Google Uses Reputation To Detect Malicious Downloads 61
CowboyRobot writes "Using data about Web sites, IP addresses and domains, researchers find that they can detect 99 percent of malicious executables downloaded by users, outperforming antivirus and URL-reputation services. The system, known as Content-Agnostic Malware Protection or CAMP, triages up to 70 percent of executable files on a user's system, sending attributes of the remaining files that are not known to be benign or malicious to an online service for analysis, according to a paper (pdf) presented at the Network and Distributed System Security Symposium (NDSS) in February. While the system uses a blacklist and whitelist on the user's computer to initially detect known good or bad files, the CAMP service utilizes a number of other characteristics, including the download URL, the Internet address of the server providing the download, the referrer URL, and any certificates attached to the download."
Google ... (Score:2, Insightful)
Google, we want to scan your computer for you too. All that other stuff we find ... you know, the personal stuff or the illegal downloads or copyrighted stuff ... we promise not to see it.
False positives? (Score:4, Insightful)
1% of false negatives is good, but how about false positives?
Re:Business karma (Score:4, Insightful)
This is the huge irony of Microsoft et al trying to create panic over Google's privacy issues; of all the large online service providers, Google is up there as one of the best in regards to reliability, privacy, etc.
But no, lets all ditch Google for Bing because of privacy issues. Everyone knows that Bing is lots better (when theyre not cooperating with the Chinese gov't).