Microsoft Yanks Security Site Poisoned With Porn

← Back to Stories (view on slashdot.org)

Microsoft Yanks Security Site Poisoned With Porn

Posted by Soulskill on Monday July 11, 2011 @08:47AM from the internet-is-for-porn dept.

CWmike writes "Microsoft disabled the search tool on its Safety & Security Center on Saturday after attackers poisoned results with links to pornographic URLs. The company restored the website's search field early Monday afternoon ET. Alex Eckelberry, the general manager of GFI Software's security group and CEO of Sunbelt Software, said search poisoning is not unusual — but this is different. 'This is crafty,' Eckelberry said. 'This isn't normal search poisoning. It's poisoning the results with actual searches. Users were getting back a prior search as a search result.'"

36 comments

Min score:

Reason:

Sort:

Feature by Sonny+Yatsen · 2011-07-11 08:48 · Score: 3, Funny

That's not poisoning the results. That's a feature.

--
My postings are informational and does not constitute legal advice. Act on it at your risk.
1. Re:Feature by Anonymous Coward · 2011-07-11 23:54 · Score: 0
  
  that's how google is played too. because they track searches. that's why they shouldn't do that, it leads to everyone getting the same crap results, not the results everyone is looking for. it causes the searchs to be just popularity contests instead of providing the original service which was indexing.
2. Re:Feature by Kamiza+Ikioi · 2011-07-12 00:32 · Score: 1
  
  It actually is a feature. FTA: "On Friday, Alex Eckelberry, the general manager of GFI Software's security group and the CEO of Sunbelt Software, said that searches using terms like "sex," "porn," "girl" and "streaming" on the Microsoft site were returning links to pornographic websites at or near the top of the results list."
  Well, Gee-flipping-whiz! A search tool brought up porn when someone searched for... porn! Crazy! Call me simple, but it sounds to me that some engineer did his job in delivering relevant search results, poison or not. If you search for sex and porn, odds are that those "poison" results are probably the more relevant results. I understand this is a security site, but either that means you limit it to a list of sites, or you expect open search to, well, search openly.
  This is why Bing has to copy Google results. If it didn't, they'd be going nuts over why searches for porn lead to pornography. This way, they still don't know, but they know the internets is happy with Google's strange and mysterious search code that causes pornography to show up on occasion.
  As for the poison, its obvious. This wouldn't work on Google because it would take millions of searchers to do this particular technique. I doubt many people actually use this tiny little engine, and a few dedicated people with hours to waste probably thought using it would get around a corporate firewall blocking porn links from Google or something like that. I must say, though, that's a LOT of fapping for this to add up to a poison.
  
  --
  I8-D
Poisoned? by 0racle · 2011-07-11 08:49 · Score: 0

Poisoned? Or made Better?

--
"I use a Mac because I'm just better than you are."
1. Re:Poisoned? by tekgoblin · 2011-07-11 08:50 · Score: 1
  
  1 Vote for better
  
  --
  TekGoblin
2. Re:Poisoned? by Anonymous Coward · 2011-07-11 08:57 · Score: 0
  
  I usually dont chuckle at hacks like that. But that one was semi amusing...
3. Re:Poisoned? by jhoegl · 2011-07-11 09:05 · Score: 3, Funny
  
  Depends on the porn. I dont really wanna see grandma in her panties. Do you?
4. Re:Poisoned? by Mister+Whirly · 2011-07-11 09:16 · Score: 2
  
  Your grandma or my grandma? Because your grandma is kind of hot.
  
  --
  "But this one goes to 11!"
5. Re:Poisoned? by Anonymous Coward · 2011-07-11 09:22 · Score: 0
  
  That funny? Seriously?
  Where did go all the porn offended idiots?
6. Re:Poisoned? by Anonymous Coward · 2011-07-11 09:58 · Score: 0
  
  You rather want to see her without panties, I reckon?
7. Re:Poisoned? by wisnoskij · 2011-07-11 10:04 · Score: 1
  
  I guess the question is then why did you search for her in the first place?
  "Users were getting back a prior search as a search result"
  
  --
  Troll is not a replacement for I disagree.
8. Re:Poisoned? by Anonymous Coward · 2011-07-11 12:17 · Score: 0
  
  Actually, I searched for her then used the results to poison your search for 'college girls do anything'.
9. Re:Poisoned? by Anonymous Coward · 2011-07-11 16:08 · Score: 0
  
  Poison is in everything, and nothing is without poison. The dosage makes it either a poison or a remedy.
  -- Philippus von Hohenheim (Paracelsus)
10. Re:Poisoned? by Anonymous Coward · 2011-07-11 18:23 · Score: 0
  
