be password protected, you click on the link and it asks for the password. But if you click on CACHED copy -- poof, there is the entire document, right there in your web browser. Whoops. Don't even get me started on cached copies of deleted files...

      Google Desktop Search is powerful -- and is only indexing what is already there, true, true, all true...but still -- when it gets easy enough that someone like me can quickly and easily poke around and look at things I'm not supposed to... well, that's scary.

      --


      I would have to say that explosives are the most abused technology in all of history.
  2. Sensationalism alert! dir/s aids malware writers! by garcia · · Score: 5, Insightful

    "It sounds like great technology but don't deploy it without considering the security implications. With any new product area there is a need to consider security," said Campbell.

    How about we not worry about userland programs being "insecure" when the real issue is that the malware was installed on the machine in the first place. Just because the desktop search features can index a large amount of personal data does not mean it's a security issue... The security issue is something entirely different and needs to be treated as such.

    Are we supposed to just suffer through computer-use because Microsoft and its users are lax about security so that life is easier?

    Dimension Data's Campbell said that if companies do choose to deploy desktop search tools, they should take extra care to ensure viruses do not get a chance to execute on the desktop.

    Companies like who? Microsoft right? Oh wait, we are supposed to just live with how shitty Windows is at userlevel security right?

    This article was a bunch of trash and really was speculation more than anything else. Move along, there's nothing to see here...

  3. Sure, George by gowen · · Score: 5, Funny
    "Any software that can index and capture data on a users PC will be subject to virus and Trojan exploits. It is just a matter of time," said an analyst
    That's right. Who can forget the terrible slocate worm of 2002, that brought GNU/linux systems crashing to their knees.
    --
    Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
  4. efficient viruses? by k4_pacific · · Score: 5, Insightful

    "more efficient malware"

    Do virus writers really care that much about efficiency? It's not their PC that's gonna run the thing. They could just as easily make the thing continually grep for documents containing 16 digit Luhn-validated numbers and send them off someplace when they're found.

    --
    Unknown host pong.
    1. Re:efficient viruses? by miltimj · · Score: 4, Insightful

      Do virus writers really care that much about efficiency? It's not their PC that's gonna run the thing

      Except when the user's machine is cranking away at 100% CPU and/or hammering the hdd, they're going to wonder what's up, investigate, and terminate the process.

      (Yes, I know the average user won't, but they're more likely to inquire and report it to someone more knowledgeable).

      --
      "Truth is not decided by majority vote" consensus gentium -- Norman Geisler
    2. Re:efficient viruses? by jellomizer · · Score: 4, Insightful

      The old viruses were very efficient they could be on your system for weeks without you noticing. Until that one program just seems to run a little slower then it should or you hear your floppy disk start processing when it shouldn't The more efficient a virus is the longer it will be there before someone realizes that something is wrong. Most virus out there dont want to distroy the computer just use it for its own goals.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    3. Re:efficient viruses? by drew · · Score: 4, Insightful

      actually, they will most likely decide that their computer is old and out of date and buy a new one.

      --
      If I don't put anything here, will anyone recognize me anymore?
  5. Taking Advantage by Nom+du+Keyboard · · Score: 5, Insightful
    virus writers could take advantage of the technology

    So tell me, is there any technology that virus writers can't take advantage of?

    And don't say Fire Walls. It wasn't so long ago that a well-known fire wall itself proved to be the vulnerable chink in the system.

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  6. This just in! by guido1 · · Score: 4, Insightful

    Technology can be applied for either good or evil.

    Who'd have thunk?

  7. Virus Source Code by totallygeek · · Score: 4, Informative
    For those interested, check out the Virus Source Code Database. As for the article, I don't think that making virus authoring easier is any concern. Why not make the software impervious to virus attack in the first place? I mean, the design of DOS, Windows, and now Windows XP does little to stop malware, viruses, trojans, spyware, etc.

    --
    Click here or here.
  8. Re:They'll never exploit MY desktop search tool by JaffaKREE · · Score: 4, Funny

    I have always found "grope" to be a much more effective and fun exploit. Whether you're in the office, or on-the-go, grope gets results !

  9. Hmm... by which+way+is+up · · Score: 4, Funny

    or maybe it will be easier to track down the malware since it will be indexed along with everything else?

  10. The #1 exploitation vector for virus writers... by Anonymous Coward · · Score: 5, Funny

    Filesystems!

    We must eliminate these horrors from operating systems or we will never be rid of all this nonsense. And after we get rid of filesystems, executables should be the next thing to go.

  11. Tools used for good and evil by TheEnigma · · Score: 5, Insightful

    Let me know when they invent the knife you can't cut a person with.

    Imagine having a job where you're paid big money to state the obvious. The dream of all useless people is to become an analyst.

    Undoubtedly someone will point out that one tool is more useful for nefarious deeds than another, but then how many people get killed by staplers? This is not news!

    --

    Stand back. I've got a brain and I'm not afraid to use it.

  12. My Foolproof Solution by severoon · · Score: 4, Funny

    My solution to this problem is iron-clad. I keep all my banking accounts empty and have nothing of value on my computer, or in life.

    --
    but have you considered the following argument: shut up.