Slashdot Mirror

← Back to Stories (view on slashdot.org)

Open Source Malware Search Engine

Posted by ryuzaki0 on from the in-case-your-computer-isn't-infected-already dept.

chr0.ot writes "Metasploit creator HD Moore has released an open-source search engine that finds live malware samples through Google queries. From the article: 'The new Malware Search project provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables.' The tool then searches for actual malware signatures and uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from Google."

123 comments

  1. So.. by michaelhood · · Score: 5, Funny

    Let me get this straight.. now Google is good for porn AND viruses?

    How do the other engines stay in business?!?

    1. Re:So.. by DaHat · · Score: 1

      I knew they were evil.

      --
      Help Brendan pay off his student loans
    2. Re:So.. by Anonymous Coward · · Score: 5, Funny
      ..now Google is good for porn AND viruses?

      So, basically, the Internet is exactly like real sex now, only easier to get.
    3. Re:So.. by Intron · · Score: 1

      Yes. Google is good for viruses. I guess it works both ways.

      --
      Intron: the portion of DNA which expresses nothing useful.
    4. Re:So.. by cp.tar · · Score: 2, Funny

      Dunno... I still have to pay for the Internet connection.

      --
      Ignore this signature. By order.
    5. Re:So.. by jb.hl.com · · Score: 1

      Yeah...you plug in, and 20 minutes later you're infected.

      --
      By summer it was all gone...now shesmovedon. --
    6. Re:So.. by Anonymous Coward · · Score: 0

      So like he said, there's no difference...

    7. Re:So.. by poolmeister · · Score: 1

      Well they have the domain allevil.org as an alternative to their native URL.

      --
      CN=poolmeister.OU=lurkers.CN=slashdot
    8. Re:So.. by Anonymous Coward · · Score: 0

      Yeah, right:

      Registrant: amy.kohtz@gmail.com
      Name Server: A.NS.JOKER.COM

  2. Finding malware with search engine? by broothal · · Score: 5, Insightful

    I wonder how they got that idea. I've never heard of it before.

    1. Re:Finding malware with search engine? by The+Ultimate+Fartkno · · Score: 3, Funny

      I bet the editor of this story lives in Belleville. /obscure?

    2. Re:Finding malware with search engine? by Anonymous Coward · · Score: 5, Informative

      Netsense search isn't open source, as is pointed out in the article.

      Also, this program supposedly highlights how relatively little malware Google actually indexes, contrary to the two earlier articles you cite. Thus this is an additional development, not a dupe.

    3. Re:Finding malware with search engine? by kkuehl · · Score: 3, Informative

      HD acknowledges that is where he got the idea. The point of his release is that it is opensource and available to anyone, unlike the websense version.

    4. Re:Finding malware with search engine? by Anonymous Coward · · Score: 2, Funny

      I wonder if there's any way to use Google to find dup... triplicates.

    5. Re:Finding malware with search engine? by HTH+NE1 · · Score: 1

      Then shouldn't those other articles be linked as related articles?

      --
      Oh, say does that Star-Spangled Banner entwine / The myrtle of Venus with Bacchus's vine?
    6. Re:Finding malware with search engine? by Anonymous Coward · · Score: 0

      Don't you mean Bellvue (specifically, the psychiatric unit)

  3. Microsoft Version! by LiquidCoooled · · Score: 3, Funny

    Clippy:
    It looks like your searching for viruses,
    well your in the right place.

    ps, anyone else notice that slashdot is like waiting for a bus, you wait for hours with no updates then 4 come along all at once.
    Hope the problems have been fixed now.

    --
    liqbase :: faster than paper
    1. Re:Microsoft Version! by walruz · · Score: 1

      ps, anyone else notice that slashdot is like waiting for a bus, you wait for hours with no updates then 4 come along all at once. You must be new around here!

      --
      ATH++
    2. Re:Microsoft Version! by mingot · · Score: 1, Funny

      Even a dumb ass like clippy knows the difference between "your" and "you're".

    3. Re:Microsoft Version! by avirrey · · Score: 1

      Hit the refresh button. Comes with every browser on all OS's, and it won't download malware automatically.

