Google Wants You to Report Malware

← Back to Stories (view on slashdot.org)

Google Wants You to Report Malware

Posted by Zonk on Saturday December 1, 2007 @11:37AM from the there's-a-propaganda-poster-in-this dept.

darthcamaro writes "As part of its ongoing effort to keep a clean index Google is soliciting the help of web browsers to let them know when we find malware in the index. Celebrated Google hacker Johnny Long thinks it's a good idea, though he told the site Internet News that he doesn't think it'll stop real hackers. From the article: 'Most in search of malware for offensive use know the good stuff — it ain't distributed through public Web ... It's distributed through dark Web servers, peer-to-peer networks, IRC channels, torrents and the like. Google's efforts will not affect how skilled hackers get access to malware.'"

24 of 135 comments (clear)

Min score:

Reason:

Sort:

Not affect how skilled hackers get malware by nurb432 · 2007-12-01 11:43 · Score: 3, Interesting

Nor should it. Google is now telling me what is moral and immoral and wanting to restrict access on their concepts of right and wrong? Who died and made them king?

Either they are a public company that should be considered a 'common carrier' or the aren't, which is it to be?

--
---- Booth was a patriot ----
1. Re:Not affect how skilled hackers get malware by webmaster404 · 2007-12-01 11:45 · Score: 3, Interesting
  
  But for the Windows user, it could cut down MASSIVLY on the ammount of malware they get.
  
  --
  There is no "disagree" moderation, and troll, flamebait and overrated are not valid substitutes
2. Re:Not affect how skilled hackers get malware by wizardforce · 2007-12-01 12:07 · Score: 5, Insightful
  
  it isn't the noobs that worry me, it's when people like you think that malware only affects the noobs and not the servers they will later attack. storm botnet ring a bell? preventing the noobs from inadvertantly joining spam botnets is in our best interests.
  
  --
  Sigs are too short to say anything truly profound so read the above post instead.
3. Re:Not affect how skilled hackers get malware by quanticle · 2007-12-01 12:08 · Score: 4, Interesting
  
  This isn't about that. Google already has a service that reports and detects sites that try to phish your personal information or try to install malware on your machine. No, this effort is to try to purge the Google index of sites that sell malware creation and deployment toolkits to black-hats. IMHO, the original poster is correct. This wouldn't make it much more difficult for script-kiddies and black-hats to get their hands on malware kits, while making it more difficult for white-hats to find information about these programs.
  
  --
  We all know what to do, but we don't know how to get re-elected once we have done it
4. Re:Not affect how skilled hackers get malware by nurb432 · 2007-12-01 12:37 · Score: 3, Interesting
  
  Personally, i feel that if they filter ONE item, EVER, then it blows the entire idea of them not being liable for future content. They really shouldn't be in the business of deciding what is ok and what isn't ok. Just report the links as is, and collect their revenue leaving it up to us to decide what is right and wrong.
  
  --
  ---- Booth was a patriot ----
5. Re:Not affect how skilled hackers get malware by maxume · 2007-12-01 12:45 · Score: 3, Insightful
  
  You are being oddly pedantic; Google returns search results in what is essentially an arbitrary order; changing that order based on the presence of malware isn't filtering, at least not anymore than the initial search result is filtering.
  
  And really, if you don't think that being able to advertise that their searches are 'safe' has the potential to effect revenue, I don't know where to start.
  
  --
  Nerd rage is the funniest rage.
6. Re:Not affect how skilled hackers get malware by maxume · 2007-12-01 13:13 · Score: 3, Insightful
  
  Google already selectively decides what it wants to let through. They call it 'Pagerank'. I've heard dirty rumors that different people get different results for the same search, and that sometimes, the number of results printed on the result page doesn't match up with the actual number of results available. Also, I've heard that they have removed stuff based on DMCA takedown notices.
  
  If you have a problem with Google doing this, you have a problem with what Google was doing yesterday.
  
  --
  Nerd rage is the funniest rage.
7. Re:Not affect how skilled hackers get malware by hedwards · 2007-12-01 13:22 · Score: 4, Interesting
  
  I will say it again, for the last time:. If they filter once, they should be liable for any future result. if they filter 'malware' results, but allow KP results, they should be put out of business. You cant selectively decide what you want to let thru then claim protection on the basis that you cant control illegal content. Why? Your argument makes abolutely no sense whatsoever. Of course they can filter one thing out, they could manually do it without any additional technolgy, by having a temp or intern manually typing in regexes. If they could be held liable for not getting all the kiddie porn off their results, they already would.
  