  Are you into necrophilia?
Bad Summary by sunderland56 · 2011-07-11 08:54 · Score: 0

Better summary "Microsoft's own security web site hacked".
1. Re:Bad Summary by Anonymous Coward · 2011-07-11 08:58 · Score: 0
  
  Any site can be hacked, you realize, it's only a matter of mitigation.
2. Re:Bad Summary by Anonymous Coward · 2011-07-11 09:09 · Score: 2, Insightful
  
  Not hacked, poisoned. The search engine's features have been manipulated in such a way to produce the results. Clever, but no hacking took place.
3. Re:Bad Summary by Anonymous Coward · 2011-07-11 23:30 · Score: 0
  
  They submitted search results from one search engine to the other, making it show up in this way, this may not even have been done intentionally but happened by accident, it does all the time, but because it's porn someone must have done it on purpose! I'd understand poisoning if these results actually showed up for security related search terms, but who would search for (as per the example) 'girl' on a security website?
Yanks by Anonymous Coward · 2011-07-11 08:55 · Score: 0

LOL
Security site? by Anonymous Coward · 2011-07-11 08:56 · Score: 1

Was it safe sex, at least?
Yank and porn in the title by Capt.DrumkenBum · 2011-07-11 08:57 · Score: 3, Funny

Well done.

--
If I were God, wouldn't I protect my churches from acts of me?
1. Re:Yank and porn in the title by VortexCortex · 2011-07-11 11:06 · Score: 2
  
  Alternate Title:
  Microsoft Security Site Poisoned With Porn; Jerked offline.
An income opportunity for MS. by crovira · 2011-07-11 09:09 · Score: 1

This is a new feature created by Balmer (who's all for looking at porn, [have you seen him dance, sweat-stained armpits and all? I feel dirty just thinking of him going around shouting "Developers",]) and his lawyers (who are going to go after the ofender's website in an effort to collect advertising fees.)

--
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
1. Re:An income opportunity for MS. by Hsien-Ko · 2011-07-11 09:29 · Score: 1
  
  When he called for "developers developers developers" he obviously meant those wombs and we clearly see that's the intent here
Stupid is an infinite resource by interkin3tic · 2011-07-11 09:11 · Score: 5, Insightful

searches using terms like "sex," "porn," "girl" and "streaming" on the Microsoft [Safety & Security Center] site were returning links to pornographic websites at or near the top of the results list
1. Put links to your porn site in MS' safety and security center search bar
2.Wait for people to search for porn in the safety and security center search bar
3.???
4. PROFIT!!!

I want to believe that this is just some automated process that searches the web for search bars and then tries to put in their own porn links. Alternatively, I want to believe that this is just a few porn marketers who are so dumb, they put links to their porn sites in a search field for MS safety and security. But I can't convince myself.

It's depressing to realize that there are actually people dumb enough to go to an antivirus website and start searching for porn.

"Dang! I musta gotten a virus! Don't know how, all I've been doing with this here computer is lookin up pictures of nekkid ladies. Well, better look for something to fix this from microsoft.... boring boring boring, I wanna see nekkid ladies! OOH! PORN!!"
1. Re:Stupid is an infinite resource by Anonymous Coward · 2011-07-11 10:40 · Score: 1
  
  Never underestimate the number of ways people search for pr0n. At our large search engine site, we hear from people who maintain the help center site that pr0n terms predominate the search log.
2. Re:Stupid is an infinite resource by blair1q · 2011-07-11 11:18 · Score: 1
  
  You'd think a search engine attuned to a particular data set would not allow itself to prioritize results outside that data set.
  But then, Microsoft is a company based on selling shit as shinola, so putting a "security search" facade on a basic web search tool should be a no-brainer for them.
Huh? by biodata · 2011-07-11 10:00 · Score: 2

I'm probably being stupid but if someone puts in a search like 'sex girl porn streaming' in some kind of search engine, how is it bad when the site returns pron links?

--
Korma: Good
1. Re:Huh? by treeves · 2011-07-11 13:23 · Score: 1
  
  As a for instance, it would be bad if you searched for porn on Saturday, then on Monday at work, when you search for stainless steel widgets, you get search results full of porn links.
  