    4. Re:Microsoft Version! by Anonymous Coward · · Score: 0

      Arrgh!

      Learn to punctuate!

      "You're", not "your"

      PS or P.S. nor ps,

      Write numbers as letters if it seems sensible.

    5. Re:Microsoft Version! by RealGrouchy · · Score: 1
      ps, anyone else notice that slashdot is like waiting for a bus, you wait for hours with no updates then 4 come along all at once.


      Just be thankful that you're not a subscriber. Then they'd all come early, and you'd miss them!

      - RG>
      --
      Hey pal, this isn't a pleasantforest, so don't waste my time with pleasantries!
    6. Re:Microsoft Version! by LiquidCoooled · · Score: 1

      how do you know I'm not a subscriber?

      I usually get to see them coming in the mysterious future and occasionally your right, just before they arrive at my bus stop, they turn off and vanish again.
      The frustrating part is it normally only happens with the articles I really want to post something in.

      --
      liqbase :: faster than paper
  4. About the bus metaphor by Anonymous Coward · · Score: 1, Funny

    you wait for hours with no updates then 4 come along all at once

    Only if you mean the same one comes along four times.

  5. First it was a dupe... by BumpyCarrot · · Score: 1, Funny

    Now it's a tripe.

    --
    Do you see what I did there?
    1. Re:First it was a dupe... by Tx · · Score: 0, Offtopic

      Aha, I was wondering what the proper word for a dupe-de-dupe was!

      --
      Oh no... it's the future.
    2. Re:First it was a dupe... by Anonymous Coward · · Score: 0

      quick! feed it to your little dog!

    3. Re:First it was a dupe... by Sepper · · Score: 0, Offtopic

      For thoses who aren't native english speakers (I am not, btw)
      since:
      2 == Duplicate (Dupe!)
      3 == triplicate (Tripe)
      4 == Quadraplicate (Quad!)
      X == Make-up-your-own-plicate (Enough Already!)

      --
      I live in Soviet Canuckistan you insensitive clod!
    4. Re:First it was a dupe... by Ash+Vince · · Score: 3, Informative

      Actually, no it isnt. Although morons who dont read the full article might thinks it was.

      The previous stories

      (http://it.slashdot.org/article.pl?sid=06/07/15/12 53240 and http://it.slashdot.org/article.pl?sid=06/07/11/131 220)

      were referring to another security research co who did something similar and then refused to share it.
      This story is about someone not liking that they wont share, going a little bit further than they did and then putting it on a website and enabling it to the full.

      I looked at the previous (Websense) story on friday or whenever but found it a little annoying that there was nothing to back up the article. This time someone has actually posted a working link to a project and source code.

      --
      I dont read /. to RTFA, I read /. to offend people in ignorance.
    5. Re:First it was a dupe... by gatzke · · Score: 0, Offtopic

      At one point we were calling these "trupes" instead, following along the "dupe" lines.

      Tripe is especially funny, as it is a real word and fitting at that. Frrom Dictionary.com.

      tripe
            1. The rubbery lining of the stomach of cattle or other ruminants, used as food.
            2. Informal. Something of no value; rubbish.

    6. Re:First it was a dupe... by gatzke · · Score: 0, Offtopic


      And I get modded offtopic? The freaking story was posted three times, I think that is relevant.

      Is there more original ontopic stuff to say about a story we have seen THREE TIMES?

  6. What it doesn't say in the FA... by Karem+Lore · · Score: 0, Troll
    What it doesn't say is that once you put a request in, your IP is logged, looked up, your ISP contacted, address, phone number, work place and pets names retrieved and the whole lot is sent for cross refrence to a number of intelligence agencies to determine your employer, who is contacted and informed to sack you because you are looking for viruses in the wild...While looking for new jobs, you are traced and if you attempt to get another IT job the agencies will send 100 armed officers to arrest you, charge you with terrorism and send you to guantanamo bay where you will be subjected to torture and only an appointed military lawyer. While there you will admit (whatever your views) that you are anti-american and fighting a non-existant jihad war whereby you will be incarcerated for life...