  Regardless of your opinion, it is far easier to remove malware than it is to remove kiddie porn. For starters identifying kiddie porn requires in many instances knowing the age of the participants, while it is reasonable to assume that a 3 or 4 year old isn't 18, when you start talking about 14 or 15 year olds, it isn't necessarily an easy determination to make in large quantities. With malware, it is relatively straightforward to determine what if anything its doing. Some adult women are the same proportions as teenage girls.
  
  The other thing is that there will always be malware, child porn and various other types of bad stuff on the net, the initiative here is to try and limit it. Google isn't going be able to stop linking to enough sites to stop it, but hopefully hit enough of them that people don't casually run into it.
8. Re:Not affect how skilled hackers get malware by darkpixel2k · 2007-12-01 13:26 · Score: 5, Insightful
  
  As a public company they can drop any search results they disagree with...
  
  I could give a shit about the windows malware that's out there. I don't run Windows and a good portion of my client base either doesn't run windows or doesn't have access to the net. But what I really wish google would fucking drop from their index is experts-exchange and tech-republic.
  
  The last damn thing I want any of my search results to return is "Hey--here's the answer you're looking for. The solution is to...[PAY US FOR A FUCKING SUBSCRIPTION PLEASE]"
  
  --
  There's no place like ::1 (I've completed my transition to IPv6)
9. Re:Not affect how skilled hackers get malware by techno-vampire · 2007-12-01 15:09 · Score: 2, Insightful
  
  Yes, we're being asked to help protect noobs who don't know any better. It's just the same as protecting children who haven't learned better, or do you object to that too?
  
  --
  Good, inexpensive web hosting
10. Re:Not affect how skilled hackers get malware by DutchSter · 2007-12-01 15:11 · Score: 3, Informative
  
  This isn't about that. Google already has a service that reports and detects sites that try to phish your personal information or try to install malware on your machine. No, this effort is to try to purge the Google index of sites that sell malware creation and deployment toolkits to black-hats. IMHO, the original poster is correct. This wouldn't make it much more difficult for script-kiddies and black-hats to get their hands on malware kits, while making it more difficult for white-hats to find information about these programs.
  
  Not to drift too far off topic but I've never been very impressed with the Google phishing site service. On the one hand they say that solicit feedback from the user community as to what is a web forgery I don't know that they ever listen. I deal with phishing sites as part of my job and I've had situations where at least 10 or 12 customers have told us that they submitted the page to Google's Web Forgery report page but it never gets flagged. The only time I've ever seen them flag a site is when one of the major anti-phishing players classifies it as such. I've done some experiments where I've watched phishing sites stay online for a while. It seems that without fail within an hour of a major vendor like Symantec announcing the forgery Google will flag it. Otherwise users can spam the Google report link for a week and it'll never get flagged.
  
  With this new service it makes me wonder if they have any plans to actually respond to user input or if the user input will be up only for good PR. Will all the accepted submissions come from professional security firms who have a vested interest in knowing about malware leaving your more casual security researcher unable to a) effectively report malware pages and b) learn about new threats once the big players have done their research and told Google to de-index the page.
  
  Now I understand that if you get a report from Symantec the credibility is very high as opposed to web-based reports from anybody who can read squiggly letters in a box, but it does make me wonder if the public submission forms are just for show so people can feel like they're doing a good thing.
11. Re:Not affect how skilled hackers get malware by SnowZero · 2007-12-01 19:01 · Score: 2, Interesting
  
  None of these keywords will show up any pictures with Google Yes they do.
I think it's about malware in use not distribution by Anonymous Coward · 2007-12-01 11:43 · Score: 5, Informative

Obviously hackers don't look for their tools on Google. But if regular people get to websites through Google's index, Google does not want them to get infected by web-borne malware.
That's not the point, you dolts! by Wog · 2007-12-01 11:45 · Score: 5, Informative

'Most in search of malware for offensive use know the good stuff -- it ain't distributed through public Web ... It's distributed through dark Web servers, peer-to-peer networks, IRC channels, torrents and the like. Google's efforts will not affect how skilled hackers get access to malware.'

