GMail Adds Virus Protection

AxsDeny writes "Google has rolled out virus protection for it's web based email service. Apparently they are scanning incoming and outgoing messages for infected messages. Read more on their "what's new" page."

EICAR

[ditto999999999999999]

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIR US-TEST-FILE!$H+H* makes it through fine.

Is it going to...

[scenestar]

flag mp3s and archives as unsafe by default?

Re:NO!

[ZachPruckowski]

Steve Ballmer? You read slashdot? Are you by chance a masochist? That would explain everything...

Re:but what powers it?

[garcia]

This in itself is not surprising -- it's a natural step that Google had to take in order to compete with the other biggies in the business.

Of course it's not surprising. They've been blocking "bad" attachments for quite some time (and possibly since I started using it on 6/22/04).

If they were doing that (which gets rid of most viruses and non-sense) all along, I certainly wouldn't be surprised by this.

next step: gVirusFighter

[altoz]

They have gmail scanning for viruses... They have google desktop indexing the files...

Soon, they'll release a google-desktop extension that scans viruses on windows.

google really is taking over microsoft (windows)

Re:This could be a big issue

[Daniel_Staal]

Or for that matter, for virus-analysis. I know of people who email each other copies of viruses (safely marked) so that they can all examine them.

Google AV for web?!!!

[G4from128k]

What if Google create AV for the web -- filtering websites and pages that contain embedded viruses, trojans, or malware. Any website with malware, trojans, or other nasties would lose its favorable pagerank or even disappear from searches where the user has asked for "safe" pages.

Google may not be able to stop fast moving threats because they don't reanalyze pages that often (unless they offered a proxy service), but they could stop corporate-sponsored malware by advertisers and less ethical site providers.

They could also improve the security

[Matlo]

From what you read on "Linux Activist" [blogspot.com] only the login phase of email sessions is encrypted and protected from prying eyes... They could also address this kind of potential security breach instead of bothering me each time I try to send an executable...

Re:Final Straw!

[davez0r]

i use yahoo to store my viruses. it's like the computer version of the nose garden. so far i have:

  - W32.Sircam.Worm@mm
  - W32.Magistr.39921@mm
  - W32.Sobig.F@mm
  - W32.Sober.F@mm
  - W32.Netsky.P@mm
  - W32.Netsky.D@mm
  - W32.Netsky.Q@mm

anybody got some other good ones they can send me?

Deja vu

[nova_ostrich]

Not directly related, but this reminds me of my college days. I used to work at the technology help desk. It took years to get spam protection on the email accounts at the school because some crazy staff members demanded that they receive EVERY SINGLE email sent to them. Eventually, a system was set up, and it allowed a user to log into a service that showed them what spam was blocked. If the user wanted, he or she could have any message in that list delivered. Then after a week or so, a message was permanently deleted from the quarantine if not delivered.

We phone-jockeys were informed that the system had certain levels of spam probability assigned to each message, and we could tell the users that. What we couldn't mention was that spam with the highest probablility didn't even make it to the quarantine. The spam problem was just so bad that we had to get rid of some of it, but we tricked everyone into thinking that they could get everything they received.

Re:And the next obvious step - is long overdue

[NilObject]

I'll second this. One of the most commong phishing techniques I see in e-mails is the old "I can see the link text there so it must be right" scam. Something like:

Update your account here: http://ebay.com/updateAccount.html [scammer.com]

Of course, Slashdot has a nice solution (the "[scammer.com]" bit). AFAIK, no webmail services protect users against this. Apple's Mail doesn't, unfortunately, but what about the legions of less tech-savvy people?

Not a lot of common users instictively know that eBay would never send an e-mail like "Your account info must be updated NOW or else we will cancel your account" and then require name, address, credit card info, SSN, fingerprint, DNA sample, and face scan.

It seems like such a simple fix too: if the link text looks like a URL or looks like a fakey one (ex: http;\\ebay.c0m), see if it matches where the actual URL points. If they don't match, warn the user.

Re:Wrong Link

[alphakappa]

Why do you care? The spam 'folder' does not add to your alloted storage space. The messages do not appear in your inbox or your regular searches (unless you specifically search using in:spam), so why do you care whether there are 0 messages or a gazillion messages in the spam folder?

Re:So what?

[Burning1]

That's like announcing that Ford is now selling cars with anti-lock brakes and power steering. That's great and all, but I wouldn't consider that news.

It would be if this was an auto enthusiet site. The Dodge Viper getting anti-lock breaks was big news to me, being a car geek.