    The link is here for those that missed it...

    --
    When all is said and done, nothing changes...
  7. Headline can be misread as... by phozz+bare · · Score: 0

    A search engine for open source malware?

    -phozz

  8. I wish google would incorporate this into searches by transporter_ii · · Score: 5, Interesting

    I in no way think that google should block sites, but it would be nice if they would scan sites witht this -- especially for sites that install stuff through holes in IE -- and put a little icon on search results that return an infected site. That way you could at least have a heads up before you clicked on a search result about what you were getting into. It would also be great for Firefox, when everyone gets to see how many sites are exploiting IE.

    Transporter_ii

    --
    Doctors destroy health, lawyers destroy justice, universities destroy knowledge, religion destroys spirituality
  9. So I am going to write a virus by The+Ape+With+No+Name · · Score: 2, Funny

    that snags a random payload off this site! Thanks Metasploit!

    BTW, Dupe, Dupity Dupe, Dupe.

    --
    Comparing it to Windows will be a moot point, since El Dorado is going to have a 40% larger code base than XP.
    1. Re:So I am going to write a virus by mysticgoat · · Score: 3, Informative

      How can an article whose content says the earlier article was bogus be a dupe of the earlier article?

      How can the initial announcement of a freely available tool be a dupe of the announcement of something that is not for public release?

      Conclusion: there are a lot idjits on slashdot who have learned to waggle their fingers on the keyboard and therefore think they are clever. Oh so clever.

      Slashdot has become the proving ground for kids who wanna grow up to be one of the million monkeys...

    2. Re:So I am going to write a virus by slowbad · · Score: 1
      proving ground for kids who wanna grow up to be one of the million monkeys

      This latest parlor trick will allow kids who can't write viruses to at least be able to collect them. Their very own petting zoo -- complete with some of the exotics -- and some new friends to play with!

    3. Re:So I am going to write a virus by Anonymous Coward · · Score: 0

      But, but... "The Ape With No Name" has a lower UID than you and is, by all rules, more correct.

      Right? :)

    4. Re:So I am going to write a virus by Anonymous Coward · · Score: 0
      Slashdot has become the proving ground for kids who wanna grow up to be one of the million monkeys...
      You're confusing Slashdot with MySpace.
    5. Re:So I am going to write a virus by mysticgoat · · Score: 1

      Pshaw.

      (Always wanted to say that. Wonder what it sounds like?)

      You can buy anything online these days, including low number slashdot IDs, ibetcha.

      And anyway I'm living proof that the mind of a toddler can exist in an aging, decrepit body.

  10. Ducking Fupes by Anonymous Coward · · Score: 0

    Perhaps it should be mandatory for the editors to at least skim the blurbs of every story that is posted. Hell I do that and it only takes me a good 5 minutes a day.

    Editors, do you realise there is an option in your preferences that will make it so every section is displayed on the Main page. Do that, and then take five minutes each day to skim through them. Then when you get a story submission that you recognize as having been already posted you can save the five minutes it would take to post it.

    1. Re:Ducking Fupes by e4g4 · · Score: 1

      An offtopic reply to an offtopic post:

      Personally, I'm rather tired of reading comment after comment pointing out that a given article is a dupe - I think the tagging system is sufficient to identify dupitude (hey, you're allowed to make up words in english). If the article's a dupe, don't read it, and by all means, don't comment - just ignore it like the articles that don't interest you.

      --
      The secret to creativity is knowing how to hide your sources. - Albert Einstein
    2. Re:Ducking Fupes by Anonymous Coward · · Score: 0

      But if I ignored the articles that didn't interest me, I wouldn't contribute at all!

    3. Re:Ducking Fupes by Anonymous Coward · · Score: 0

      Mod parent up! I'm personally sick to death of the "OOOOO Look! Doop!" comments.

    4. Re:Ducking Fupes by The_REAL_DZA · · Score: 1

      Yeah, like that's the first time we've heard THAT statement made.

      --


      This space intentionally left (almost) blank.
  11. Re:I wish google would incorporate this into searc by lifgrd1979 · · Score: 3, Informative

    Sorry Google can't do it, McAfee already bought that startup - http://www.siteadvisor.com/.

