Slashdot Mirror

← Back to Stories (view on slashdot.org)

GMail Adds Virus Protection

Posted by CmdrTaco on from the google-farts-and-people-smell dept.

AxsDeny writes "Google has rolled out virus protection for it's web based email service. Apparently they are scanning incoming and outgoing messages for infected messages. Read more on their "what's new" page."

23 of 355 comments (clear)

  1. Final Straw! by fembots · · Score: 5, Funny

    That's it, that's EVIL and I'm quitting GMail now!

    GMail has been my faithful virus depository, now where can I go today? HoTMaiL?

    I wish it gives users the option to still retrieve the virus if they insist.

    --
    Rock that crushes, Paper & Scissors that don't matter.
    1. Re:Final Straw! by Curunir_wolf · · Score: 4, Informative
      What I hate is the way it refuses to send attached executables, even inside a zip file, and silently drops them when incoming. I'd at least like to be told that someone *tried* to send me an email, but the attachment was deleted, or bounce it back to the sender, or something.

      The easy work-around for this is to just rename mypgm.exe to mypgm.renametoexe and then it goes through just fine (zipped or not). But if I'm sending it *TO* a gmail account, I don't even know it got dropped...

      --
      "Somebody has to do something. It's just incredibly pathetic it has to be us."
      --- Jerry Garcia
    2. Re:Final Straw! by TubeSteak · · Score: 4, Funny

      (email not shown publicly)
      you forgot to give us your e-mail address.

      I've got this great virus you can add to your collection. It's called W32.Goatse@cx

      It's pretty original, the virus masquerades as a JPEG and when you open it in your e-mail, it makes you go blind. ...Lightyears ahead of the competition

      --
      [Fuck Beta]
      o0t!
  2. EICAR by ditto999999999999999 · · Score: 4, Interesting

    X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIR US-TEST-FILE!$H+H* makes it through fine.

  3. but what powers it? by caffeinemessiah · · Score: 5, Insightful

    This in itself is not surprising -- it's a natural step that Google had to take in order to compete with the other biggies in the business. What I'm more interested in knowing is if Google has put that army of Ph.D.'s into developing the AV technology. I don't see any other reason to wait so long for adding virus protection -- they could just as easily have licensed some commercial AV months ago, seeing as AV is one of the features that novice Internet users look for most. Now that MS is into AV, will Google follow suit? I'm hoping...

    --
    An old-timer with old-timey ideas.
    1. Re:but what powers it? by Zeinfeld · · Score: 5, Insightful
      Hopefully GMail use the most secure, most effective form of virus scanning, block all executable attachments.

      Traditional virus scanning based on a blacklist of known bad code is hopeless. By the time a new piece of trojan code has been identified a hundred million copies have been blasted out from a botnet. There is almost no legitimate use of email to send executable code, way over 99% of all executable attachments are malicious.

      ISPs should block executable attachments by default and offer the people who really really think that they can't live without it the option of turning delivery back on. AIDS awareness campaigns have saved millions of lives by persuading people to use condoms even though some people think that they just have to have casual sex without one. Accepting code in email is like having casual unprotected sex, its idiotic.

      There is a very small, largely theoretical problem with non-executable content. Any data that is transferred from one machine to another could be used to exploit a code vulnerability in theory. The use of anti-virus style malicious data lists will still be necessary but the problem is much, much smaller. It is a much easier signal to spot. AV systems spend huge numbers of cycles recursively unpacking program loaders. With a data exploit we know the shape of the lock it fits into.

      --
      Looking for an Information Security student project suggestion?
      Try http://dotcrimeManifesto.com/
    2. Re:but what powers it? by IAmTheDave · · Score: 4, Insightful

      No offense to ClamAV, which I currently use, but if an engineering team rivaling the brain power of MIT research teams or NASA decides to make a virus scanner and release it for free, well... I'm gonna at least give it a try.

      --
      Excuse my speling.
      Making The Bar Project
    3. Re:but what powers it? by Leadhyena · · Score: 4, Informative
      Wouldn't it be better for google to take the ClamAV base and extend/adapt it to their needs? I think that's more likely to happen than them starting from scratch unless there's something weird (aside from size) about the way their email system works.
      Funny you should mention that... I read through the headers from an email I sent to our local mail server:(Identifiers mutated for spam reasons)

      Received: from zproxy.gmail.com (zproxy.gmail.com [64.233.162.199]) by ###.###.### (8.13.5/8.13.5/Debian-3) with ESMTP id jB...5 for ; Thu, 1 Dec 2005 11:06:00 -0600 Received: by zproxy.gmail.com with SMTP id x7so21853nzc for ; Thu, 01 Dec 2005 09:06:48 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-ve rsion:content-type; b=DZ...SE/zJ0= Received: by 10.37.12.24 with SMTP id p24mr1718713nzi; Thu, 01 Dec 2005 09:06:48 -0800 (PST) Received: by 10.36.153.11 with HTTP; Thu, 1 Dec 2005 09:06:47 -0800 (PST)

      In other words, it looks like they have a cluster of 30 email servers for just the outside representation, and then 2 more levels of multiple clustered mail servers on the 10.37 subnet and 10.36 subnet. Your mail bounces in google's net 3 TIMES before it ever hits the real world. Granted, my experience in setting this stuff up is limited to clustering 2 or 3 servers together, but IMHO something amazing is going on under GMail's hood.

