Software Turns Google into a Virus Scanner

Kfleming writes "Websense, a security vendor, has developed software that uses a binary search feature built into Google to hunt down malware. Using this technique researchers at Websense have uncovered over 2,000 websites hosting malware, and are also able to detect legitimate sites that have been hacked. Could this binary search feature also be used to exploit Google and trick users into downloading malware?"

Re:For his next project...

[gatzke]

And then use google to automatically find highly rated comments from the previous dupe and post them automagically to karma whore on /.

Speaking of automatic, could someone develop coordinated automatic scripts to take over digg? If they vote on front page stories, how many zombie clients would it take to push your stupid story or slashvertisement to their page or maybe make a couple stories dupe or trupe. I think I read they do have some sort of uber editor that does promote and kill stories, so it is not total control...

Re:Malware

[jabberwock]

... and if a frog had wings, he wouldn't whomp his ass every time he jumped.

You're right, of course. But it's not so much "can't be bothered." Most users with an out-of-the box computer know of no reason to have a password other than for LOCAL security.

Manufacturers and/or MS could force the issue. But I've never heard that proposed anywhere. With wireless routers (another example) I've at least heard it *suggested* that units be shipped with software that forces a password change, or with some (simple?) security.

But there would be all those calls to India ...

-jeff
http://www.beautyfromafar.com/ [beautyfromafar.com]

Re:"Binary search" ?!

[jc42]

[I]t is also confusing that they use "binary search" to mean "searching inside binary files", and not binary search in its usual sense.

Come now, my good fellow; surely you don't expect computer people to start to honor precedence in their terminology. Why, that would be, uh, I think the word is "unprecedented".

We computer geeks have a long tradition of taking someone else's terminology and recycling it with meanings at odds with the earlier use. And in this case, the writer(s) probably thought they were inventing a new phrase. Chances are that they've never heard of binary trees, much less anything to do with using them for sorting and searching.

Note to the editors

[Spackler]

Actually, a question:

Editors: Do you read Slashdot?

Sure, its flamebait, but this is a joke sometimes.

Re:the real story is ..

[budgenator]

Websense has stated they do not plan to make the code public at this time and only plan to share it with a select group of researchers

ok so if I

1. set up a honeypot account at yahoo and get a bunch of spam in it,
2. scan it for viruses, if viral save a copy on a linux box,
3. look at it with a hex editor and pick out some ascii strings,
4. google the web for the strings inside the virus,

then appearently I'm using some uber-secret technic that only the elite security professionals should know.

OK so here is now the $25,000.00 question,
Given that google crawls the web, and it crawls the web by following publicly visable links, wouldn't how the google spiders got to the viral binary through the links, be much more interesting than the fact that the virus was there?

If you have a website, how hard would it be to write a perl script that crawls the site via the FTP, fingerprints the files, remembers which files have changed and feeds any files that did through clamAV; seems pretty simple to me.