  12. Thank God! by skinnygmg · · Score: 3, Funny

    I just bought a new PC, and i have no viruses yet.

    1. Re:Thank God! by Ash-Fox · · Score: 5, Insightful
      I just bought a new PC, and i have no viruses yet.
      How do you know?
      --
      Change is certain; progress is not obligatory.
    2. Re:Thank God! by Anonymous Coward · · Score: 1, Funny

      He's right. I just opened a shell on his machine, and ran a virus scanner. He's clean.

    3. Re:Thank God! by jimwelch · · Score: 1

      Because he never connected it to the internet.
      or
      Because he never turned it on yet.
      or
      Because it runs Linux xyz/xyz BSD/...

      --
      Never trust a man wearing a coat and tie!
    4. Re:Thank God! by Anonymous Coward · · Score: 0

      your sig has a spelling mistake in it

    5. Re:Thank God! by pNutz · · Score: 3, Informative

      I just bought a new PC, and i have no viruses yet.

      How do you know?

      How could he know?

      --
      Death and danger are my various breads and various butters.
    6. Re:Thank God! by logikalentropy · · Score: 1

      Does it have Windows on it? Windows is a virus you know. It just spreads and spreads, and breaks down your system.

  13. I wonder... by Anonymous Coward · · Score: 3, Funny

    what MS has to say about this.
    This is outright competition for their closed source malware search engine IE.

  14. Can also be misread as... by CaymanIslandCarpedie · · Score: 1

    enignE hcraeS erawlaM ecruoS nepO

    --
    "reality has a well-known liberal bias" - Steven Colbert
    1. Re:Can also be misread as... by Anonymous Coward · · Score: 0

      How about "Chaucer was green moral penis"

  15. I use Windows by Cro+Magnon · · Score: 5, Funny

    I don't need a search engine to find malware.

    --
    Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
    1. Re:I use Windows by houghi · · Score: 2, Funny

      Indeed. In Soviet America malware searches you.

      --
      Don't fight for your country, if your country does not fight for you.
    2. Re:I use Windows by Opportunist · · Score: 3, Funny

      That's right, Windows provides this service to you, free of extra charge, it's bundled into the system and can't be removed easily, despite some claims by other malware writers who claim they can't make business because of that!

      Just click start - search...

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  16. Re:I wish google would incorporate this into searc by BlindRobin · · Score: 1

    Just thought you might like to know that this is broken at the moment.

  17. Since we're off on a tangent anyway by diersing · · Score: 0, Troll
    As a casual observer I've always wanted to ask... Do you feel better now? Do you feel empowered? Intelligent? Superior?

    Sure, the poster made a grammatical error, but his thought/idea was communicated right? It's not like you read it and became so confused you couldn't understand his post. So I would really like to ask... What motivated you to point it out and offer nothing to the topic or discussion at hand?

    1. Re:Since we're off on a tangent anyway by rufty_tufty · · Score: 1, Insightful

      As a silent grammar nazi myself I found it difficult to read the origonal post - my brain associates your and you're with different concepts.
      I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it (but silently of course).

      I just can't read as fast when I have to do that.

      --
      "The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
    2. Re:Since we're off on a tangent anyway by Filip22012005 · · Score: 4, Funny

      I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it (but silently of course).

      I'm trying to read this sentence as if you were speaking it. And you sound sort of silly.

      --
      When the policeman of the tie, rule you violate, hello punishment of the kitty?
    3. Re:Since we're off on a tangent anyway by rowama · · Score: 2, Funny

      I've got in the habit now when reading slashdot of if I can't understand a post, reading it as if i was speaking it.

      Didja read or speak this before posting? Improper verb usage, mangled propositional phrase, missing punctuation.

      FTR, I'm not a grammar nazi, but you, by claiming such, opened you'reself up for a little good-natured criticism.

      Regards.

    4. Re:Since we're off on a tangent anyway by rufty_tufty · · Score: 0, Offtopic

      Wow! The Lancastrian accent makes it over text - Cool!

