Inside Google's Anti-Malware Operation

Trailrunner7 writes "A Google malware researcher gave a rare peek inside the company's massive anti-malware and anti-phishing efforts at the SecTor conference here, and the data the company has gathered shows that the attackers who make it their business to infect sites and exploit users are adapting their tactics very quickly and creatively to combat the efforts of Google and others. While Google is still a relative newcomer to the public security scene, the company has deployed a number of services and technologies recently that are designed to identify phishing sites, as well as sites serving malware, and prevent users from finding them. The tools include the Google SafeBrowsing API and a handful of services that are available to help site owners and network administrators find and eliminate malware and the attendant bugs from their sites. Fabrice Jaubert, of Google's anti-malware team, said the company has had good luck identifying and weeding out malicious sites of late. Still, as much as 1.5 percent of all search result pages on Google include links to at least one malware-distribution site, he said."

Re:Fighting malware doesn't have to complicated

[hairyfeet]

Did you ever think that maybe, juuust maybe, there is a reason why despite the fact you give your "solution" away NO big box retailers touch it and home users have voted time and time again NOT to switch to it? Like the fact that you refuse to listen to them and give them what they want, an all GUI all the time, simple and easy peasy UI with lots of hand holding and wizards, you insist they "embrace the power of CLI" like it is the fricking force and try to force them into a Unix centric CLI heavy environment?

Or that with your "solution" you get to enjoy the "fun" of 6 month upgrades, where one bug is fixed and three introduced, where instead of a simple update driver or find driver button one gets to try to navigate a maze of forums which Deity help you if you don't know the EXACT name make and model of whatever you need a driver for or you're boned? Where on those same forums the answer to damned near EVERY question starts with "open up bash and type" even though users have voted overwhelmingly that CLI is a giant DO NOT WANT?

The developers of Linux decided long ago they like things the way they are, the world could do it their way or go jump. Well the world will NEVER embrace the CLI, it is over, they have spoken. This is why a user can go the entire lifecycle of a Windows or OSX and NEVER see a CLI, because unlike the Linux developers Apple and MSFT have decided to give the people what they want instead of trying to force them to go a completely different direction. finally as further proof I give you Android, pretty much the only consumer Linux moving serious numbers, which by default has NO CLI and is top to bottom a GUI only solution. Give the people what they want or someone else will.

Oh and BTW Windows 7 actually got rid of run as Admin and the security is quite good, and without the user needing ANY CLI. I'm sure their "unppatched Windows VMs" are WinXP RTM or SP1 with IE6. which comparing that to the modern Windows is about as fair as comparing the first release of Slax to modern Ubuntu. Funny though that MSFT still supports a decade old OS with patches. Is there ANY Linux that does the same?