  --
  ...the future crusty old bastards are already drinking the Kool-Aid.
Re:LOL by hairyfeet · 2011-07-11 11:36 · Score: 1

Actually if it is like there MSE it is since....well never since they bought out Giant which made a decent antimalware package and just rebranded it. I actually thought that was a smart idea, as simply throwing more money at a problem rarely if ever works so it is better just to hire someone who knows how to do what you need done.
Of course the danger to that theory is the Symantec "OMFG how much shit they gonna pile on this thing?" school of jamming everything you buy into a giant "suite' of poorly related crap, but from what I've seen MSE is pretty much just antimalware and that's it. Meh I think Avast Free is better anyway.
As for TFA search results got poisoned, big whoop. With the Anons and LULSec types running amok I'm sure this happens hundred of times a day and it would have even made idle if it was Bob's insurance company or John's house o' security, but in this case it was MSFT who probably farmed it out and got bit by badly coded website design. Surprise surprise.
Considering that since the sweaty monkey took over they have been flinging poo at the wall in the hopes something sticks (Zune,Kin, no real mobile strategy) and hitting themselves in the face more often than not (killing the market they had built up with PlaysForSure with the lame ZunePass) fuckups like this frankly should not be a surprise to anyone. The only real hits they've had since Ballmer is the X360 which they got lucky in that the PS3 screwed their price point with Cell and Blu Ray, not to mention having Halo and Gears to sell the x360 to fratboys, and Win 7 which from what I understand was done by the office guys without Ballmer meddling after the grand suckfest that was Vista.

--
ACs don't waste your time replying, your posts are never seen by me.
this is not clear! by Anonymous Coward · 2011-07-11 22:41 · Score: 0

'This isn't normal search poisoning. It's poisoning the results with actual searches. Users were getting back a prior search as a search result.'
If the code he writes is as clear as this, Microsoft is a hell to work at.
Don't even mention about his documentation.
1. Re:this is not clear! by MichaelSmith · 2011-07-12 00:19 · Score: 1
  
  Wasnt't there an article recently about the bing search database being built by internet explorer capturing the input and output of google searches? Knowing that a person could do a lot of damage...
  
  --
  http://michaelsmith.id.au
Best thing MS did was issue a challenge by Anonymous Coward · 2011-07-12 01:45 · Score: 0

http://it.slashdot.org/comments.pl?sid=2306598&cid=36701800
That others noted there in that exchange!
Plus, Microsoft's NOT going to get "suckered" by DoS, OR DDoS either as others have by LulzSec &/or Anonymous either:
http://www.networkworld.com/community/blog/microsoft-were-not-vulnerable-ddos-attacks
Simply because they "overbuilt their network" just as AMAZON has:
http://tech.slashdot.org/story/10/12/14/1851240/Why-Anonymous-Cant-Take-Down-Amazoncom
+ monitor it... & then turn it aside, accordingly!
(Thus, MS can see it coming a MILE away & compensate (by blocking the sources of attack @ the perimeter in firewalls, + even a botnet C&C server or bogus DNS server via DNSBL or even possibly HOSTS files))...
There's also a setting in modern MS IP stacks (BSD derived no less, best in the business) of:
SynAttackProtect
That helps mitigate DDoS attacks!
(That setting works in conjunction-combination with others parameters that set the "look aside/reject" amounts as the network admin sees fit too (they don't note that in the article above)).
APK
P.S.=> Like I said in my 1st link above? MS is performing LITERALLY, the BEST TEST there is, better than "pen testing" too!
(& THAT, is challenging hacker/cracker egos, to have THEM point out ANY POSSIBLE HASSLES IN YOUR NETWORK SECURITY (I did the same on IRC, decades ago circa 1994-2001 or thereabouts adminning the "Official Windows Help Channel" endorsed by no other/no less than K. Mardem Bey (creator of MIRC) himself!))...
... apk
Should read . . . by lastx33 · 2011-07-12 11:44 · Score: 1

Yanks withdraw porn site poisoned by Microsoft.

--
"You can lead a horse to water but a pencil must be lead!" - Stan Laurel
On a guess? TODAY would be the day to by Anonymous Coward · 2011-07-12 14:23 · Score: 0

TRY do a DDoS on MS... why? It's Microsoft "Patch Tuesday", every 2nd Tuesday of the month... Because, that way??
Well - Any hacker/cracker's attempts @ doing DDoS would be amplified by the sheer # of people TRYING to get Windows updates as is, manually OR via Automatic Updates itself.
(Just a thought... not saying it's the right thing to do, but... perhaps a "bright-side" of it would be to TEST MS' claims & they might even appreciate it themselves, though I doubt it!)
APK
P.S.=> Not trying to give the likes of LulzSec, or Anonymous any ideas, or any like them (such as AntiSec either), but, that's how I'd do it... that would, probably FOR SURE, stress even MS' massive network setup, overbuilt as they are (like AMAZON's, with much excess capacity probably on fiber & OC3/OC12 setups & Full T1 @ a mininum), plus the SynAttackProtect setting in MS' BSD derived IP stack...
... apk