      --
      "The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
    5. Re:Since we're off on a tangent anyway by rufty_tufty · · Score: 1

      Good Point!
      That's the reason I'm a silent Grammar Nazi - my particular dialect means I mess up many othe things - I'm just saying that some incorrect grammar usage make me cringe.
      I always welcome advice on how I could improve my communication provided people tell me why I've gone wrong, rather than just saying I am wrong.

      --
      "The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
    6. Re:Since we're off on a tangent anyway by rowama · · Score: 2, Funny

      Your being too kind.

      Since I don't normally like to engage in the karma-damaging activity of trolling, I was hoping to get some bang-for-the-buck out of my post. Thus, I left two juicy pieces of bait (i.e., grammatical errors) in my post, and promptly started meta-moderating my heart out to counter the impending down-mod.

      BTW, "my particular dialect" must mean english is an auxiliary language for you. Kudos on that and never apologize for the occasional mess-up. I am not among those who are multilingual, so I envy you.

      Regards.

    7. Re:Since we're off on a tangent anyway by mooingyak · · Score: 2, Funny

      Your being too kind.

      Usually it's not worth the effort, but given this thread I just had too...

      That should be:

      You're being too kind.

      --
      William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
    8. Re:Since we're off on a tangent anyway by Anonymous Coward · · Score: 0

      Usually it's not worth the effort, but given this thread I just had too...

      "had to"

    9. Re:Since we're off on a tangent anyway by thc69 · · Score: 1
      I just had too...
      You just had what?
      --
      Procrastination -- because good things come to those who wait.
    10. Re:Since we're off on a tangent anyway by mingot · · Score: 1

      The your/you're thing is a pet peeve of mine. The extra vitrol was just revenge for the poster subjecting me to yet another "OMPG CLIPPLY LOLLZORS M$ SUCKS" post.

      SO, how did your reply to me make YOU feel?

    11. Re:Since we're off on a tangent anyway by mooingyak · · Score: 1

      I clicked submit, and then spotted that right away. I wish I could claim I did it on purpose, but I guess it's just that rule about grammar/spelling corrections having a goof of their own.

      But pretending I'm all knowing and stuff and that I make no mistakes:

      Just replace the ellipsis with "much beer"

      --
      William of Ockham had no beard. The most likely explanation is that it was chewed off by squirrels every morning.
    12. Re:Since we're off on a tangent anyway by rowama · · Score: 1

      Hehe. Thx for the bite. Yes Virginia, persistence does pay;-)

    13. Re:Since we're off on a tangent anyway by dhollist · · Score: 1

      Isn't a propositional phrase something like, "will you marry me?"

    14. Re:Since we're off on a tangent anyway by rufty_tufty · · Score: 1

      Tired of the karma burn, but what the hell!
      "BTW, "my particular dialect" must mean english is an auxiliary language for you"
      ROTFL
      I am actually English as far back as we can trace the geneaology. Just from the north of England mixed with some Cornwall, combined with Mancunian with some Essex and London thrown in; so my upbringing WRT language is not the same as the Queen's English. hence correct grammar for my peers is not the same as the textbook definition. I still support correct usage of your/you're their/there/they're etc as they add meaning to the language rather than obscure it (to me anyway).
      An individual's language is to me like an individual's religion, I may not agree with it, I may feel pain at what you do with it, but it is your's to do with as you please, if others don't understand you, then that is their right, as it is your right to communicate and potentially be misunderstood as the case may be.
      So I do have a different dialect from standard English, which means that I apply some traditional grammar and not others.
      Also my pronunciation differs from standard e.g. I pronounce book to rhyme with spook.

      As I say, there's a good reason I don't tell people off about their grammar, (unless they ask me to), but have much sympathy for those who do.

