Google Highlights Trouble In Detecting Malware

JohnBert writes "Google issued a new study (PDF) on Wednesday detailing how it is becoming more difficult to identify malicious websites and attacks, with antivirus software proving to be an ineffective defense against new ones. The company's engineers analyzed four years worth of data comprising 8 million websites and 160 million web pages from its Safe Browsing service, which is an API that feeds data into Google's Chrome browser and Firefox and warns users when they hit a website loaded with malware. Google said it displays 3 million warnings of unsafe websites to 400 million users a day."

Re:And this is why smart users

[MetalliQaZ]

About the same time I saw any meaningful web development targeting that tool.

Reliance on JS

[mfh]

Javascript really is the source of the most recent problems because it can allow entry into systems and activation of malware remotely. This is why ActiveX is also bad. Developers rush into this kind of technology thinking of the payoff but not the cost.

Really though, JS is totally unnecessary so I run noscript and I don't visit sites that have a zillion JS calls to different sites. I probably could turn antivirus off and still be okay.

Re:Reliance on JS

[HarrySquatter]

and I don't visit sites that have a zillion JS calls to different sites.

Posting on Slashdot about not going to JavaScript heavy sites. *head asplodes*

A good place to vent

[AlienIntelligence]

1and1 has been a host for me for some time.

Then I got flagged by Google as having malware and I was like... wtf... I don't even actively use
those sites. So, I FTP'd in and downloaded some files, there was an injection of code in all of
my index.htm(l) and default.htm(l) files.

Now, I've had 1and1, since they came to the US. I had a plan back then that had all the goodies,
ssh access to my shell for my sites, so it was easy to administer.

Well, "because of new policies" my old service I had was changed to another... like the cell
companies moving you around on new plans. My new plan, has no ssh access.

What's worse, 1and1, refused to give me shell access so I could take care of all of those
malware files.

Let me repeat... A HOSTING PROVIDER REFUSED TO GIVE ME ACCESS TO MY OWN SITE
TO CORRECT A MALWARE ISSUE!

Nice huh?

So, like I said, since I don't really use those sites, I just deleted them all via FTP and told
1and1 to go fuck themselves. I put up what I needed that was important (after cleaning) on
an EC2 "free" instance.

-AI

Re:Antivirus "protection" racket

Yet another story hinting at the huge lie that is perpetrated on the world in the form of antivirus "protection". Like I've always said, these tools do more to undermine my PC than malware ever has. A good "secure-by-default" installation and a decent understanding of responsible Internet use is all you need. Instead, most people deal with significantly slower performance, and borderline criminal subscription tactics. Protection from new and future threats has always been and will always be a fantasy.

Not all antivirus is created equal, MSE is very lightweight on resources, and it is free - so no 'criminal subscription tactics". And it do offer additional protection. For me it has several times flagged and cleaned malware, sometimes from quite surprising sources. You can have as safe user practices you want, but that won't completely avoid accidental exposure - malware have been found even on brand new USB memory sticks in unopened shrink wrap.

It is of course not 100% protection, but that isn't really an argument against at least having some additional protection at all (even a condom isn't 100% protection, that doesn't mean it is a useless product).