The Latest in IT Security

A Quick Update on Poisoned Google Image Searches


Brian Krebs had a nice post this week about the on-going plague of poisoned Google image searches, and I realized I’d been thinking about the problem quite a bit when I sat down to help my daughter with some homework earlier this week…

As an introduction, I think we first posted about this as a growing problem almost a year ago. Since then it seems to have gotten worse. For some time now, my experience has been that the Bad Guys are more successful at poisoning image searches than they are at poisoning traditional text searches — at least, it seems easier to me to find examples.

But back to my daughter’s homework.

Besides having to suffer the general indignity of having a computer nerd for a father, my kids also have to put up with being “volunteers” for testing our free-for-families Web filter, K9. (Now available at the App Store for iPods, iPads, and iPhones, BTW. I meant to blog about that at some point, but forgot…).

Anyway, I have our main family computer configured with K9 in a rather aggressive mode, mostly out of curiosity to see how it does (and how they respond). So I’m used to interruptions to “put in my password” and unblock access to sites needed for homework or amusement. (I use these occasions to attempt to teach short computer security lessons to my kids; another indignity they have gotten used to.)

This time, however, as I went to unlock access to Google image searches, I found myself thinking, “Wait a minute. This is perhaps the most dangerous activity she could be doing right now on the Web — at least in terms of malware exposure — and even though we’ve got both AV and K9 on this computer, here I am, still worried!” (Security researchers basically never have any peace of mind, I’ve decided…)

So I contented myself with explaining (since she seemed interested) how to look at the site names under each picture, and ask herself if the domain looked suspicious in some way, or if it looked like it was a relevant source for the images she was searching for (e.g., my anime/hiphop example from a few weeks ago). And I explained what the malware would probably look like, if she hit some: “If a screen pops up and says you’ve got a virus, or it’s searching your computer for a virus, come and get me.”

Well, after all that, she completed her homework and never hit any malware. (And curiously, part of me was disappointed…) 




Leave a reply



Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...



Latest Comments