Poisoned Google Image Searches Becoming a Problem

← Back to Stories (view on slashdot.org)

Poisoned Google Image Searches Becoming a Problem

Posted by Soulskill on Saturday May 7, 2011 @12:15PM from the quick-search-for-the-antidote dept.

Orome1 writes "If you are a regular user of Google's image search, you might have noticed that poisoned search results have practically become a common occurrence. Google has, of course, noticed this and does its best to mark the offending links as such, but they still have trouble when it comes to cleaning up its image search results."

7 of 262 comments (clear)

Min score:

Reason:

Sort:

web 101: don't run unknown javascripts by Anonymous Coward · 2011-05-07 12:35 · Score: 4, Insightful

From TFA: "it displays another script - this time it's a JavaScript one - that redirects the browser to another compromised site that serves malware."
By 2011, it should be considered "web 101" to not run javascripts unless you have a reason TO run them. Most people seem to just run any old javascripts by default, without having the first clue what it might be doing. There can't be much debate that it's a stupid course of action, given how many people's machines are jacked by exactly that attack vector (albeit possibly using another as well).
Yeah, yeah, I know, you need javascript for your bank. That's great: whitelist your damn bank. But run only javascripts on your *whitelist*, not any thing any random yahoo from a site you've never heard of before wants you to run. Would you treat your physical possessions that way? Would you let a drug gang in eastern europe borrow your car with your permission? If not, why would you allow them to use your computer?
I swear that the reason I haven't had a malware in my entire PC using history, and others seem to have them on a weekly or monthly basis, is because I don't completely shut off my brain once the words "... on the computer" appear in a sentence.
1. Re:web 101: don't run unknown javascripts by Frosty+Piss · 2011-05-07 12:48 · Score: 4, Insightful
  
  By 2011, it should be considered "web 101" to not run javascripts unless you have a reason TO run them. Most people seem to just run any old javascripts by default...
  This is not going to happen. Many major websites, many of the highest traffic websites involve hundreds of JS scripts to make a single page function. Web 2.0 and all...
  
  The *average non-techie web surfer* is simply NOT going to turn off JS.
  
  Will not happen... So, it's not realistic or productive to waste time discussing such an option.
  
  Sad, but true.
  
  --
  If you want news from today, you have to come back tomorrow.
2. Re:web 101: don't run unknown javascripts by blindseer · 2011-05-07 12:56 · Score: 5, Insightful
  
  It's 2011, there should not be anything a Javascript can do that is harmful to your computer.
  
  --
  I am armed because I am free. I am free because I am armed.
3. Re:web 101: don't run unknown javascripts by AsmordeanX · 2011-05-07 13:14 · Score: 4, Insightful
  
  I tried running with Javascript disabled. Five years ago you could get away with it. Now so many sites, especially with jQuery being so pervasive, simply don't work with JS disabled or you get an ugly broken thing.
  I hear the claim, "Well you can run it on trusted sites". What has the site done to earn my trust? Why couldn't a malicious site appear interesting enough to prompt you to turn JS on and thus be attacked. Only a little social engineering can defeat NoScript. Whitelisted sites can become compromised as well.
4. Re:web 101: don't run unknown javascripts by Frosty+Piss · 2011-05-07 13:35 · Score: 4, Insightful
  
  They will after their machine has to be taken into the shop again for maintenance due to being infected by drive-by exploits like this.
  You might think, but there is a lot to suggest that what you suppose is not the case.
  
  The fact is, the average non-techie user values "interactive" over "secure". Those in the business of servicing PCs on the consumer level will tell you this.
  
  --
  If you want news from today, you have to come back tomorrow.
a couple add ons that help by d6 · 2011-05-07 13:05 · Score: 5, Insightful

I surf with requestpolicy and noscript up. It is utterly amazing the number of websites that can't render a page without firing scripts or loading content from 6, 8, 10 or more different domains.
If you haven't tried these, do it and be amazed at how many sites load without stylesheets, pictures etc. It's amazing how badly shit is implemented - zero thought about graceful degradation.

no script
requestpolicy
Re:Mac is vulnerable too by Teckla · 2011-05-07 13:49 · Score: 4, Insightful

It did not download and execute, it downloaded and opend the installer. Your wife would have had to go clicking through a an installer, and provided her admin credentials, in order to have installed/run something.
Sorry, I'm not a Mac expert. All I know is that it automatically downloaded something, and automatically executed something. I'm not technically knowledgeable enough about OS X to know that, even though we immediately exited the malware installer, that nothing bad could possibly have happened.
And I'm still not convinced the malware installer didn't do something bad before it popped up its first GUI window. I'm not accusing you of being a liar, but my wife uses her Mac to access our bank accounts and such. I have no choice but to nuke the site from orbit (reinstall OS X). I'd like to trust that because someone on the Internet said I'm safe and not to worry about it, that I can just plain not worry about it, but I just can't take that risk.
At the end of the day, Apple/Safari's amazingly fucked up defaults burned us good and hard. It'll take me days to fully reload and reconfigure her machine.
Thanks, Apple...