I imagine the idea is that people who are making (ahem) innocent searches will not be so prone to stumble across a malicious page with the latest unpatched IE/Firefox/Whatever exploit.
The article author and submitter aren't too bright by sirwired · 2007-12-01 11:56 · Score: 4, Informative

The point of this is not to keep hackers from finding malware, it is to keep Google search users from getting infected through poisoned search results.

Duh.

SirWired
"will not affect how skilled hackers get access.." by cynicsreport · 2007-12-01 11:58 · Score: 2, Insightful

Obviously, by definition, skilled hackers can get the tools they need without google's help (or despite google's measures).
I think this is a great move by Google anyway. The hackers I find annoying are the 'script kiddies'; these kids (or immature adults) can too easily find programs that waste my bandwidth, hitting my server to find obvious holes, looking for very outdated software; in general, banging their heads against my firewall. If a 'real' hacker wants to waste his time, he could probably find some exploits even for updated and patched server software. But I know there are bigger fish to fry (ie banks, microsoft, cnn, etc).
While I do keep my software patched and updated, not everyone does. So, some kid can easily search google for a program to take advantage, without even knowing what he's doing. It's too easy; it's giving him the tools on a silver platter.

--
- Demosthenes
cynicsreport.com
Just malware? by rhizome · 2007-12-01 12:02 · Score: 3, Interesting

I'm not a religious man, but I pray for the day Google allows you to blacklist certain domains globally (for your cookie or login). Malware sites sure, but link farms and pay-forums and gopher indexes and yadda yadda clog up so much, I'm thinking this feature would be akin to a Do-Not-Call list for the web.

--
When I was a kid, we only had one Darth.
1. Re:Just malware? by nullbort · 2007-12-01 15:58 · Score: 2, Informative
  
  The CustomizeGoogle extension for Firefox allows you to blacklist sites from search results.
Re:Dear Google, by Anonymous Coward · 2007-12-01 12:03 · Score: 3, Funny

You forgot to mention, to type "free" anything, then click "I'm feeling lucky"... Boom - malware.
DTTP? by BorgCopyeditor · 2007-12-01 12:14 · Score: 4, Funny

'Most in search of malware for offensive use know the good stuff -- it ain't distributed through public Web ... It's distributed through dark Web servers
Well, then, they should just block the ports typically associated with the DarkText Transfer Protocol.

--
Shop as usual. And avoid panic buying.
don't stop with just malware by Adult+film+producer · 2007-12-01 12:22 · Score: 4, Insightful

let users flag all of those websites that only have indexes of other websites, link farms or whatever they're call... and please let me flag those "ask the expert" pages as spam.
1. Re:don't stop with just malware by AlXtreme · 2007-12-01 14:14 · Score: 2, Interesting
  
  But then Google wouldn't be able to show you all their Adwords on those websites (and the ones they link to).
  
  Why do you think Google isn't doing anything against link-farming? Because they merely have to act ignorant and rake in the cash. Vote with your feet and use a different search engine (or meta-searchengine like clusty), diversity is good.
  
  --
  This sig is intentionally left blank
Dear Google, by iminplaya · 2007-12-01 12:59 · Score: 4, Insightful

Sony, the RIAA, the MPAA, the FBI, the CIA, the NSA all produce malware. Please block access to their sites.

--
What?
Re:He appears to have misfired or gone way off cou by DaveAtFraud · 2007-12-01 13:57 · Score: 2, Informative

In my opinion, hackers are more like terrorists. They are motivated by sadism and determined at their craft.

This may have been true some time ago. The folks who create and spread malware these days are motivated by simple greed. Botnets and such are big business. So is the information harvested from unsuspecting users through key loggers. Terrorists tend to be ideologically motivated regardless of whether the ideology is religion, politics or whatever.
Change the economics of web sites hosting malware and that infect unsuspecting users and the effort will go in a different direction. Consider the expense these people went to to create false results through Google by having a bunch of fake sites set up to point to the malware host. This isn't necessarily expense in the sense of money changing hands but more likely effort that was channelled to creating the falsified results. How many bots had to be created to get Google to point to the malware web host?
Cheers,
Dave

--
They that can give up essential liberty to obtain a little temporary safety deserve neither safety nor liberty.
Ben