      --
      "The weirdest thing about a mind, is that every answer that you find, is the basis of a brand new cliche" -
    15. Re:Since we're off on a tangent anyway by aminorex · · Score: 1

      > "my particular dialect"

      There is a word for a language as used by a specific individual
      speaker, and that word is "idiolect". Wars are fought because
      particularly stupid people cannot accept the inescapable fact
      that words *intend* (meaning 1) precisely what their speaker intends,
      and regardless of what they *convey* (meaning 2) in the interpretation
      of a listener or *connote* (meaning 3) in the instantaneous context
      of the present evolutionary state of the dialect, which is in turn
      distinct from the canonical meaning that the same words *denote*
      (meaning 4) in the prescriptive collections of descriptive definitions
      forming the dominant norm of a given language.

      --
      -I like my women like I like my tea: green-
  18. and coming soon... by trianglecat · · Score: 1

    - the bag of snakes locator
    - the shard of glass necktie finder
    - the kick in the crotch searcher

    Seriously, if this were part of your search results as a heads up of what to avoid I can see it being quite valuable. But, short of research or bad intentions... why do i want to find live malware?

    1. Re:and coming soon... by Anonymous Coward · · Score: 0

      I don't know. Based on the rest of your list, how about a service for people with weird fetishes?

    2. Re:and coming soon... by RingDev · · Score: 1

      Imagine being an "IT Guy" for a non-tech company. You've been seeing some odd network behavior, so you fire up google and search your domain for malware. It quickly identifies that Jan in Accounting has a malwar port sniffer running trying to phone home. The combination of this system and using Google for internal searches could make Google a sudden major competitor in the anti-malwar campaign.

      On the broaders scale, IHPs will be able to keep an eye on their customers to see if any servers are hosting malware. And users of this tool can contact the owners/opperators of those servers to warn them that there site may have been breached.

      -Rick

      --
      "Most people in the U.S. wouldn't know they live in a tyrannical state if it walked up and grabbed their junk." - MyFirs
  19. Use it on Slashdot by MattPat · · Score: 0

    They should try this thing on Slashdot... it's quite obvious that the infamous worm Dupe.W32 has infected it.

    From McAfee's security report:

    The notorious Dupe.W32 worm is a high risk level Trojan that infects community technology sites via poor editing. Symptoms of the Dupe.W32 worm include duplicate posts, sometimes escalating to 3 and beyond. Though the topics that Dupe.W32 reposts are, in general, good topics, the Dupe.W32 worm wreaks its havoc by forcing the users to read through the same story again and again. To avoid being infected by this worm, please ensure that your site's editors are running the latest security updates. If issues arise, try installing Service Pack 2 on your editors.

    Seriously, I like this story, it's an innovative use of Google... but each time I read it, it becomes slightly less innovative. My bet's on 5 posts before it's done.

  20. I guess I don't understand by airlynx · · Score: 1, Redundant

    I do this on a daily basis for my Windows laptop, I search through my running processes to find strange things, search them on Google, then cross-reference them from my browser history, then I interrogate my wife to find out why she visited some of the stupidest sites on the internet. That's about when I remember she's a MySpace user, and no matter what I do that laptop is screwed.

    --
    I got into Linux for the free beer, but nobody seems to have any
    1. Re:I guess I don't understand by Anonymous Coward · · Score: 0

      Interrogate your wife? You must be one smooth operator to pull that off every day :P

    2. Re:I guess I don't understand by McFly777 · · Score: 1

      Hey, some people enjoy that sort of thing (being interrogated, tortured, etc.). Please try to keep an open mind. ;-)

      --

      McFly777
      - - -
      "What do people mean when they say the computer went down on them?" -Marilyn Pittman
    3. Re:I guess I don't understand by doti · · Score: 2, Informative
      I do this on a daily basis for my Windows laptop, I search through my running processes to find strange things, search them on Google


      You really should try the excelent ProcessExplorer from SysInternals.
      --
      factor 966971: 966971
    4. Re:I guess I don't understand by CastrTroy · · Score: 1

      Well, if it's your windows laptop, and she keeps on messing it up, maybe you shouldn't let her use it anymore. Tell her that until she learns how to use a computer without messing it up, that she isn't allowed to use it. Maybe it seems like something you'd tell a child, or you think that she won't love you anymore, it's probably the best solution.

