Desktop Search Tools Will Help Virus Writers

An anonymous reader writes "With desktop search tools all the rage, ZDNet is reporting that virus writers could take advantage of the technology to produce more efficient malware. "Any software that can index and capture data on a users PC will be subject to virus and Trojan exploits. It is just a matter of time," said an analyst at Frost & Sullivan. "

Sensationalism alert! dir/s aids malware writers!

[garcia]

"It sounds like great technology but don't deploy it without considering the security implications. With any new product area there is a need to consider security," said Campbell.

How about we not worry about userland programs being "insecure" when the real issue is that the malware was installed on the machine in the first place. Just because the desktop search features can index a large amount of personal data does not mean it's a security issue... The security issue is something entirely different and needs to be treated as such.

Are we supposed to just suffer through computer-use because Microsoft and its users are lax about security so that life is easier?

Dimension Data's Campbell said that if companies do choose to deploy desktop search tools, they should take extra care to ensure viruses do not get a chance to execute on the desktop.

Companies like who? Microsoft right? Oh wait, we are supposed to just live with how shitty Windows is at userlevel security right?

This article was a bunch of trash and really was speculation more than anything else. Move along, there's nothing to see here...

Sure, George

[gowen]

"Any software that can index and capture data on a users PC will be subject to virus and Trojan exploits. It is just a matter of time," said an analyst

That's right. Who can forget the terrible slocate worm of 2002, that brought GNU/linux systems crashing to their knees.

efficient viruses?

[k4_pacific]

"more efficient malware"

Do virus writers really care that much about efficiency? It's not their PC that's gonna run the thing. They could just as easily make the thing continually grep for documents containing 16 digit Luhn-validated numbers and send them off someplace when they're found.

Taking Advantage

[Nom+du+Keyboard]

virus writers could take advantage of the technology

So tell me, is there any technology that virus writers can't take advantage of?

And don't say Fire Walls. It wasn't so long ago that a well-known fire wall itself proved to be the vulnerable chink in the system.

The #1 exploitation vector for virus writers...

Filesystems!

We must eliminate these horrors from operating systems or we will never be rid of all this nonsense. And after we get rid of filesystems, executables should be the next thing to go.

Tools used for good and evil

[TheEnigma]

Let me know when they invent the knife you can't cut a person with.

Imagine having a job where you're paid big money to state the obvious. The dream of all useless people is to become an analyst.

Undoubtedly someone will point out that one tool is more useful for nefarious deeds than another, but then how many people get killed by staplers? This is not news!

Re:Please.. don't shoot the messenger

[uptownguy]

Desktop search is only exposing a weakness that is already there as it can only index stuff it has permission to index.

I understand that this is technically true -- but did you know Google Desktop Search can do some pretty nasty things -- things like indexing all of the Word files on your computer? If one of them happens to be password protected, you click on the link and it asks for the password. But if you click on CACHED copy -- poof, there is the entire document, right there in your web browser. Whoops. Don't even get me started on cached copies of deleted files...

Google Desktop Search is powerful -- and is only indexing what is already there, true, true, all true...but still -- when it gets easy enough that someone like me can quickly and easily poke around and look at things I'm not supposed to... well, that's scary.