  4. NO! by Anonymous Coward · · Score: 5, Funny

    Not on the same day MS starts beta testing their anti-virus solution.

    I'm gonna fucking kill this guy, I did it before and I'll do it again, I'm gonna fucking kill google!

    Where's a chair?

  5. So what? by NineNine · · Score: 5, Insightful

    So what? Yahoo and the other big players have had this for years. That's like announcing that Ford is now selling cars with anti-lock brakes and power steering. That's great and all, but I wouldn't consider that news.

  6. but but but... by ellem · · Score: 5, Funny


    I use GMail on OS X so I don't need it...
    </sarcasm>

    --
    This .sig is fake but accurate.
  7. Re:"it's"? by NanoGator · · Score: 5, Funny

    "Oh come on... Why keep up the pretence of being 'editors' if you don't even fix stupid mistakes like it's versus its?"

    I was all excited about the virus protection in GMail until you pointed that out.

    --
    "Derp de derp."
  8. This could be a big issue by ZachPruckowski · · Score: 4, Insightful

    If the virus can't be removed from the file, you won't be able to download it.
    ......
    If a virus is found in an attachment you're trying to send, you won't be able to send the message until you remove the attachment.

    Now I know Google is pretty good and reliable, but that's sort of a harsh way to do business. There should be some sort of work-around if Google gets it wrong on what is and isn't a virus (which I assume they are going to do sooner or later). I mean, a false positive would get you cut off from what could be vital information. If that happens to someone, they'll be mad, even though it was done for a good reason. I hope they at least warn the people that there was an attachment.

    1. Re:This could be a big issue by Mr.+Underbridge · · Score: 4, Informative

      A lot of filters drop anything encrypted, for that reason.

  9. Wrong Link by OverlordQ · · Score: 4, Insightful

    Actually the "What's New" page is here, not what was linked to.

    Also, I'm still pissed they havent added the option to empty the spam folder, yes I know it gets automagically deleted after 30 days, but I'd like to clear it out without having to go through 30 pages.

    --
    Your hair look like poop, Bob! - Wanker.
    1. Re:Wrong Link by alphakappa · · Score: 4, Interesting

      Why do you care? The spam 'folder' does not add to your alloted storage space. The messages do not appear in your inbox or your regular searches (unless you specifically search using in:spam), so why do you care whether there are 0 messages or a gazillion messages in the spam folder?

      --
      "When the only tool you own is a hammer, every problem begins to resemble a nail." - Abraham Maslow (1908-1970)
  10. Not only are they scanning for infected messages by Anonymous Coward · · Score: 5, Insightful

    ... but they are no longer allowing ANY zipfiles containing .exes to be transmitted to a gmail account.

    That's obviously pretty damned annoying for people who actually work with zipfiles. "Here, give this version a try." "What version?"

    I've sent them polite feedback requests to stop doing that. Other services scan zipfile contents for known viruses; Google is just dropping the zipfiles altogether. In my message to their support folks, I pointed out that letting virus writers dictate the design of your mail service isn't the best long-term business model.

  11. What? Can't they index virii? by Wellspring · · Score: 4, Funny

    This is a natural outgrowth of the fact that they can't effectively index virii.

    Therefore, they must be destroyed.

  12. next step: gVirusFighter by altoz · · Score: 5, Interesting

    They have gmail scanning for viruses... They have google desktop indexing the files...

    Soon, they'll release a google-desktop extension that scans viruses on windows.

    google really is taking over microsoft (windows)

  13. Re:Nice, I suppose, if you get a lot of them. by Nezzari · · Score: 5, Funny

    Que?

  14. And the next obvious step - is long overdue by Nom+du+Keyboard · · Score: 4, Insightful
    virus protection for it's web based email service

    The next, obvious, and far too long overdue, step is for Google to flag web-sites that attempt to install malware, redirect you to sites you didn't want to visit, spawn endless pop-up windows, attempt to create a full-screen browser that you can't close, or disable features of your browser like right mouse button clicks. Since they've already spidered it, and in most cases cached it, they can darn well scan it for viruses and other crap at the same time! Their virus, adware, spyware, malware signature files would certainly be more upto date than my own. They could even be protecting surfers now from the current unpatched IE exploit by warning of sites that have dodgy or questionable code while MS takes its own sweet time coming up with a patch.

    The first decent search engine that takes this step to protect its users can count on the majority of my traffic.

    --
    "It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
  15. great, now I don't need norton by Surt · · Score: 4, Funny

    I'll just write a program to email myself every file on my hard drive and see what fails, or maybe use that gmail as file system thingy.

    --
    "Who is the Journal of Quantum Physics going to believe?" --Stephen Hawking
  16. Google Ads by ramrom · · Score: 5, Funny

    Will I get ads based on the Virus ???