      --

      Anthropic principle: We see the universe the way it is because if it were different we would not be here to see it.
    5. Re:I guess I don't understand by airlynx · · Score: 1
      It's OUR laptop, given to US as a gift, which altogether means it's hers. I just stick to my Linux computer and put the headaches in to fix the laptop. If I don't feel like fixing the laptop, I don't.

      Either way, I sort of enjoy the torture of fixing the thing, you learn a lot that way. That and I enjoy the interrogation bit, she comes up with some great excuses that I sometimes use later at my job.

      --
      I got into Linux for the free beer, but nobody seems to have any
  21. Slashdot Search Engine by hublan · · Score: 0, Troll

    CowboyNeal writes: "Metasploit creator HD Moore has released an open-source search engine that finds Slashdot dupes through Google queries. From the article: 'The new DupeDot project provides a Web interface that allows anyone to enter the name of a new article and find Google results on /. for the exact same article.' The tool then searches for appropriate responses and posts a response to the new article on Slashdot proclaiming it to be a dupe. Afterwards the article shows up again."

    --
    My spoon is too big.
  22. the other way around? by luag · · Score: 2, Interesting

    "to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables" we should be able to do it the other way around too. enter the url for websites we suspect first then list if the websites host malicious executables. imo its more useful that way :)

    --
    Everything is possible. The impossible just takes longer.
  23. In honor of Led Zeppelin .... by Anonymous Coward · · Score: 0

    How Many More Times.....

    post-ing the same storee!!!

    bom bee da bum ....

    SING IT!

  24. What agreement? by RagingFuryBlack · · Score: 1

    So, oss malware? Is it free-as-in-beer or free-as-in-speech malware? Do I still need to accept an EULA to infect my friend's PCs or is it all GNU'D?

    --
    Warning: Corny karma killing post above.
  25. Naw, there's ALREADY a Digg by Anonymous Coward · · Score: 0

    the dupes are part of what makes Slashdot, well, Slashdotty.

  26. This is... by Anonymous Coward · · Score: 0

    This is a Vista feature, right? Is it also command line so we can set it to run every day?

  27. I'm feeling Lucky by LordHatrus · · Score: 0, Redundant

    I can't believe they didn't implement that button. That was like my favorite button. 'I'm feeling unlucky ~ Downloads the first virus found'? Would have been awesome.

    1. Re:I'm feeling Lucky by Barny · · Score: 1

      Most "free" file shareing programs have had this implemented for a long long time ;)

      --
      ...
      /me sighs
  28. *sniff* by Opportunist · · Score: 1

    Do I smell an idea I should forward to marketing...?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    1. Re:*sniff* by funfail · · Score: 1

      The idea was partly implemented by SiteAdvisor.com (now a part of McAfee).

      --
      Search RapidShare and MegaUpload!
  29. AWRIGHT!! an OS infector! w00t! by swschrad · · Score: 1

    pray tell WTF difference is this from another virus kit? this dude's life is going to be a screaming hell when everybody tees off on him.

    --
    if this is supposed to be a new economy, how come they still want my old fashioned money?
  30. Careful...Skynet...Matrix...DupeDot... by The_REAL_DZA · · Score: 1, Funny
    ...The tool then searches for appropriate responses and posts a response to the new article on Slashdot proclaiming it to be a dupe...


    Sounds like this thing's just a few modules short of obsoletizing us all; give this thing a "beowulf cluster" module and a "in Soviet Russia" module and it'd be pretty well self-contained. Any day now it'll be welcoming it's overlord self...
    --


    This space intentionally left (almost) blank.
  31. Re:I wish google would incorporate this into searc by KiloByte · · Score: 1
    http://www.siteadvisor.com/
    Holy crap. They list most of the worst offenders as "green" -- even crap like valueclick.com or lop.com.
    I see that they fit into McAfee's quality pretty well.
    --
    The creatures outside looked from Alt-Right to Antifa; but already it was impossible to say which was which.
  32. McAfee SiteAdvisor by westlake · · Score: 1
    put a little icon on search results that return an infected site. That way you could at least have a heads up before you clicked on a search result about what you were getting into. It would also be great for Firefox, when everyone gets to see how many sites are exploiting IE.

    Sounds rather like McAfee SiteAdvisor for IE and Firefox.

    SiteAdvisor tests e-mail, downloads, and links. Give an e-mail address to Slashdot and you can expect 6.9 e-mails per week. Reports are detailed and comments can be posted.

    The scam artist's best weapons are always psychological. The defenses woven into Firefox are to him never more than a minor inconvenience.

  33. Move Quickly! by jefu · · Score: 1
    Good idea. Now you should Move Quickly and patent the idea.

    (Unless McAfee has already done so since another poster notes they do something similar.)

  34. Re:AWRIGHT!! an OS infector! w00t! by infosecpodcast · · Score: 1
    pray tell WTF difference is this from another virus kit? this dude's life is going to be a screaming hell when everybody tees off on him.
    Do you mean HD Moore? lol...he's a pretty well respected security researcher. I dont think there will be "that" many people teeing off on him.

    --C
  35. Re:I wish google would incorporate this into searc by westlake · · Score: 1
    Holy crap. They list most of the worst offenders as "green"

    McAfee's automated scans can't and won't red-flag a corporate home page simply because the company is on your personal black list. You might, however, take the time to post a comment.

  36. gcc, worm, trojan by noamt · · Score: 1

    1. It looks like there's a copy of "Worm.Bagle.Z" on GCC's server:
    gcc.gnu.org / ml/gcc-prs/2004-05/msg00008 / the_message.scr
    (don't open the URL from Windows, or at all. My AV detected the file as "W32.Beagle.gen", right after I downloaded it).

    2. Search the engine for "worm" or "trojan" and you'll get tons of them.

    1. Re:gcc, worm, trojan by idonthack · · Score: 1

      Doing a strings on it produces some Windows DLL names, function names like "InternetOpen", and a few fragments of strange text. file says it's a Windows executable. Weird... I wonder what it's doing on the gcc servers.

      --
      Why is it that when you believe something it's an opinion, but when I believe something it's a manifesto?
    2. Re:gcc, worm, trojan by tabrisnet · · Score: 1

      That's obvious if you read the URI. It's a mailing-list archive, and it keeps copies of attachments.

      No wrongdoing involved by GNU, tho perhaps they should delete that message.

  37. Re:my first post by Anonymous Coward · · Score: 0

    You got a -1. Ha Ha.

  38. Re:I wish google would incorporate this into searc by Anonymous Coward · · Score: 0

    You're right, google shouldn't block the sites. Instead browsers like Firefox can use that information to increase security settings (disable scripting, etc.) when visiting a site that has been labeled as containing malware. This could be implemented as a plugin for Firefox.

  39. what is the use case? by mapkinase · · Score: 1

    Is it like I am a webmaster and I am blocking visits from the blacklisted websites?

    --
    I do not believe in karma. "Funny"=-6. Do good and forbid evil. Yours, Oft-Offtopic Flamebaiting Troll.
  40. Microsoft Malware Remover says so! by The+MAZZTer · · Score: 1

    Duh!

  41. Propositional Phrase by sirrobert · · Score: 1

    Bon mot. =)

  42. You win! by rowama · · Score: 2, Funny

    Yep, it is. Congrats, you win the prize: a PS3 running Vista. This offer expires in 30 days.

  43. Obvious question by grolschie · · Score: 1

    Does it locate the Windows Genuine dis-Advantage malware?

  44. Anti-Spyware by simonscatt · · Score: 1

    Many programms include spyware modules. Use anti-spyware for protect your privacy.
    As for me, I like professional anti-spy software like PrivacyKeyboard by Raytown Corporation LLC.
    You can download it here: http://download.softsecurity.com/1/14/prvkbd.zip (~4MB)

    Anti-Spyware: Efficiency of the Means of Defense

  45. Open Source AV by jspencelee · · Score: 1

    How long will it be before there is no such thing but and open source AV? There is just no way a closed source AV will be able to adapt as fast as the virus-sphere. especially when you read about these highly targeted Trojans coming from China and Russia. http://www.securityfocus.com/news/11222 I have Clam AV on an Astaro box (linux based UTM) and I've always been pleased with the perfromance.